This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-04T07:34:47+00:00 www.secnews.physaphae.fr Security Affairs - Blog Secu Atlassian has addressed on Friday an actively exploited critical remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. Early this week, Atlassian warned of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versions, tracked as CVE-2022-26134, that is being actively exploited in attacks in the […] ]]> 2022-06-05T09:51:08+00:00 https://securityaffairs.co/wordpress/131942/security/atlassian-fixes-confluence-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=4990188 True Vulnerability None None Security Affairs - Blog Secu Operation Russia continues, albeit much more slowly than last month, RKPLaw, Vyberi Radio, and Metprom Group are the last victims. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues, albeit much more slowly than last month. The collective recently leaked stolen data via DDoSecrets. This is my update on the […] ]]> 2022-06-04T15:05:19+00:00 https://securityaffairs.co/wordpress/131933/hacktivism/anonymous-operation-russia-100-days.html www.secnews.physaphae.fr/article.php?IdArticle=4973561 False None None None Security Affairs - Blog Secu GitLab addresses a critical security vulnerability, tracked as CVE-2022-1680, that could be exploited by an attacker to take over users’ accounts. GitLab has fixed a critical security flaw in its GitLab Enterprise Edition (EE), tracked as CVE-2022-1680 (CVSS score 9.9), that could be exploited to take over an account. The vulnerability impacts all versions starting […] ]]> 2022-06-04T08:36:53+00:00 https://securityaffairs.co/wordpress/131928/hacking/gitlab-critical-account-take-over.html www.secnews.physaphae.fr/article.php?IdArticle=4968264 False Vulnerability None None Security Affairs - Blog Secu Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor An “extremely sophisticated” China-linked APT tracked as LuoYu was delivering malware called WinDealer via man-on-the-side attacks. Researchers from Kaspersky have uncovered an “extremely sophisticated” China-linked APT group, tracked as LuoYu, that has been observed using a malicious Windows tool called WinDealer. LuoYu has been active since at […] ]]> 2022-06-03T23:46:21+00:00 https://securityaffairs.co/wordpress/131921/apt/luoyu-apt-windealer.html www.secnews.physaphae.fr/article.php?IdArticle=4960331 False Malware,Tool None None Security Affairs - Blog Secu The Clipminer botnet allowed operators to earn at least $1.7 million, according to a report published by security researchers at Symantec. Researchers at Symantec's Threat Hunter Team uncovered a cryptomining operation that has potentially made the actors behind it at least $1.7 million in illicit gains. The bot focuses on cryptocurrency mining and cryptocurrency theft […] ]]> 2022-06-03T14:45:49+00:00 https://securityaffairs.co/wordpress/131913/malware/clipminer-botnet-1-7-million.html www.secnews.physaphae.fr/article.php?IdArticle=4952423 False Threat None None Security Affairs - Blog Secu Atlassian warned of an actively exploited critical unpatched remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center products. Atlassian is warning of a critical unpatched remote code execution vulnerability affecting all Confluence Server and Data Center supported versions, tracked as CVE-2022-26134, that is being actively exploited in attacks in the wild. “Atlassian has […] ]]> 2022-06-03T10:13:39+00:00 https://securityaffairs.co/wordpress/131909/hacking/atlassian-confluence-zero-day-cve-2022-26134.html www.secnews.physaphae.fr/article.php?IdArticle=4948985 False Vulnerability None None Security Affairs - Blog Secu Microsoft blocked an attack activity aimed at Israeli organizations attributed to a previously unknown Lebanon-based hacking group tracked as POLONIUM. Microsoft announced to have blocked a series of attacks targeting Israeli organizations that have been conducted by a previously unknown Lebanon-based hacking group tracked as POLONIUM. POLONIUM has targeted or compromised more than 20 Israeli […] ]]> 2022-06-03T07:29:58+00:00 https://securityaffairs.co/wordpress/131902/hacking/microsoft-blocked-polonium-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=4946407 False None None None Security Affairs - Blog Secu LockBit ransomware gang claimed responsibility for an attack against the electronics manufacturing giant Foxconn that impacted production in Mexico The electronics manufacturing giant Foxconn confirmed that its production plant in Tijuana (Mexico) has been impacted by a ransomware attack in late May. The LockBit ransomware gang claimed responsibility for an attack and announced that it […] ]]> 2022-06-02T18:34:36+00:00 https://securityaffairs.co/wordpress/131891/cyber-crime/lockbit-ransomware-foxconn-plant-mexico.html www.secnews.physaphae.fr/article.php?IdArticle=4935490 False Ransomware None None Security Affairs - Blog Secu 2022-06-02T17:09:12+00:00 https://securityaffairs.co/wordpress/131885/hacking/conti-leaked-chat-firmware-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=4934690 False Ransomware,Threat None None Security Affairs - Blog Secu An international law enforcement operation involving 11 countries resulted in the takedown of the FluBot Android malware. An international law enforcement operation involving 11 countries led to the takedown of the infamous FluBot Android