This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-02T02:35:16+00:00 www.secnews.physaphae.fr Security Affairs - Blog Secu California-based Resecurity has identified a new spike of underground services enabling bad actors to generate deepfakes. According to cybersecurity experts, this may be used for political propaganda, foreign influence activity, disinformation, scams, and fraud.  Introduced by Canadian researchers to the public in 2014, Generative Adversarial Networks (GANs), typically imitate people's faces, speech, and unique facial […] ]]> 2022-10-11T07:29:37+00:00 https://securityaffairs.co/wordpress/136927/cyber-crime/deepfakes-services-cybercrime.html www.secnews.physaphae.fr/article.php?IdArticle=7388862 False None None None Security Affairs - Blog Secu 2022-10-11T07:08:59+00:00 https://securityaffairs.co/wordpress/136915/data-breach/toyota-motor-corporation-data-leak.html www.secnews.physaphae.fr/article.php?IdArticle=7388863 True None None None Security Affairs - Blog Secu Fortinet has confirmed that the recently disclosed critical authentication bypass issue (CVE-2022-40684) is being exploited in the wild. Last week, Fortinet addressed a critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. An attacker can exploit the vulnerability to log into vulnerable devices. “An authentication bypass using an alternate […] ]]> 2022-10-10T20:47:43+00:00 https://securityaffairs.co/wordpress/136905/breaking-news/cve-2022-40684-fortinet-products-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=7385236 True Vulnerability None None Security Affairs - Blog Secu The pro-Russia hacktivist group ‘KillNet’ is behind massive DDoS attacks that hit websites of several major airports in the US. The pro-Russia hacktivist group ‘KillNet‘ is claiming responsibility for massive distributed denial-of-service (DDoS) attacks against the websites of several major airports in the US. The DDoS attacks have taken the websites offline, users were not […] ]]> 2022-10-10T15:20:40+00:00 https://securityaffairs.co/wordpress/136894/hacktivism/killnet-targets-us-airports.html www.secnews.physaphae.fr/article.php?IdArticle=7383570 False None None None Security Affairs - Blog Secu The German Interior Minister wants to dismiss the head of the Federal Cyber Security Authority (BSI), Arne Schoenbohm, due to possible contacts with Russian security services. German Interior Minister Nancy Faeser wants to dismiss the head of the Federal Cyber Security Authority (BSI), Arne Schoenbohm, due to possible contact with people involved with Russian security […] ]]> 2022-10-10T13:10:18+00:00 https://securityaffairs.co/wordpress/136883/intelligence/bsi-faces-dismissal-due-russia-contacts.html www.secnews.physaphae.fr/article.php?IdArticle=7382714 False None None None Security Affairs - Blog Secu BidenCash, a popular dark web carding site, released a dump of more than 1.2 million credit cards to promote its service. Operators behind the popular dark web carding market ‘BidenCash’ have released a dump of 1,221,551 credit cards to promote their underground payment card shop. Multiple security firms, noticed the promotional activity, but the news […] ]]> 2022-10-10T08:24:02+00:00 https://securityaffairs.co/wordpress/136872/cyber-crime/bidencash-carding-site-leak.html www.secnews.physaphae.fr/article.php?IdArticle=7380625 False None None None Security Affairs - Blog Secu Threat actors got to a database with over 152,000 customer records before its owner, the Turkish branch of Harvard Business Review, closed it. Crooks left a ransom note, threatening to leak the data and inform authorities of the EU's General Data Protection Regulation (GDPR) violations. Original Post published on CyberNews A recent discovery by the […] ]]> 2022-10-10T04:53:55+00:00 https://securityaffairs.co/wordpress/136860/cyber-crime/harvard-business-publishing-licensee-hit-by-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=7378450 False Ransomware None None Security Affairs - Blog Secu Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd. In March 2022, the Everest ransomware operators published a notice announcing the sale of “South Africa Electricity company’s root access” for $125,000. Eskom transforms inputs from the natural environment – coal, nuclear, fuel, diesel, water, and wind – into more […] ]]> 2022-10-09T17:08:08+00:00 https://securityaffairs.co/wordpress/136866/cyber-crime/south-africa-eskom-everest-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=7371250 False Ransomware None None Security Affairs - Blog Secu CommonSpirit, one of the largest hospital chains in the US, suffered a ransomware cyberattack that impacted its operations. Common Spirit, one of the largest hospital chains in the US, this week suffered a ransomware cyberattack that caused severe inconvenience to the facilities and to patients The alleged security breach led to delayed surgeries, hold-ups in […] ]]> 2022-10-09T12:23:22+00:00 https://securityaffairs.co/wordpress/136843/cyber-crime/commonspirit-ransomware-attack.html www.secnews.physaphae.fr/article.php?IdArticle=7367930 False Ransomware None 2.0000000000000000 Security Affairs - Blog Secu 2022-10-09T08:24:47+00:00 https://securityaffairs.co/wordpress/136834/security/lloyds-of-london-cyberattack.html www.secnews.physaphae.fr/article.php?IdArticle=7365237 False None None None Security Affairs - Blog Secu The BlackByte ransomware operators are leveraging a flaw in a legitimate Windows driver to bypass security solutions. Researchers from Sophos warn that BlackByte ransomware operators are using a bring your own vulnerable driver (BYOVD) attack to bypass security products. In BYOVD attacks, threat actors abuse vulnerabilities in legitimate, signed drivers, on which security products rely, […] ]]> 2022-10-08T16:23:28+00:00 https://securityaffairs.co/wordpress/136816/malware/blackbyte-ransomware-byovd-attack.html www.secnews.physaphae.fr/article.php?IdArticle=7353726 False Ransomware,Threat None None Security Affairs - Blog Secu Threat actors are exploiting an unpatched severe remote code execution vulnerability in the Zimbra collaboration platform. Researchers from Rapid7 are warning of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352, in the Zimbra Collaboration Suite. Rapid7 has published technical details, including a proof-of-concept (PoC) code and indicators of compromise (IoCs) regarding […] ]]> 2022-10-08T13:17:46+00:00 https://securityaffairs.co/wordpress/136800/hacking/zimbra-collaboration-suite-rce.html www.secnews.physaphae.fr/article.php?IdArticle=7351546 False Vulnerability None None Security Affairs - Blog Secu VMware this week addressed a severe vulnerability in vCenter Server that could lead to arbitrary code execution. VMware on Thursday released security patches to address a code execution vulnerability, tracked as CVE-2022-31680 (CVSS score of 7.2), in vCenter Server. The security issue is an unsafe deserialization vulnerability that resides in the platform services controller (PSC). […] ]]> 2022-10-07T22:03:12+00:00 https://securityaffairs.co/wordpress/136791/security/vmware-vcenter-server-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=7339658 False Vulnerability,Guideline None None Security Affairs - Blog