malware. The investigation involved law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United […] ]]> 2022-06-02T13:17:48+00:00 https://securityaffairs.co/wordpress/131878/malware/flubot-android-malware-takedown.html www.secnews.physaphae.fr/article.php?IdArticle=4932284 False None None 5.0000000000000000 Security Affairs - Blog Secu A remote code execution vulnerability in the open-source Horde Webmail client can allow to take over servers by sending a specially crafted email. Researchers from SonarSource discovered a remote code execution vulnerability (CVE-2022-30287) in the open-source Horde Webmail client. Horde Webmail allows users to manage contacts, the flaw could be exploited by an authenticated user […] ]]> 2022-06-02T05:33:25+00:00 https://securityaffairs.co/wordpress/131870/hacking/rce-flaw-horde-webmail.html www.secnews.physaphae.fr/article.php?IdArticle=4927940 False Vulnerability None None Security Affairs - Blog Secu A new version of the XLoader botnet is implementing a new technique to obscure the Command and Control infrastructure. Researchers from Check Point have discovered a new version of the XLoader botnet, which implements significant enhancements, such as a new technique to obscure the Command and Control infrastructure XLoader has been observed since 2020, it […] ]]> 2022-06-01T20:56:34+00:00 https://securityaffairs.co/wordpress/131860/cyber-crime/xloader-botnet-obscures-c2.html www.secnews.physaphae.fr/article.php?IdArticle=4922916 False None None None Security Affairs - Blog Secu Researchers uncovered 3.6M accessible MySQL servers worldwide that represent a potential attack surface for their owners. Researchers from Shadow Server scanned the internet for publicly accessible MySQL server instances on port 3306/TCP and uncovered 3.6M installs worldwide responding to their queries. These publicly accessible MySQL server instances represent a potential attack surface for their owners. “These are instances that respond to our […] ]]> 2022-06-01T13:08:21+00:00 https://securityaffairs.co/wordpress/131851/security/3-6-million-mysql-servers-accessible-online.html www.secnews.physaphae.fr/article.php?IdArticle=4919115 False None None None Security Affairs - Blog Secu A China-linked APT group is actively exploiting the recently disclosed Follina zero-day flaw in Microsoft Office in attacks in the wild. China-linked APT group TA413 has been observed exploiting the recently disclosed Follina zero-day flaw (tracked as CVE-2022-30190 and rated CVSS score 7.8) in Microsoft Office in attacks in the wild. This week, the cybersecurity researcher nao_sec discovered a malicious Word […] ]]> 2022-06-01T10:25:39+00:00 https://securityaffairs.co/wordpress/131843/apt/china-apt-exploits-follina-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=4917521 False None None None Security Affairs - Blog Secu Costa Rican Social Security Fund, Costa Rica ‘s public health service, was hit by a Hive ransomware attack. Costa Rican Social Security Fund, Costa Rica ‘s public health service (aka CCCS), was hit today by a Hive ransomware attack, BleepingComputer reported. The attack occurred early this morning, Tuesday, May 31, 2022. The authorities are investigating […] ]]> 2022-06-01T06:53:54+00:00 https://securityaffairs.co/wordpress/131837/cyber-crime/costa-rica-cccs-hive-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=4915421 False Ransomware None None Security Affairs - Blog Secu SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. Researchers from Kaspersky have analyzed the activity of an aggressive threat actor tracked as SideWinder (aka RattleSnake and T-APT-04). The group stands out for the high frequency and persistence of its attacks, researchers believe that the […] ]]> 2022-05-31T14:28:17+00:00 https://securityaffairs.co/wordpress/131831/apt/sidewinder-aggressive-apt.html www.secnews.physaphae.fr/article.php?IdArticle=4905216 False Threat APT-C-17 None Security Affairs - Blog Secu Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. Microsoft has released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as CVE-2022-30190 (CVSS score 7.8), in the Microsoft Office productivity suite. “On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows […] ]]> 2022-05-31T11:19:10+00:00 https://securityaffairs.co/wordpress/131824/security/microsoft-workarounds-microsoft-office-0day.html www.secnews.physaphae.fr/article.php?IdArticle=4903295 False Tool None None Security Affairs - Blog Secu Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. Cyber Research Labs observed a rise in ransomware attacks in the second quarter of 2022, some of them with a severe impact on the victims, such as the attack that hit the […] ]]> 2022-05-31T07:13:32+00:00 https://securityaffairs.co/wordpress/131816/malware/ransomware-attacks-small-states-q2-2022.html www.secnews.physaphae.fr/article.php?IdArticle=4901047 False Ransomware None None Security Affairs - Blog Secu Interpol arrested three Nigerian men in Lagos, who are suspected of using the Agent Tesla RAT to reroute financial transactions and steal sensitive data. Interpol arrested 3 Nigerian men in Lagos, as part of an international operation codenamed Killer Bee. The three men are suspected of using the Agent Tesla RAT to reroute financial transactions […] ]]> 2022-05-30T20:07:36+00:00 https://securityaffairs.co/wordpress/131811/cyber-crime/three-nigerians-arrested-by-interpol.html www.secnews.physaphae.fr/article.php?IdArticle=4897516 False None None None Security Affairs - Blog Secu 2022-05-30T14:49:23+00:00 https://securityaffairs.co/wordpress/131807/hacking/whatsapp-otp-scam.html www.secnews.physaphae.fr/article.php?IdArticle=4895641 False Threat None None Security Affairs - Blog Secu A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems. The cybersecurity researcher nao_sec discovered a malicious Word document (“05-2022-0438.doc”) that was uploaded to VirusTotal from Belarus. The document uses the remote template feature to fetch an HTML and then uses the “ms-msdt” scheme to execute PowerShell […] ]]> 2022-05-30T12:06:51+00:00 https://securityaffairs.co/wordpress/131800/hacking/multiple-microsoft-office-versions-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=4894972 False None None None Security Affairs - Blog Secu Researchers discovered a new ransomware family called GoodWill that asks victims to donate the ransom for social causes. CloudSEK's Threat Intelligence Research team has disclosed a new ransomware strain called GoodWill, that demands victims the payment of a ransom through donations for social causes and financially helping people in need. “The ransomware group propagates very unusual demands in […] ]]> 2022-05-30T11:20:08+00:00 https://securityaffairs.co/wordpress/131792/hacking/goodwill-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=4894581 False Ransomware,Threat None 3.0000000000000000 Security Affairs - Blog Secu The operators of the EnemyBot botnet added exploits for recently disclosed flaws in VMware, F5 BIG-IP, and Android systems. Operators behind the EnemyBot botnet are expanding the list of potential targets adding exploits for recently disclosed critical vulnerabilities in from VMware, F5 BIG-IP, and Android. The botnet was first discovered by Fortinet in March, the […] ]]> 2022-05-30T07:09:17+00:00 https://securityaffairs.co/wordpress/131783/malware/enemybot-botnet-new-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=4891900 False Malware None 5.0000000000000000 Security Affairs - Blog Secu Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian 'hacktivist' group Killnet is one of the most active non-state actors operating since the beginning of the Russian […] ]]> 2022-05-29T18:43:42+00:00 https://securityaffairs.co/wordpress/131776/hacking/killnet-threatens-italy.html www.secnews.physaphae.fr/article.php?IdArticle=4882051 False None None None Security Affairs - Blog Secu A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks The […] ]]> 2022-05-29T14:33:42+00:00 https://securityaffairs.co/wordpress/131772/breaking-news/security-affairs-newsletter-round-367-by-pierluigi-paganini.html www.secnews.physaphae.fr/article.php?IdArticle=4878983 True None None None Security Affairs - Blog Secu A man from New York was sentenced to four years in prison for trading stolen credit card data and assisting the Infraud Organization. John Telusma (aka ‘Peterelliot’), a New York man from New York (37), was sentenced this week to four years in prison for purchasing stolen or compromised credit cards and assisting the Infraud […] ]]> 2022-05-29T13:39:10+00:00 https://securityaffairs.co/wordpress/131766/cyber-crime/man-arrested-infraud-scheme.html www.secnews.physaphae.fr/article.php?IdArticle=4878216 False None None None Security Affairs - Blog Secu 360 Qihoo reported DDoS attacks launched by APT-C-53 (aka Gamaredon) conducted through the open-source DDoS Trojan program LOIC. Researchers at 360 Qihoo observed a wave of DDoS attacks launched by Russia-linked APT-C-53 (aka Gamaredon) and reported that the threat actors also released as open-source the code of a DDoS Trojan called LOIC. The instances of the malware spotted by the experts […] ]]> 2022-05-28T15:55:27+00:00 https://securityaffairs.co/wordpress/131762/apt/gamaredon-apt-ddos-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=4860568 False Malware,Threat None None Security Affairs - Blog Secu The recently launched Industrial Spy data extortion marketplace has now started its ransomware operation. In April, Malware HunterTeam and Bleeping Computer reported the launch of a new dark web marketplace called Industrial Spy that sells stolen data and offers free stolen data to its members. MalwareHunterTeam researchers spotted malware samples [1, 2] that drop the following wallpaper that promotes […] ]]> 2022-05-28T15:02:13+00:00 https://securityaffairs.co/wordpress/131754/cyber-crime/industrial-spy-cuba-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=4859740 False Ransomware,Malware None None Security Affairs - Blog Secu Russia-linked threat actors are behind a new website that published leaked emails from leading proponents of Britain’s exit from the EU, the Reuters reported. According to a Google cybersecurity official and the former head of UK foreign intelligence, the “Very English Coop d’Etat” website was set up to publish private emails from Brexit supporters, including […] ]]> 2022-05-28T13:30:21+00:00 https://securityaffairs.co/wordpress/131740/data-breach/brexit-data-leak-site.html www.secnews.physaphae.fr/article.php?IdArticle=4858916 False Threat,Guideline None None Security Affairs - Blog Secu 2022-05-28T11:01:18+00:00 https://securityaffairs.co/wordpress/131733/hacking/100k-npm-credential-github-oauth-breach.html