Secu Fortinet addressed a critical authentication bypass vulnerability that impacted FortiGate firewalls and FortiProxy web proxies. Fortinet addressed a critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. An attacker can exploit the vulnerability to log into vulnerable devices. “An authentication bypass using an alternate path or channel [CWE-88] in […] ]]> 2022-10-07T14:37:59+00:00 https://securityaffairs.co/wordpress/136786/security/fortinet-critical-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=7334778 False Vulnerability None None Security Affairs - Blog Secu Threat actors have stolen 2 million Binance Coins (BNB), worth $566 million, from the popular Binance Bridge. Hackers have reportedly stolen $566 million worth of Binance Coins (BNB) from the Binance Bridge. It seems that threat actors were able to exploit an issue with the bridge, the attack took place at 2:30 PM EST today. […] ]]> 2022-10-07T09:16:50+00:00 https://securityaffairs.co/wordpress/136779/cyber-crime/hackers-stole-binance-funds.html www.secnews.physaphae.fr/article.php?IdArticle=7331497 False Threat None None Security Affairs - Blog Secu Researchers linked the threat actor behind the Eternity malware-as-a-service (MaaS) to a new malware strain called LilithBot. Zscaler researchers linked a recently discovered sample of a new malware called LilithBot to the Eternity group (aka EternityTeam; Eternity Project). The Eternity group operates a homonymous malware-as-a-service (MaaS), it is linked to the Russian “Jester Group,” which is […] ]]> 2022-10-07T05:02:45+00:00 https://securityaffairs.co/wordpress/136764/breaking-news/lilithbot-malware-eternity-group.html www.secnews.physaphae.fr/article.php?IdArticle=7328289 False Malware,Threat None None Security Affairs - Blog Secu A bug in Linux Kernel 5.19.12 that was released at the end of September 2022 can potentially damage the displays of Intel laptops. Linux users reported the displays of their Intel laptops rapidly blinking, flickering, and showing white flashes after upgrading to Linux kernel version 5.19.12. Linux expert Ville Syrjäl pointed out that the anomalous […] ]]> 2022-10-06T21:14:34+00:00 https://securityaffairs.co/wordpress/136751/security/linux-kernel-5-19-12-bug.html www.secnews.physaphae.fr/article.php?IdArticle=7323833 False None None None Security Affairs - Blog Secu Cisco fixed high-severity flaws in some of its networking and communications products, including Enterprise NFV, Expressway and TelePresence. Cisco announced it has addressed high-severity vulnerabilities affecting some of its networking and communications products, including Enterprise NFV, Expressway and TelePresence. “Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series Software […] ]]> 2022-10-06T14:19:11+00:00 https://securityaffairs.co/wordpress/136743/security/cisco-communications-networking-products.html www.secnews.physaphae.fr/article.php?IdArticle=7320014 False None None None Security Affairs - Blog Secu The City of Tucson, Arizona disclosed a data breach, the incident was discovered in May 2022 and impacted 123,500 individuals. The security breach was discovered at the end of May 2022 and concluded the investigation in September. According to the notification letter sample provided to the Maine Attorney General's Office, over 123,500 were impacted have been impacted […] ]]> 2022-10-06T13:18:28+00:00 https://securityaffairs.co/wordpress/136735/data-breach/city-of-tucson-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7319485 False Data Breach None None Security Affairs - Blog Secu The Australian Federal Police (AFP) arrested a 19-year-old teen from Sydney for attempting to use data from the Optus data breach in SMS scams. The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting to use data leaked after the Optus data breach in a fraudulent scheme aimed at extorting […] ]]> 2022-10-06T10:59:08+00:00 https://securityaffairs.co/wordpress/136725/cyber-crime/optus-arrested-scam.html www.secnews.physaphae.fr/article.php?IdArticle=7317881 False Data Breach None None Security Affairs - Blog Secu Researchers at cybersecurity firm Resecurity spotted a new group of hacktivists targeting financial institutions in Egypt, Resecurity, a California-based cybersecurity company protecting Fortune 500 corporations globally, has noticed a new group of hacktivists targeting financial institutions in Egypt. The bad actors go under the campaign “EG Leaks” (also known as “Egypt Leaks”), they started leaking […] ]]> 2022-10-06T08:23:50+00:00 https://securityaffairs.co/wordpress/136720/hacktivism/egypt-leaks-financial-data.html www.secnews.physaphae.fr/article.php?IdArticle=7316825 False None None None Security Affairs - Blog Secu Avast released a free decryptor for variants of the Hades ransomware tracked as ‘MafiaWare666’, ‘Jcrypt’, ‘RIP Lmao’, and ‘BrutusptCrypt,’ . Avast has released a decryptor for variants of the Hades ransomware known as ‘MafiaWare666’, ‘Jcrypt’, ‘RIP Lmao’, and ‘BrutusptCrypt,’ which can allow the victims of these ransomware strains to recover their files without paying the […] ]]> 2022-10-05T22:19:55+00:00 https://securityaffairs.co/wordpress/136710/malware/hades-ransomware-decryptor.html www.secnews.physaphae.fr/article.php?IdArticle=7311669 False Ransomware None None Security Affairs - Blog Secu Hundreds of Microsoft SQL servers all over the world have been infected with a new piece of malware tracked as Maggie. Security researchers Johann Aydinbas and Axel Wauer from the DCSO CyTec have spotted a new piece of malware, named Maggie, that has already infected over 250 Microsoft SQL servers worldwide. Most of the infected instances […] ]]> 2022-10-05T20:21:06+00:00 https://securityaffairs.co/wordpress/136693/cyber-crime/maggie-malware-microsoft-sql-server.html www.secnews.physaphae.fr/article.php?IdArticle=7310633 False Malware None None Security Affairs - Blog Secu Bad news for the Australian telecommunications industry, the largest company in the country Telstra suffered a data breach. Australia’s largest telecommunications company Telstra disclosed a data breach through a third-party supplier. The company pointed out that its systems have not been breached, the security breach impacted a third-party supplier that previously provided a now-obsolete Telstra […] ]]> 2022-10-05T14:58:33+00:00 https://securityaffairs.co/wordpress/136683/hacking/telstra-third-party-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7307521 False Data Breach None None Security Affairs - Blog Secu OnionPoison: researchers reported that an infected Tor Browser installer has been distributed through a popular YouTube channel. Kaspersky researchers discovered that a trojanized version of a Windows installer for the Tor Browser has been distributed through a popular Chinese-language YouTube channel. The campaign, named OnionPoison, targeted users located in China, where the Tor Browser website […] ]]> 2022-10-05T06:25:44+00:00 https://securityaffairs.co/wordpress/136654/malware/onionpoison-tor-browser-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=7303468 True None None None Security Affairs - Blog Secu Experts disclosed a flaw in the PHP software package repository Packagist that could have been