www.secnews.physaphae.fr/article.php?IdArticle=4856431 False Threat None None Security Affairs - Blog Secu Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research Team discovered four vulnerabilities (CVE-2021-42598, CVE-2021-42599, CVE-2021-42600, and CVE-2021-42601) in a mobile framework, owned by mce Systems, that is used by several mobile carriers in pre-installed Android System apps. The researchers discovered the flaws in September 2021 and […] ]]> 2022-05-27T21:37:22+00:00 https://securityaffairs.co/wordpress/131726/mobile-2/android-pre-installed-apps-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=4845667 False None None None Security Affairs - Blog Secu Security researchers devised a technique, dubbed GhostTouch, to remotely control touchscreens using electromagnetic signals. A team of researchers from Zhejiang University and Technical University of Darmstadt devised a technique, dubbed GhostTouch, to remotely control capacitive touchscreens using electromagnetic signals. According to the experts, GhostTouch is the first active contactless attack against capacitive touchscreens. GhostTouch uses electromagnetic […] ]]> 2022-05-27T14:45:01+00:00 https://securityaffairs.co/wordpress/131714/hacking/ghosttouch-touchscreens-attack.html www.secnews.physaphae.fr/article.php?IdArticle=4839866 False None None None Security Affairs - Blog Secu The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI issued an alert to inform the higher education sector about the availability of login credentials on dark web forums that can be used by threat actors to launch attacks […] ]]> 2022-05-27T13:22:16+00:00 https://securityaffairs.co/wordpress/131711/cyber-crime/fbi-us-academic-credentials-dark-web.html www.secnews.physaphae.fr/article.php?IdArticle=4839050 False Threat None None Security Affairs - Blog Secu A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC Android banking trojan version 2.0 can target an increasing number of applications, passing from 378 to 467 target applications to steal account credentials and crypto-wallets. ERMAC was first spotted by researchers from Threatfabric in July […] ]]> 2022-05-27T09:56:59+00:00 https://securityaffairs.co/wordpress/131705/malware/ermac-2-0-android-banking-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=4835765 False None None None Security Affairs - Blog Secu Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Horizon3 security researchers have released a proof-of-concept (PoC) exploit and technical analysis for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. The virtualization giant recently warned that a threat actor can exploit the CVE-2022-22972 flaw (CVSSv3 base score of 9.8) […] ]]> 2022-05-27T05:58:22+00:00 https://securityaffairs.co/wordpress/131698/hacking/poc-exploit-code-vmware-cve-2022-22972.html www.secnews.physaphae.fr/article.php?IdArticle=4832547 False Vulnerability,Threat None None Security Affairs - Blog Secu An investigation of the infamous “Is That You?” video scam led Cybernews researchers into exposing threat actors who are poisoning Facebook Original post @ https://cybernews.com/security/exposed-the-threat-actors-who-are-poisoning-facebook/ An investigation of the infamous “Is That You?” video scam has led Cybernews researchers to a cybercriminal stronghold, from which threat actors have been infecting the social media giant with […] ]]> 2022-05-26T20:40:28+00:00 https://securityaffairs.co/wordpress/131694/cyber-crime/threat-actors-poisoning-facebook.html www.secnews.physaphae.fr/article.php?IdArticle=4825308 False Threat None None Security Affairs - Blog Secu Zyxel addressed multiple vulnerabilities impacting many of its products, including APs, AP controllers, and firewalls. Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. Below is the list of the four vulnerabilities, the most severe one is a command injection flaw in some CLI commands […] ]]> 2022-05-26T19:28:44+00:00 https://securityaffairs.co/wordpress/131691/security/zyxel-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=4824600 False None None None Security Affairs - Blog Secu Researchers warn of a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. Researchers from Red Canary observed a new malvertising campaign spreading the ChromeLoader malware that hijacks the victims’ browsers. ChromeLoader is a malicious Chrome browser extension, it is classified as a pervasive browser hijacker that modifies browser settings to redirect […] ]]> 2022-05-26T14:38:43+00:00 https://securityaffairs.co/wordpress/131685/malware/chromeloader-malspam-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=4821145 False Malware None None Security Affairs - Blog Secu The maintainers of the Tails project (The Amnesic Incognito Live System) warn users that the Tor Browser bundled with the OS could expose their sensitive information. The maintainers confirmed that Tor Browser in Tails 5.0 and earlier is unsafe to use for sensitive information. “We recommend that you stop using Tails until the release of 5.1 […] ]]> 2022-05-26T10:31:24+00:00 https://securityaffairs.co/wordpress/131680/digital-id/tails-os-critical-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=4818498 False None None None Security Affairs - Blog Secu Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. Italy presented its National Cybersecurity Strategy for 2022/26 and reinforce the government’s commitment