exploited to carry out supply chain attacks. SonarSource Researchers disclosed details about a now-fixed vulnerability (CVE-2022-24828) in PHP software package repository Packagist,, that could have been exploited to carry out supply chain attacks. The issue was addressed within hours by […] ]]> 2022-10-04T20:19:23+00:00 https://securityaffairs.co/wordpress/136638/hacking/packagist-supply-chain-attack-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=7298794 False Vulnerability None None Security Affairs - Blog Secu North Korea-linked Lazarus APT has been spotted deploying a Windows rootkit by taking advantage of an exploit in a Dell firmware driver. The North Korea-backed Lazarus Group has been observed deploying a Windows rootkit by relying on exploit in a Dell firmware driver dbutil_2_3.sys, ESET researchers warn. The discovery was made by ESET researchers while […] ]]> 2022-10-04T15:02:16+00:00 https://securityaffairs.co/wordpress/136623/apt/lazarus-exploit-dell-firmware-driver.html www.secnews.physaphae.fr/article.php?IdArticle=7296096 False Medical APT 38 None Security Affairs - Blog Secu Researchers link recently discovered Linux ransomware Cheerscrypt to the China-linked cyberespionage group DEV-0401. Researchers at cybersecurity firm Sygnia attributed the recently discovered Linux ransomware Cheerscrypt to the China-linked cyber espionage group Bronze Starlight (aka DEV-0401, APT10) Bronze Starlight, has been active since mid-2021, in June researchers from Secureworks reported that the APT group is deploying […] ]]> 2022-10-04T07:05:05+00:00 https://securityaffairs.co/wordpress/136611/malware/apt10-cheerscrypt-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=7293585 False Ransomware APT 10 None Security Affairs - Blog Secu The mitigation shared by Microsoft for the two recently disclosed Exchange zero-day vulnerabilities can be bypassed, expert warns. Last week, Microsoft confirmed that two zero-day vulnerabilities in Microsoft Exchange recently disclosed by researchers at cybersecurity firm GTSC are being actively exploited in the wild. The first flaw, tracked as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) issue. […] ]]> 2022-10-04T06:40:34+00:00 https://securityaffairs.co/wordpress/136596/hacking/microsoft-exchange-0day-mitigations-bypass.html www.secnews.physaphae.fr/article.php?IdArticle=7293353 True None None None Security Affairs - Blog Secu A threat actor used a trojanized installer for the Comm100 Live Chat application to distribute a JavaScript backdoor. Cybersecurity firm CrowdStrike disclosed details of a supply chain attack that involved the use of a trojanized installer for the Comm100 Live Chat application to distribute a JavaScript backdoor. Comm100 is a provider of customer service and communication products […] ]]> 2022-10-03T19:29:51+00:00 https://securityaffairs.co/wordpress/136582/hacking/comm100-supply-chain-attack.html www.secnews.physaphae.fr/article.php?IdArticle=7290680 False Threat None None Security Affairs - Blog Secu The Italian luxury sports car manufacturer Ferrari confirmed the availability of internal documents online, but said it has no evidence of cyber attack. Documents belonging to the Italian luxury sports car manufacturer Ferrari are circulating online, the company confirmed their authenticity stating it is not aware of cyber attacks. Ferrari is investigating the leak of the […] ]]> 2022-10-03T15:23:08+00:00 https://securityaffairs.co/wordpress/136571/data-breach/ferrari-alleged-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7288668 False None None None Security Affairs - Blog Secu 2022-10-03T13:21:50+00:00 https://securityaffairs.co/wordpress/136558/intelligence/finnish-intelligence-russia-cyberespionage.html www.secnews.physaphae.fr/article.php?IdArticle=7287645 False Threat None None Security Affairs - Blog Secu Trustwave researchers discovered two XSS flaws in Canon Medical 's Vitrea View tool that could expose patient information. During a penetration test, Trustwave Spiderlabs' researchers discovered two reflected cross-site scripting (XSS) vulnerabilities, collectively as CVE-2022-37461, in third-party software for Canon Medical's Vitrea View. The Vitrea View tool allows viewing and securely share medical images through […] ]]> 2022-10-03T06:40:23+00:00 https://securityaffairs.co/wordpress/136545/hacking/canon-medical-vitrea-view-xss.html www.secnews.physaphae.fr/article.php?IdArticle=7284834 False Tool None None Security Affairs - Blog Secu Another US defense contractor suffered a data breach, the BlackCat ransomware gang claims to have hacked NJVC. The ALPHV/BlackCat ransomware gang claims to have breached the IT firm NJVC, which supports the federal government and the United States Department of Defense. The company supports intelligence, defense, and geospatial organizations. The company has more than 1,200 employees in locations worldwide.  BlackCat added NJVC to […] ]]> 2022-10-02T15:58:56+00:00 https://securityaffairs.co/wordpress/136537/cyber-crime/njvc-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7272374 False Ransomware None None Security Affairs - Blog Secu German police arrested one individual suspected of having stolen €4 million from users via large-scale phishing campaigns. Germany’s Bundeskriminalamt (BKA) arrested an individual (24) suspected of having stolen €4,000,000 from internet users via phishing attacks along with a two accomplices who are suspected. The phishing campaigns were conducted between October 3, 2020, and May 29, […] ]]> 2022-10-02T08:41:57+00:00 https://securityaffairs.co/wordpress/136519/cyber-crime/phishing-attacks-gang-arrest.html www.secnews.physaphae.fr/article.php?IdArticle=7266376 False None None None Security Affairs - Blog Secu CISA added a recently disclosed flaw in Atlassian Bitbucket Server, tracked as CVE-2022-36804, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week added a recently disclosed critical vulnerability in Atlassian’s Bitbucket Server and Data Center to its  Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant […] ]]> 2022-10-01T17:02:02+00:00 https://securityaffairs.co/wordpress/136514/security/atlassian-bitbucket-flaw-known-exploited-vulnerabilities-catalog.html www.secnews.physaphae.fr/article.php?IdArticle=7251281 True Vulnerability None None Security Affairs - Blog Secu A hacker group called Guacamaya stole classified government information from multiple military and government agencies across several Latin American countries. Among the data stolen by a group of hackers called Guacamaya (macaw in Spanish) there was a huge trove of emails from Mexico's Defense Department, which shed the light on the poor resilience of the […] ]]> 2022-10-01T16:06:11+00:00 https://securityaffairs.co/wordpress/136497/data-breach/guacamaya-hacked-latam-countries.html www.secnews.physaphae.fr/article.php?IdArticle=7250308 False None None None Security Affairs - Blog Secu The Shangri-La hotel group disclosed a data breach, a database containing the personal information of its customers was compromised. The Shangri-La hotel group disclosed a data breach, threat actors had access to a database containing the personal information of customers at eight of its Asian properties between May and July. The incident impacted hotels in […] ]]> 2022-10-01T12:52:00+00:00 https://securityaffairs.co/wordpress/136489/data-breach/shangri-la-security-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7247377 False Threat None None Security Affairs - Blog Secu A cyberespionage group, tracked as Witchetty, used steganography to hide a previously undocumented backdoor in a Windows logo. Broadcom’s Symantec Threat Hunter Team observed a threat actor, tracked as Witchetty, using steganography to hide a previously undocumented backdoor in a Windows logo. The group used the backdoor in attacks against Middle Eastern governments. The cyber […] ]]> 2022-09-30T22:14:03+00:00 https://securityaffairs.co/wordpress/136477/apt/witchetty-apt-steganography.html www.secnews.physaphae.fr/article.php?IdArticle=7233497 False Threat None None Security Affairs - Blog Secu The US Department of Defense (DoD) shared the results of the Hack US bug bounty program that took place in July. On July 4, 2022, the US Department of Defense (DoD) and HackerOne started the Hack US, a one-week bug bounty challenge, which is considered part of DoD's vulnerability disclosure program (VDP). The challenge was launched Chief […] ]]> 2022-09-30T15:44:10+00:00 https://securityaffairs.co/wordpress/136462/hacking/dod-hack-us-results.html www.secnews.physaphae.fr/article.php?IdArticle=7226736 False Hack,Vulnerability None None Security Affairs - Blog Secu Microsoft confirmed that two recently disclosed zero-day flaws in Microsoft Exchange are being actively exploited in the wild. Microsoft confirmed that two zero-day vulnerabilities in Microsoft Exchange recently disclosed by researchers at cybersecurity firm GTSC are being actively exploited in the wild. The IT giant has promptly started the investigation into the two zero-day vulnerabilities […] ]]> 2022-09-30T10:18:05+00:00 https://securityaffairs.co/wordpress/136447/hacking/microsoft-exchange-zero-day-3.html www.secnews.physaphae.fr/article.php?IdArticle=7221958 False None None None Security Affairs - Blog Secu Security researchers are warning of a new Microsoft Exchange zero-day that are being exploited by malicious actors in the wild. Cybersecurity firm GTSC discovered two Microsoft Exchange zero-day vulnerabilities that are under active exploitation in attacks in the wild. Both flaws were discovered by the researchers as part of an incident response activity in August […] ]]> 2022-09-30T07:25:07+00:00 https://securityaffairs.co/wordpress/136433/hacking/microsoft-exchange-zero-day-2.html www.secnews.physaphae.fr/article.php?IdArticle=7219178 False None None None Security Affairs - Blog Secu Researchers from Mandiant have discovered a novel malware persistence technique within VMware ESXi Hypervisors. Mandiant detailed a novel technique used by malware authors to achieve administrative access within VMware ESXi Hypervisors and take over vCenter servers and virtual machines for Windows and Linux to perform the following actions: Send commands to the hypervisor that will […] ]]> 2022-09-30T05:17:30+00:00 https://securityaffairs.co/wordpress/136408/hacking/vmware-esxi-hypervisors-malware.html www.secnews.physaphae.fr/article.php?IdArticle=7217278 False Malware None None Security Affairs - Blog Secu Several hacker groups are assisting protestors in Iran using Telegram, Signal and other tools to bypass government censorship. Check Point Research (CPR) observed multiple hacker groups using Telegram, Signal and the darkweb to support protestors in Iran in bypassing regime censorship. The hackers are sharing tools and tips to bypass censorship, including opening VPN servers, […] ]]> 2022-09-29T14:00:55+00:00 https://securityaffairs.co/wordpress/136404/hacktivism/iran-hacktivists-groups.html www.secnews.physaphae.fr/article.php?IdArticle=7202080 False None None None Security Affairs - Blog Secu The Brute Ratel post-exploitation toolkit has been cracked and now is available in the underground hacking and cybercrime communities. Threat actors have cracked the Brute Ratel C4 (BRC4) post-exploitation toolkit and leaked it for free in the cybercrime underground. The availability of the cracked version of the tool was first reported by the cybersecurity researcher Will […] ]]> 2022-09-29T09:54:56+00:00 https://securityaffairs.co/wordpress/136395/cyber-crime/brute-ratel-cracked-copy.html www.secnews.physaphae.fr/article.php?IdArticle=7198358 False Tool,Threat None None Security Affairs - Blog Secu A new multifunctional Go-based malware dubbed Chaos is targeting both Windows and Linux systems, experts warn. Researchers from Black Lotus Labs at Lumen Technologies, recently uncovered a multifunctional Go-based malware that was developed to target devices based on multiple architectures, including Windows and Linux. The malicious code was developed to target a broad range of devices, […] ]]> 2022-09-29T07:28:01+00:00 https://securityaffairs.co/wordpress/136384/malware/chaos-malware-windows-linux.html www.secnews.physaphae.fr/article.php?IdArticle=7196491 False Malware None None Security Affairs - Blog Secu The recently discovered malware builder Quantum Builder is being used by threat actors to deliver the Agent Tesla RAT. A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT), Zscaler ThreatLabz researchers warn. “Quantum Builder (aka “Quantum Lnk Builder”) is used to create malicious shortcut […] ]]> 2022-09-28T15:43:32+00:00 https://securityaffairs.co/wordpress/136370/uncategorized/quantum-builder-agent-tesla-rat.html www.secnews.physaphae.fr/article.php?IdArticle=7181400 False Malware,Threat None None Security Affairs - Blog Secu ONLINE DISINFORMATION is one of the defining issues of our time and the influence of fake news has become an acute threat to our society. Disinformation undermines true journalism and steers the public opinion in highly charged topics such as immigration, climate change, armed conflicts or refugee and health crises. Social media platforms are the […] ]]> 2022-09-28T14:03:04+00:00 https://securityaffairs.co/wordpress/136366/intelligence/disinformation-under-the-hood-of-a-doppelganger.html www.secnews.physaphae.fr/article.php?IdArticle=7179608 False Threat None None Security Affairs - Blog Secu The Russia-linked APT28 group is using mouse movement in decoy Microsoft PowerPoint documents to distribute malware. The Russia-linked APT28 employed a technique relying on mouse movement in decoy Microsoft PowerPoint documents to deploy malware, researchers from Cluster25 reported. Cluster25 researchers were analyzing a lure PowerPoint document used to deliver a variant of Graphite malware, which is known to be used […] ]]> 2022-09-28T13:47:10+00:00 https://securityaffairs.co/wordpress/136358/apt/apt28-powerpoint-mouseover-technique.html www.secnews.physaphae.fr/article.php?IdArticle=7179609 False Malware APT 28 None Security Affairs - Blog Secu The recently born Bl00Dy Ransomware gang has started using the recently leaked LockBit ransomware builder in attacks in the wild. The Bl00Dy Ransomware gang is the first group that started using the recently leaked LockBit ransomware builder in attacks in the wild. Last week, an alleged disgruntled developer leaked the builder for the latest encryptor […] ]]> 