to addressing cyber threats and increasing the resilience of the country to cyber attacks. The strategy is aligned with the […] ]]> 2022-05-26T09:13:55+00:00 https://securityaffairs.co/wordpress/131674/security/italy-national-cybersecurity-strategy.html www.secnews.physaphae.fr/article.php?IdArticle=4817843 False Threat None None Security Affairs - Blog Secu An unknown APT group is targeting Russian government entities since the beginning of the Russian invasion of Ukraine. Researchers from Malwarebytes observed an unknown Advanced Persistent Threat (APT) group targeting Russian government entities with at least four separate spear-phishing campaigns since the beginning of the Russian invasion of Ukraine. The threat actors behind the attacks […] ]]> 2022-05-25T22:36:59+00:00 https://securityaffairs.co/wordpress/131658/apt/unknown-apt-group-target-russia.html www.secnews.physaphae.fr/article.php?IdArticle=4809758 False Threat None None Security Affairs - Blog Secu The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT) after a year-long investigation codenamed “Operation Delilah.” SilverTerrier has been active since at least 2014 and focuses on BEC […] ]]> 2022-05-25T18:57:20+00:00 https://securityaffairs.co/wordpress/131659/cyber-crime/silverterrier-leader-arrested.html www.secnews.physaphae.fr/article.php?IdArticle=4806712 False Guideline None None Security Affairs - Blog Secu Security flaws in Zoom can be exploited to compromise another user over chat by sending specially crafted messages. A set of four security flaws in the popular video conferencing service Zoom could be exploited to compromise another user over chat by sending specially crafted Extensible Messaging and Presence Protocol (XMPP) messages.Tracked from CVE-2022-22784 through CVE-2022-22787, […] ]]> 2022-05-25T11:12:40+00:00 https://securityaffairs.co/wordpress/131654/hacking/zoom-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=4801514 True Hack None None Security Affairs - Blog Secu US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 flaws to its Known Exploited Vulnerabilities Catalog, including recently addressed issues in the Android kernel (CVE-2021-1048 and CVE-2021-0920) and Cisco IOS XR (CVE-2022-20821). The Cisco IOS XR flaw (CVE-2022-20821, CVSS score: […] ]]> 2022-05-25T08:36:10+00:00 https://securityaffairs.co/wordpress/131646/security/known-exploited-vulnerabilities-catalog-flaws-2.html www.secnews.physaphae.fr/article.php?IdArticle=4799355 False None None None Security Affairs - Blog Secu Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy malware. Trend Micro addressed a DLL hijacking flaw in Trend Micro Security that a China-linked threat actor actively exploited to deploy malware. In early May, SentinelOne researchers observed a China-linked APT group, tracked as Moshen […] ]]> 2022-05-24T18:18:56+00:00 https://securityaffairs.co/wordpress/131635/hacking/trend-micro-flaw-moshen-dragon.html www.secnews.physaphae.fr/article.php?IdArticle=4788923 False Threat None None Security Affairs - Blog Secu Threat actors behind web skimming campaigns are using malicious JavaScript to mimic Google Analytics and Meta Pixel scripts to avoid detection. Microsoft security researchers recently observed web skimming campaigns that used multiple obfuscation techniques to avoid detection. The threat actors obfuscated the skimming script by encoding it in PHP, which, in turn, was embedded in […] ]]> 2022-05-24T13:16:01+00:00 https://securityaffairs.co/wordpress/131625/hacking/web-skimming-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=4785397 False Threat None None Security Affairs - Blog Secu Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary General Jurgen Stock declared that nation-state malwre will become available on the darknet in a couple of years. In the ongoing conflict between Russia and Ukraine, the malware developed by both nation-state actors and non […] ]]> 2022-05-24T09:06:15+00:00 https://securityaffairs.co/wordpress/131618/cyber-crime/nation-state-malware-dark-web.html www.secnews.physaphae.fr/article.php?IdArticle=4782917 False Malware None None Security Affairs - Blog Secu Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College. Researchers from SEKOIA.IO Threat & Detection Research (TDR) team have uncovered a reconnaissance and espionage campaign conducted by Russia-linked Turla APT aimed at the Baltic Defense College, the Austrian Economic Chamber (involved in government decision-making such as economic sanctions) and NATO's […] ]]> 2022-05-23T22:03:19+00:00 https://securityaffairs.co/wordpress/131586/apt/turla-apt-austria-estonia-nato.html www.secnews.physaphae.fr/article.php?IdArticle=4780683 False Threat None None Security Affairs - Blog Secu Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed denial-of-service (DDoS) botnet that was used by Russia-linked threat actors for coordinated disinformation campaigns. In March 2020, the collective of hacktivists called “Digital Revolution” claimed to have hacked a subcontractor to the Russian FSB. The […] ]]> 2022-05-23T17:17:24+00:00 https://securityaffairs.co/wordpress/131574/cyber-warfare-2/fronton-botnet-disinformation.html www.secnews.physaphae.fr/article.php?IdArticle=4777123 False Threat None None Security Affairs - Blog Secu 2022-05-23T13:45:02+00:00 https://securityaffairs.co/wordpress/131569/hacking/paypal-clickjacking-attack.html