2022-09-28T10:35:45+00:00 https://securityaffairs.co/wordpress/136345/cyber-crime/bl00dy-ransomware-lockbit-3-encryptor.html www.secnews.physaphae.fr/article.php?IdArticle=7176969 False Ransomware None None Security Affairs - Blog Secu nuvola is the new open-source cloud security tool to address the privilege escalation in cloud environments. nuvola is the new open source security tool made by the Italian cyber security researcher Edoardo Rosa (@_notdodo_), Security Engineer at Prima Assicurazioni. The tool was released during the RomHack 2022 security conference in Rome. The tool helps the […] ]]> 2022-09-28T08:26:13+00:00 https://securityaffairs.co/wordpress/136336/security/nuvola-cloud-security-tool.html www.secnews.physaphae.fr/article.php?IdArticle=7175230 False Tool None None Security Affairs - Blog Secu Meta dismantled a network of Facebook and Instagram accounts spreading disinformation across European countries. Meta announced to have taken down a huge Russian network of Facebook and Instagram accounts used to spread disinformation published on more than 60 websites impersonating news organizations across Europe. The disinformation operation began in May 2022, the network targeted primarily […] ]]> 2022-09-28T07:43:33+00:00 https://securityaffairs.co/wordpress/136326/social-networks/meta-dismantled-russian-network.html www.secnews.physaphae.fr/article.php?IdArticle=7174371 False None None None Security Affairs - Blog Secu North Korea-linked Lazarus APT group is targeting macOS Users searching for jobs in the cryptocurrency industry. North Korea-linked Lazarus APT group continues to target macOS with a malware campaign using job opportunities as a lure. The attackers aimed at stealing credentials for the victims’ wallets. Last week, SentinelOne researchers discovered a decoy documents advertising positions […] ]]> 2022-09-27T20:39:33+00:00 https://securityaffairs.co/wordpress/136297/apt/lazarus-apt-targeting-macos.html www.secnews.physaphae.fr/article.php?IdArticle=7164732 False Malware APT 38 None Security Affairs - Blog Secu Elbit Systems of America, a subsidiary of defense giant Elbit Systems, disclosed a data breach after Black Basta ransomware gang claimed to have hacked it. In late June, the Black Basta ransomware gang claimed to have hacked Elbit Systems of America, the extortion group added the name of the company to its Tor leak site. […] ]]> 2022-09-27T15:37:51+00:00 https://securityaffairs.co/wordpress/136310/cyber-crime/elbit-systems-of-america-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7160877 False Ransomware,Data Breach None None Security Affairs - Blog Secu WhatsApp has addressed two severe Remote Code Execution vulnerabilities affecting the mobile version of the software. WhatsApp has published three security advisories for 2022, two of which are related to CVE-2021-24042 and CVE-2021-24043 vulnerabilities discovered in January and February, and the third one is related to CVE-2022-36934 and CVE-2022-27492 fixed by the company in September. The […] ]]> 2022-09-27T13:13:23+00:00 https://securityaffairs.co/wordpress/136300/hacking/whatsapp-critical-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=7159949 False None None None Security Affairs - Blog Secu The recently discovered Erbium information-stealer is being distributed as fake cracks and cheats for popular video games. Threat actors behind the new ‘Erbium’ information-stealing malware are distributing it as fake cracks and cheats for popular video games to steal victims’ credentials and cryptocurrency wallets. The Erbium info-stealing malware was first spotted by researchers at threat […] ]]> 2022-09-27T09:40:39+00:00 https://securityaffairs.co/wordpress/136285/malware/erbium-info-stealing-malware.html www.secnews.physaphae.fr/article.php?IdArticle=7158257 True Malware,Threat None None Security Affairs - Blog Secu Researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the GRU. Mandiant researchers are tracking multiple self-proclaimed hacktivist groups working in support of Russia, and identified 3 groups linked to the Russian Main Intelligence Directorate (GRU). The experts assess with moderate confidence that moderators of the […] ]]> 2022-09-27T07:57:31+00:00 https://securityaffairs.co/wordpress/136276/hacktivism/hacktivist-groups-support-of-russia.html www.secnews.physaphae.fr/article.php?IdArticle=7157608 False None None None Security Affairs - Blog Secu The Ukrainian military intelligence warns that Russia is planning to escalate cyberattacks targeting Ukraine and Western allies. The Main Directorate of Intelligence of the Ministry of Defence of Ukraine (HUR MO) warns that Russia is planning to escalate cyberattacks targeting the critical infrastructure of Ukraine and western countries. According to the Ukrainian military intelligence service, […] ]]> 2022-09-26T18:37:27+00:00 https://securityaffairs.co/wordpress/136265/cyber-warfare-2/russia-prepares-massive-cyberattacks.html www.secnews.physaphae.fr/article.php?IdArticle=7152625 False None None None Security Affairs - Blog Secu China-linked cyberespionage group TA413 exploits employ a never-before-undetected backdoor called LOWZERO in attacks aimed at Tibetan entities. A China-linked cyberespionage group, tracked as TA413 (aka LuckyCat), is exploiting recently disclosed flaws in Sophos Firewall (CVE-2022-1040) and Microsoft Office (CVE-2022-30190) to deploy a never-before-detected backdoor called LOWZERO in attacks aimed at Tibetan entities. The TA413 APT group is known to be focused […] ]]> 2022-09-26T14:58:22+00:00 https://securityaffairs.co/wordpress/136252/apt/ta413-targets-tibet-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=7150493 False None None None Security Affairs - Blog Secu A previously undetected hacking group, tracked as Metador, has been targeting telecommunications, internet services providers (ISPs), and universities for about two years. SentinelLabs researchers uncovered a never-before-seen threat actor, tracked as Metador, that primarily targets telecommunications, internet service providers, and universities in several countries in the Middle East and Africa. The experts pointed out that […] ]]> 2022-09-26T10:38:12+00:00 https://securityaffairs.co/wordpress/136239/apt/metador-targets-isp-networks.html www.secnews.physaphae.fr/article.php?IdArticle=7148311 True Threat None None Security Affairs - Blog Secu Ransomware operators switch to new extortion tactics by using the Exmatter malware and adding new data corruption functionality. The data extortion landscape is constantly evolving and threat actors are devising new extortion techniques, this is the case of threat actors using the Exmatter malware. Cyderes Special Operations and Stairwell Threat Research researchers spotted a sample […] ]]> 2022-09-26T06:22:16+00:00 https://securityaffairs.co/wordpress/136226/cyber-crime/exmatter-tool-shift-extortion-tactics.html www.secnews.physaphae.fr/article.php?IdArticle=7146767 False Malware,Tool,Threat None None Security Affairs - Blog Secu Threat actors target GitHub users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. GitHub is warning of an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. The company learned of the attacks against its users on September […] ]]> 2022-09-25T16:34:04+00:00 https://securityaffairs.co/wordpress/136211/hacking/phishing-circleci-github-accounts.html www.secnews.physaphae.fr/article.php?IdArticle=7134595 False None None None Security Affairs - Blog Secu OpIran: Anonymous launched Operation Iran against Teheran due to the ongoing crackdown on dissent after Mahsa Amini's death. Anonymous launched OpIran against Iran due to the ongoing crackdown on dissent after Mahsa Amini's death. The protests began after the death of Mahsa Amini from Saqqez in Kurdistan province after her arrest by Iran's morality police […] ]]> 2022-09-25T12:08:04+00:00 https://securityaffairs.co/wordpress/136179/hacktivism/anonymous-opiran-mahsa-amini-death.html www.secnews.physaphae.fr/article.php?IdArticle=7130921 False None None None Security Affairs - Blog Secu The Internet Systems Consortium (ISC) fixed six remotely exploitable vulnerabilities in the BIND DNS software. The Internet Systems Consortium (ISC) this week released security patches to address six remotely exploitable vulnerabilities in BIND DNS software. Four out of six flaws, all denial-of-service (DoS) issue, have been rated as 'high' severity. One of the issues, tracked […] ]]> 2022-09-24T21:44:32+00:00 https://securityaffairs.co/wordpress/136164/security/bind-dns-software-flaws-2.html www.secnews.physaphae.fr/article.php?IdArticle=7116104 False None None None Security Affairs - Blog Secu The cyber department of Ukraine ‘s Security Service (SSU) dismantled a gang that stole accounts of about 30 million individuals. The cyber department of Ukraine ‘s Security Service (SSU) has taken down a group of hackers that is behind the theft of about 30 million individuals. The gang was offering the stole accounts for sale […] ]]> 2022-09-24T16:44:31+00:00 https://securityaffairs.co/wordpress/136156/cyber-crime/ukraine-cyber-gang.html www.secnews.physaphae.fr/article.php?IdArticle=7110825 False None None None Security Affairs - Blog Secu The City of London Police this week announced the arrest of a 17-year-old teenager on suspicion of hacking. Is he the Uber hacker? The City of London Police on Friday announced to have arrested a 17-year-old teenager on suspicion of hacking, however, experts believe the arrest could be linked to the recent security breaches suffered […] ]]> 2022-09-24T13:58:18+00:00 https://securityaffairs.co/wordpress/136146/cyber-crime/uber-rockstar-games-hacker-arrest.html www.secnews.physaphae.fr/article.php?IdArticle=7107676 False None Uber,Uber None Security Affairs - Blog Secu Sophos warns that a critical code injection security vulnerability in its Firewall product is actively exploited in the wild. Sophos warns of a critical code injection security vulnerability, tracked as CVE-2022-3236, affecting its Firewall product which is being exploited in the wild. The CVE-2022-3236 flaw resides in the User Portal and Webadmin of Sophos Firewall, […] ]]> 2022-09-23T21:43:32+00:00 https://securityaffairs.co/wordpress/136135/security/sophos-user-portal-webadmin-bug.html www.secnews.physaphae.fr/article.php?IdArticle=7090531 False Vulnerability None None Security Affairs - Blog Secu The popular collective Anonymous claims to have hacked the website of the Russian Ministry of Defense and leaked data of 305,925 people. The #OpRussia (#OpRussia) launched by Anonymous on Russia after the criminal invasion of Ukraine continues, the popular collective claims to have hacked the website of the Russian Ministry of Defense. The group of […] ]]> 2022-09-23T15:40:55+00:00 https://securityaffairs.co/wordpress/136127/hacktivism/anonymous-russian-ministry-of-defense.html www.secnews.physaphae.fr/article.php?IdArticle=7084717 False None None None Security Affairs - Blog Secu CISA added a security flaw in Zoho ManageEngine, tracked as CVE-2022-35405, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a recently disclosed security flaw in Zoho ManageEngine, tracked as CVE-2022-35405 (CVSS score 9.8), to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of […] ]]> 2022-09-23T15:13:49+00:00 https://securityaffairs.co/wordpress/136120/hacking/cisa-zoho-manageengine-known-exploited-vulnerabilities-catalog.html www.secnews.physaphae.fr/article.php?IdArticle=7084718 False None None None Security Affairs - Blog Secu Sansec researchers warn of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Sansec researchers are warning of a hacking campaign targeting the CVE-2022-24086 Magento 2 vulnerability. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands of e-stores worldwide. In February, Adobe […] ]]> 2022-09-23T13:54:46+00:00 https://securityaffairs.co/wordpress/136112/hacking/magento-2-cve-2022-24086.html www.secnews.physaphae.fr/article.php?IdArticle=7082889 False Vulnerability None None Security Affairs - Blog Secu Australian telecoms company Optus disclosed a data breach, threat actors gained access to former and current customers. Optus, one of the largest service providers in Australia, disclosed a data breach. The intruders gained access to the personal information of both former and current customers. The company is a subsidiary of Singtel with 10.5 million subscribers as of 2019. […] ]]> 2022-09-23T11:02:00+00:00 https://securityaffairs.co/wordpress/136104/data-breach/optus-discloses-security-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7080145 False Threat None None Security Affairs - Blog Secu A critical vulnerability in Oracle Cloud Infrastructure (OCI) could be exploited to access the virtual disks of other Oracle customers. Wiz researchers discovered a critical flaw in Oracle Cloud Infrastructure (OCI) that could be exploited by users to access the virtual disks of other Oracle customers. An attacker can trigger the flaw to exfiltrate sensitive […] ]]> 2022-09-22T21:10:33+00:00 https://securityaffairs.co/wordpress/136094/security/oracle-cloud-infrastructure-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=7068505 False Vulnerability None None Security Affairs - Blog Secu More than 350,000 open source projects can be potentially affected by a 15-Year-Old unpatched Python vulnerability More than 350,000 open source projects can be potentially affected by an unpatched Python vulnerability, tracked as CVE-2007-4559 (CVSS score: 6.8), that was discovered 15 years ago. The issue is a Directory traversal vulnerability that resides in the ‘extract’ […] ]]> 2022-09-22T13:27:22+00:00 https://securityaffairs.co/wordpress/136081/hacking/python-bug-cve-2007-4559.html www.secnews.physaphae.fr/article.php?IdArticle=7061569 False Vulnerability None None Security Affairs - Blog Secu Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The now-patched critical security flaw was disclosed by Atlassian in early June, at the time the company warned of a […] ]]> 2022-09-22T11:06:42+00:00 https://securityaffairs.co/wordpress/136071/malware/atlassian-confluence-flaw-cryptomining.html www.secnews.physaphae.fr/article.php?IdArticle=7059873 False None None None Security Affairs - Blog Secu A disgruntled developer seems to be responsible for the leak of the builder for the latest encryptor of the LockBit ransomware gang. The leak of the builder for the latest encryptor of the LockBit ransomware gang