www.secnews.physaphae.fr/article.php?IdArticle=4775330 False None None None Security Affairs - Blog Secu 2022-05-23T09:04:29+00:00 https://securityaffairs.co/wordpress/131561/hacking/predator-spyware-zero-day-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=4772298 False Threat None None Security Affairs - Blog Secu Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon. Researchers from threat intelligence firm Cyble uncovered a malware campaign targeting the infoSec community. The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit code for an RPC Runtime Library […] ]]> 2022-05-23T06:56:23+00:00 https://securityaffairs.co/wordpress/131553/intelligence/fake-poc-exploits-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=4770925 False Malware,Threat None None Security Affairs - Blog Secu A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Asian media company Nikkei suffered a ransomware attack Russia-linked Sandworm continues to conduct attacks against […] ]]> 2022-05-22T17:32:55+00:00 https://securityaffairs.co/wordpress/131549/breaking-news/security-affairs-newsletter-round-366-by-pierluigi-paganini.html www.secnews.physaphae.fr/article.php?IdArticle=4760568 False Ransomware None None Security Affairs - Blog Secu North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers. North Korea-linked group Lazarus is exploiting the Log4J RCE vulnerability (CVE-2021-44228) to compromise VMware Horizon servers. Multiple threat actors are exploiting this flaw since January, in January VMware urged customers to patch critical Log4j security vulnerabilities impacting Internet-exposed […] ]]> 2022-05-22T15:48:25+00:00 https://securityaffairs.co/wordpress/131483/apt/lazarus-apt-log4j-vmware-servers.html www.secnews.physaphae.fr/article.php?IdArticle=4758896 False Vulnerability,Threat APT 38 None Security Affairs - Blog Secu The Pwn2Own Vancouver 2022 hacking contest ended, Trend Micro and ZDI awarded a total of $1,155,000 for successful attempts! During the third day of the Pwn2Own Vancouver 2022 hacking competition, white hat hackers demonstrated a working exploit against Microsoft Windows 11 OS. nghiadt12 from Viettel Cyber Security demonstrated an exploit for an escalation of privilege via Integer […] ]]> 2022-05-22T09:20:42+00:00 https://securityaffairs.co/wordpress/131539/hacking/pwn2own-vancouver-2022-d3.html www.secnews.physaphae.fr/article.php?IdArticle=4753858 False None None None Security Affairs - Blog Secu The media company Nikkei has disclosed a ransomware attack and revealed that the incident might have impacted customer data. The Japanese-based media company Nikkey is focused on the business and financial industry, it is the world’s largest financial newspaper. This week the company disclosed a security breach, ransomware infected one of its servers at a […] ]]> 2022-05-21T22:21:10+00:00 https://securityaffairs.co/wordpress/131533/data-breach/nikkei-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=4744020 True Ransomware None None Security Affairs - Blog Secu Security researchers from ESET reported that the Russia-linked APT group Sandworm continues to target Ukraine. Security experts from ESET reported that the Russia-linked cyberespionage group Sandworm continues to launch cyber attacks against entities in Ukraine. Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU's Main Center for […] ]]> 2022-05-21T14:31:01+00:00 https://securityaffairs.co/wordpress/131523/apt/sandworm-attacks-against-ukraine.html www.secnews.physaphae.fr/article.php?IdArticle=4736579 False None None 3.0000000000000000 Security Affairs - Blog Secu Cisco addressed a medium-severity vulnerability affecting IOS XR Software, the company warns that the flaw is actively exploited in the wild. Cisco released security updates to address a medium-severity vulnerability affecting IOS XR Software, tracked as CVE-2022-20821 (CVSS score: 6.5), that threat actors are actively exploiting in attacks in the wild. The flaw resides in […] ]]> 2022-05-21T11:14:50+00:00 https://securityaffairs.co/wordpress/131516/security/cisco-ios-xr-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=4733799 False Vulnerability,Threat None None Security Affairs - Blog Secu Taiwanese vendor QNAP warned customers of a new wave of DeadBolt ransomware attacks and urges them to install the latest updates. Taiwanese vendor QNAP is asking users to install the latest update on their NAS devices and avoid exposing them on the Internet. The company issued the alert in response to a new wave of DeadBolt […] ]]> 2022-05-20T22:11:35+00:00 https://securityaffairs.co/wordpress/131494/iot/qnap-nas-deadbolt-ransomware-2.html www.secnews.physaphae.fr/article.php?IdArticle=4721810 False Ransomware None None Security Affairs - Blog Secu During the second day of the Pwn2Own Vancouver 2022 hacking competition, contestants demonstrated a working exploit for Microsoft Windows 11. During the second day of the Pwn2Own Vancouver 2022 hacking competition, white hat hackers demonstrated a working exploit against Microsoft Windows 11 OS. The T0 group demonstrated an exploit for an improper access control flaw […] ]]> 2022-05-20T20:13:17+00:00 https://securityaffairs.co/wordpress/131485/hacking/pwn2own-vancouver-2022-d2.html www.secnews.physaphae.fr/article.php?IdArticle=4720014 False None None None Security Affairs - Blog Secu Microsoft researchers have