made the headlines, it seems that the person who published it is a disgruntled developer. The latest version of […] ]]> 2022-09-22T05:19:24+00:00 https://securityaffairs.co/wordpress/136056/data-breach/lockbit-3-0-builder-leak.html www.secnews.physaphae.fr/article.php?IdArticle=7055697 False Ransomware None None Security Affairs - Blog Secu Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. Redis, is a popular open source data structure tool that can be used as an in-memory distributed database, message broker or cache. The tool is not designed to be exposed on the Internet, however, researchers spotted […] ]]> 2022-09-21T15:45:32+00:00 https://securityaffairs.co/wordpress/136045/hacking/redis-cryptocurrency-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=7041133 False Tool None None Security Affairs - Blog Secu Threat actors have stolen around $160 million worth of digital assets worth from crypto trading firm Wintermute. Malicious actors continue to target organizations in the cryptocurrency industry, the last victim in order of time is crypto trading firm Wintermute. The company made the headlines after that threat actors have stolen around $160 million worth of digital assets. […] ]]> 2022-09-21T14:54:44+00:00 https://securityaffairs.co/wordpress/136029/hacking/wintermute-l160m-cyber-heist.html www.secnews.physaphae.fr/article.php?IdArticle=7040139 False Threat None None Security Affairs - Blog Secu The U.S. Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. The U.S. Federal Communications Commission (FCC) has added Pacific Network Corp, ComNet (USA) LLC, and China Unicom (Americas) Operations Limited, to the Covered List. The Covered List, published by Public Safety and Homeland Security Bureau published, included products and […] ]]> 2022-09-21T12:18:32+00:00 https://securityaffairs.co/wordpress/136018/intelligence/covered-list-chinese-companies.html www.secnews.physaphae.fr/article.php?IdArticle=7038173 False None None None Security Affairs - Blog Secu Cybersecurity company Imperva announced to have mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests. Cybersecurity firm Imperva mitigated a DDoS attack with over 25.3 billion requests on June 27, 2022. According to the experts, the attack marks a new record for Imperva's application DDoS mitigation solution. The attack targeted an unnamed […] ]]> 2022-09-21T09:15:22+00:00 https://securityaffairs.co/wordpress/136009/cyber-crime/record-breaking-ddos-imperva.html www.secnews.physaphae.fr/article.php?IdArticle=7035279 False None None None Security Affairs - Blog Secu Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Multiple security firms have reported that the Sandworm APT continues to target Ukraine with multiple means, including custom malware and botnet like Cyclops […] ]]> 2022-09-20T20:49:10+00:00 https://securityaffairs.co/wordpress/135996/apt/sandworm-targets-ukraine-teleco.html www.secnews.physaphae.fr/article.php?IdArticle=7022332 False Malware None None Security Affairs - Blog Secu Uber disclosed additional details about the security breach, the company blames a threat actor allegedly affiliated with the LAPSUS$ hacking group. Uber revealed additional details about the recent security breach, the company believes that the threat actor behind the intrusion is affiliated with the LAPSUS$ hacking group. Over the last months, the Lapsus$ gang compromised […] ]]> 2022-09-20T13:17:36+00:00 https://securityaffairs.co/wordpress/135980/cyber-crime/uber-hacked-by-lapsus-group.html www.secnews.physaphae.fr/article.php?IdArticle=7015707 False Threat Uber,Uber None Security Affairs - Blog Secu How can businesses protect themselves from fraudulent activities by examining IP addresses? The police would track burglars if they left calling cards at the attacked properties. Internet fraudsters usually leave a trail of breadcrumbs whenever they visit websites through specific IP addresses. They reveal their physical location and the device they used to connect to […] ]]> 2022-09-20T11:31:54+00:00 https://securityaffairs.co/wordpress/135975/security/preventing-fraud-for-enterprises.html www.secnews.physaphae.fr/article.php?IdArticle=7013903 False None None None Security Affairs - Blog Secu American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts. American Airlines recently suffered a data breach, threat actors compromised a limited number of employee email accounts. The intruders had access to sensitive personal information contained in the accounts, but the company’s data breach notification states that it is not aware […] ]]> 2022-09-20T10:52:13+00:00 https://securityaffairs.co/wordpress/135963/data-breach/american-airlines-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7013090 False Data Breach,Threat None None Security Affairs - Blog Secu VMware and Microsoft are warning of a widespread Chromeloader malware campaign that distributes several malware families. ChromeLoader is a malicious Chrome browser extension, it is classified as a pervasive browser hijacker that modifies browser settings to redirect user traffic. The malware is able to redirect the user's traffic and hijacking user search queries to popular […] ]]> 2022-09-20T05:11:39+00:00 https://securityaffairs.co/wordpress/135949/malware/chromeloader-malware-campaigns.html www.secnews.physaphae.fr/article.php?IdArticle=7009427 False Malware None None Security Affairs - Blog Secu Revolut has suffered a cyberattack, threat actors have had access to personal information of tens of thousands of customers. The financial technology company Revolut suffered a ‘highly targeted’ cyberattack over the weekend, threat actors had access to the personal information of 0.16% of its customers (approximately 50,000 users). The company states that it has already contacted the […] ]]> 2022-09-19T16:26:21+00:00 https://securityaffairs.co/wordpress/135935/data-breach/revolut-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=7003814 False Threat None None Security Affairs - Blog Secu Threat actors leaked source code and gameplay videos of Grand Theft Auto 6 (GTA6) after they have allegedly breached Rockstar Game. Threat actors allegedly compromised Rockstar Game’s Slack server and Confluence wiki and leaked Grand Theft Auto 6 gameplay videos and source code. On September 18, 2022, threat actors that go on GTAForums as 'teapotuberhacker' […] ]]> 2022-09-19T07:11:18+00:00 https://securityaffairs.co/wordpress/135923/data-breach/gta6-gameplay-videos-source-code-leak.html www.secnews.physaphae.fr/article.php?IdArticle=6998645 True Threat Uber None Security Affairs - Blog Secu AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September. In the first week of September, AquaSec researchers identified at least three different attacks targeting their honeypots, the experts associated them with the cybercrime gang TeamTNT. The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 […] ]]> 2022-09-19T05:09:43+00:00 https://securityaffairs.co/wordpress/135911/cyber-crime/teamtnt-is-back-encryption-solvers.html www.secnews.physaphae.fr/article.php?IdArticle=6997016 False Malware None None Security Affairs - Blog Secu Researchers discovered two critical vulnerabilities (CVE–2022–36158 and CVE–2022–36159) in Flexlan devices that provide WiFi on airplanes. Researchers from Necrum Security Labs discovered a couple of critical vulnerabilities, tracked as CVE–2022–36158 and CVE–2022–36159, impacting the Contec Flexlan FXA3000 and FXA2000 series LAN devices. The FXA3000 and FXA2000 Series are access points that are manufactured by Japan-based firm Contec […] ]]> 2022-09-19T05:05:15+00:00 https://securityaffairs.co/wordpress/135898/security/flexlan-critical-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=6995971 False None None None Security Affairs - Blog Secu Multiple Netgear router models are impacted by an arbitrary code execution via FunJSQ, which is a third-party module for online game acceleration. Researchers at security and compliance assessment firm Onekey warns of an arbitrary code execution via FunJSQ, which is a third-party module developed by Xiamen Xunwang Network Technology for online game acceleration, that impacts […] ]]> 2022-09-18T13:26:03+00:00 https://securityaffairs.co/wordpress/135887/security/netgear-game-acceleration-module-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=6980723 False None None None Security Affairs - Blog Secu 2022-09-18T11:58:11+00:00 https://securityaffairs.co/wordpress/135876/data-breach/uber-data-breach-update.html www.secnews.physaphae.fr/article.php?IdArticle=6978688 False Hack Uber,Uber None Security Affairs - Blog Secu The Password management solution LastPass revealed that the threat actors had access to its systems for four days during the August hack. Password management solution LastPass shared more details about the security breach that the company suffered in August 2022. The company revealed that the threat actor had access to its network for four days […] ]]> 2022-09-17T18:11:10+00:00 https://securityaffairs.co/wordpress/135869/hacking/lastpass-august-hack-notice.html www.secnews.physaphae.fr/article.php?IdArticle=6960731 False Hack,Threat LastPass None Security Affairs - Blog Secu The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including the bug used in the Stuxnet attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Below is the list of vulnerabilities added to the catalog: CVE-2022-40139: Trend […] ]]> 2022-09-17T15:11:55+00:00 https://securityaffairs.co/wordpress/135853/security/known-exploited-vulnerabilities-catalog-stuxnet-bug.html www.secnews.physaphae.fr/article.php?IdArticle=6957540 False None None None Security Affairs - Blog Secu Bitdefender has released a free decryptor to allow the victims of the LockerGoga ransomware to recover their files without paying a ransom. The cybersecurity firm Bitdefender has released a free decryptor to allow LockerGoga ransomware victims to recover their encrypted files without paying a ransom. “We're pleased to announce the availability of a new decryptor […] ]]> 2022-09-16T20:02:03+00:00 https://securityaffairs.co/wordpress/135843/malware/lockergoga-ransomware-decryptor.html www.secnews.physaphae.fr/article.php?IdArticle=6936041 False Ransomware None None Security Affairs - Blog Secu North Korea-linked threat actor UNC4034 is spreading tainted versions of the PuTTY SSH and Telnet client. In July 2022, Mandiant identified a novel spear phish methodology that was employed by North Korea-linked threat actor UNC4034. The attackers are spreading tainted versions of the PuTTY SSH and Telnet client. The attack chain starts with a fake […] ]]> 2022-09-16T16:40:56+00:00 https://securityaffairs.co/wordpress/135831/malware/north-korea-linked-apt-backdoored-putty.html www.secnews.physaphae.fr/article.php?IdArticle=6933196 False Threat None None Security Affairs - Blog Secu Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. Uber on Thursday suffered a cyberattack, the attackers were able to penetrate its internal network and access internal documents, including vulnerability reports. According to the New York Times, the threat actors hacked an employee’s Slack account and […] ]]> 2022-09-16T07:22:27+00:00 https://securityaffairs.co/wordpress/135811/data-breach/uber-hacked-systems-allegedly-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=6924934 False Vulnerability,Threat Uber,Uber None Security Affairs - Blog Secu Akamai announced to have recently blocked a new record-breaking distributed denial-of-service (DDoS) attack. On Monday, September 12, 2022, Akamai mitigated the largest DDoS attack ever that hit one of its European customers. The malicious traffic peaked at 704.8 Mpps and appears to originate from the same threat actor behind the previous record that Akamai blocked […] ]]> 2022-09-15T21:32:33+00:00 https://securityaffairs.co/wordpress/135803/security/record-ddos-sept-2022.html www.secnews.physaphae.fr/article.php?IdArticle=6916211 False Threat None None Security Affairs - Blog Secu Threat actors target gamers looking for cheats on YouTube with the RedLine Stealer information-stealing malware and crypto miners Researchers from Kaspersky have spotted a self-extracting archive, served to gamers looking for cheats on YouTube, that was employed to deliver the RedLine Stealer information-stealing malware and crypto miners. The RedLine malware allows operators to steal several […] ]]> 2022-09-15T15:32:00+00:00 https://securityaffairs.co/wordpress/135788/malware/self-spreading-malware-target-gamers.html www.secnews.physaphae.fr/article.php?IdArticle=6911148 False Malware None None Security Affairs - Blog Secu Russia-linked Gamaredon APT targets employees of the Ukrainian government, defense, and law enforcement agencies with a custom information-stealing malware. Russia-linked Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, and Trident Ursa) is targeting employees of the Ukrainian government, defense, and law enforcement agencies with a piece of a custom-made information stealer implant. The malicious code was designed to […] ]]> 2022-09-15T13:43:49+00:00 https://securityaffairs.co/wordpress/135780/apt/gamaredon-new-stealing-malware.html www.secnews.physaphae.fr/article.php?IdArticle=6909525 False None None None Security Affairs - Blog Secu The FBI has issued an alert about threat actors targeting healthcare payment processors in an attempt to hijack the payments. The Federal Bureau of Investigation (FBI) has issued an alert about cyber attacks against healthcare payment processors to redirect victim payments. Threat actors used employees' publicly-available Personally Identifiable Information (PII) and social engineering techniques to […] ]]> 2022-09-15T08:48:25+00:00 https://securityaffairs.co/wordpress/135774/cyber-crime/attacks-healthcare-payment-processors.html www.secnews.physaphae.fr/article.php?IdArticle=6905506 False Threat None None Security Affairs - Blog Secu Threat actors are exploiting the death of Queen Elizabeth II as bait in phishing attacks to steal Microsoft account credentials from victims. Researchers from Proofpoint are warning of threat actors that are using the death of Queen Elizabeth II as bait in phishing attacks. The attackers aim at tricking recipients into visiting sites designed to […] ]]> 2022-09-15T05:22:07+00:00 https://securityaffairs.co/wordpress/135764/cyber-crime/queen-elizabeth-ii-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=6903102 False Threat None None