observed a spike in the activity of the Linux bot XorDdos over the last six months. XORDDoS, also known as XOR.DDoS, first appeared in the threat landscape in 2014 it is a Linux Botnet that was employed in attacks against gaming and education websites with massive DDoS attacks that reached 150 gigabytes per second […] ]]> 2022-05-20T14:36:00+00:00 https://securityaffairs.co/wordpress/131478/hacking/linux-bornet-xorddos-254-surge.html www.secnews.physaphae.fr/article.php?IdArticle=4714823 False Threat None None Security Affairs - Blog Secu The Conti ransomware gang shut down its operation, and some of its administrators announced a branding of the gang. Advanced Intel researcher Yelisey Boguslavskiy announced the that Conti Ransomware gang shuts its infrastructure and some of its administrators announced a rebranding of the popular RaaS operation. The news was reported by BleepingComputer that citing Boguslavskiy confirmed […] ]]> 2022-05-20T10:10:32+00:00 https://securityaffairs.co/wordpress/131464/cyber-crime/conti-ransomware-shut-down.html www.secnews.physaphae.fr/article.php?IdArticle=4711575 False Ransomware None None Security Affairs - Blog Secu Google addressed a high-severity flaw in its OAuth client library for Java that could allow attackers with a compromised token to deploy malicious payloads. Google addressed a high-severity authentication bypass flaw in Google OAuth Client Library for Java, tracked as CVE-2021-22573 (CVS Score 8.7), that could be exploited by an attacker with a compromised token […] ]]> 2022-05-19T17:44:14+00:00 https://securityaffairs.co/wordpress/131459/security/google-oauth-client-library-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=4707534 False None None None Security Affairs - Blog Secu White hat hackers earned a total of $800,000 on the first day of the Pwn2Own Vancouver 2022, $450,000 for exploits targeting Microsoft Teams. Pwn2Own Vancouver 2022 hacking contest has begun, it is the 15th edition of this important event organized by Trend Micro's Zero Day Initiative (ZDI). This year, 17 contestants are attempting to exploit […] ]]> 2022-05-19T15:03:25+00:00 https://securityaffairs.co/wordpress/131453/hacking/pwn2own-vancouver-2022-d1.html www.secnews.physaphae.fr/article.php?IdArticle=4707535 True None None None Security Affairs - Blog Secu A new China-linked cyberespionage group known as ‘Space Pirates’ is targeting enterprises in the Russian aerospace industry. A previously unknown Chinese cyberespionage group, tracked as ‘Space Pirates’, targets enterprises in the Russian aerospace industry with spear-phishing attacks. The group has been active since at least 2017, researchers believe it is linked with other China-linked APT […] ]]> 2022-05-19T12:54:00+00:00 https://securityaffairs.co/wordpress/131440/apt/space-pirates-targets-space-industry.html www.secnews.physaphae.fr/article.php?IdArticle=4706781 False None None None Security Affairs - Blog Secu CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 vulnerabilities by May 23, 2022. The Cybersecurity and Infrastructure Security Agency (CISA) issued the Emergency Directive 22-03 to order federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws or to remove the affected products from their networks by May 23, 2022. The list of impacted […] ]]> 2022-05-19T06:13:42+00:00 https://securityaffairs.co/wordpress/131436/security/cisa-orders-federal-agencies-to-vmware-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=4702152 False None None None Security Affairs - Blog Secu VMware addressed a critical authentication bypass vulnerability “affecting local domain users” in multiple products. The virtualization giant warns that a threat actor can exploit the flaw, tracked as CVE-2022-22972 (CVSSv3 base score of 9.8), to obtain admin privileges and urges customers to install patches immediately. “This critical vulnerability should be patched or mitigated immediately per the […] ]]> 2022-05-18T21:29:54+00:00 https://securityaffairs.co/wordpress/131429/security/vmware-critical-auth-bypass-issue.html www.secnews.physaphae.fr/article.php?IdArticle=4694633 False Vulnerability,Threat None None Security Affairs - Blog Secu Microsoft warns of brute-forcing attacks targeting Microsoft SQL Server (MSSQL) database servers exposed online. Microsoft warns of a new hacking campaign aimed at MSSQL servers, threat actors are launching brute-forcing attacks against poorly protected instances. The attacks are using the legitimate tool sqlps.exe, a sort of SQL Server PowerShell file, as a LOLBin (short for living-off-the-land binary). Microsoft warned of […] ]]> 2022-05-18T20:04:37+00:00 https://securityaffairs.co/wordpress/131418/hacking/mssql-servers-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=4692993 False Tool,Threat None None Security Affairs - Blog Secu Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns of the rise of cryware, malicious software used to steal info an dfunds from non-custodial cryptocurrency wallets, also known as hot wallets. Data stolen from this kind of malware includes private keys, seed phrases, and […] ]]> 2022-05-18T14:37:54+00:00 https://securityaffairs.co/wordpress/131406/malware/microsoft-warns-cryware.html www.secnews.physaphae.fr/article.php?IdArticle=4689032 False Malware,Threat None None Security Affairs - Blog Secu The Conti ransomware gang is threatening to ‘overthrow’ the new government of Costa Rica after last month’s attack. Last month, the Conti ransomware gang claimed responsibility for the attack on Costa Rica government infrastructure after that the government refused to pay a ransom. “The Costa Rican state will not pay anything to these cybercriminals.” said […] ]]> 2022-05-18T09:54:41+00:00 https://securityaffairs.co/wordpress/131399/cyber-crime/conti-ransomware-overthrow-costa-rica.html www.secnews.physaphae.fr/article.php?IdArticle=4684748 False Ransomware None None Security Affairs - Blog Secu Researchers spotted a new variant of the UpdateAgent macOS malware dropper that was employed in attacks in the wild. Researchers from the Jamf Threat Labs team have uncovered a new variant of the UpdateAgent macOS malware dropper. The new version is written in Swift and relies on the AWS infrastructure to host its malicious payloads.  […] ]]> 2022-05-18T07:41:40+00:00 https://securityaffairs.co/wordpress/131391/malware/updateagent-macos-malware-swift.html www.secnews.physaphae.fr/article.php?IdArticle=4682929 False Malware,Threat None None Security Affairs - Blog Secu The U.S. Justice Department accused a 55-year-old Venezuelan cardiologist of operating and selling the Thanos ransomware. The U.S. Justice Department accused Moises Luis Zagala Gonzalez, a 55-year-old cardiologist from Venezuela, of operating and selling the Thanos ransomware. Thanos ransomware (a.k.a. Hakbit ransomware) has been developed by Nosophoros (aka Aesculapius, and Nebuchadnezzar), a threat actor offering for sale the malware […] ]]> 2022-05-17T19:10:57+00:00 https://securityaffairs.co/wordpress/131382/cyber-crime/venezuelan-man-accused-thanos-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=4672141 False Ransomware,Malware,Threat None None Security Affairs - Blog Secu Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data from infected devices. The malicious apps are able to steal credentials, Facebook cookies, and other personally identifiable information. Some […] ]]> 2022-05-17T11:43:14+00:00 https://securityaffairs.co/wordpress/131370/malware/facestealer-info-stealer-play-store.html www.secnews.physaphae.fr/article.php?IdArticle=4665792 False None None None Security Affairs - Blog Secu US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency added the recently disclosed remote code execution bug, tracked as CVE-2022-30525, affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk […] ]]> 2022-05-17T07:11:06+00:00 https://securityaffairs.co/wordpress/131363/hacking/cisa-cve-2022-30525-known-exploited-vulnerabilities-catalog.html www.secnews.physaphae.fr/article.php?IdArticle=4663547 True None None None Security Affairs - Blog Secu Researchers spotted a threat actor using a custom PowerShell RAT targeting German users to gain intelligence on the Ukraine crisis. Malwarebytes experts uncovered a campaign that targets German users with custom PowerShell RAT targeting. The threat actors attempt to trick victims into opening weaponized documents by using the current situation in Ukraine as bait. The […] ]]> 2022-05-17T05:19:04+00:00 https://securityaffairs.co/wordpress/131353/intelligence/powershell-rat-targets-germany-ukraine-bait.html www.secnews.physaphae.fr/article.php?IdArticle=4663123 False Threat None None Security Affairs - Blog Secu Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone is “off.” A team of researchers from the Secure Mobile Networking Lab (SEEMOO) at the Technical University of Darmstadt demonstrated a technique to tamper with the firmware and load malware onto a chip while an […] ]]> 2022-05-16T14:48:12+00:00 https://securityaffairs.co/wordpress/131336/hacking/malware-execution-iphone-turned-off.html www.secnews.physaphae.fr/article.php?IdArticle=4657131 False Malware None None Security Affairs - Blog Secu A 28-year-old Ukrainian national has been sentenced to four years in prison for selling access to hacked servers. Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old Ukrainian national, has been sentenced to four years in prison for selling access to comprised servers on the dark web. The man was arrested in Poland in October 2020 and pleaded guilty […] ]]> 2022-05-16T10:36:47+00:00 https://securityaffairs.co/wordpress/131329/cyber-crime/ukrainian-national-jail-selling-access-hacked-servers.html www.secnews.physaphae.fr/article.php?IdArticle=4655354 True Guideline None None Security Affairs - Blog Secu Researchers from threat intelligence firm Cyble analyzed the Eternity Project Tor website which offers any kind of malicious code. Researchers at cybersecurity firm Cyble analyzed a Tor website named named 'Eternity Project’ that offers for sale a broad range of malware, including stealers, miners, ransomware, and DDoS Bots. The experts discovered the marketplace during a […] ]]> 2022-05-16T05:28:25+00:00 https://securityaffairs.co/wordpress/131317/malware/eternity-project-malware-listings.html www.secnews.physaphae.fr/article.php?IdArticle=4653098 False Ransomware,Threat None None Security Affairs - Blog Secu This post provides a timeline of the events related to Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the ongoing Russia invasion that occurred in the previous weeks: May 14 – The LEGION collective calls to action to attack the final of the Eurovision song […] ]]> 2022-05-15T16:47:51+00:00 https://securityaffairs.co/wordpress/131308/cyber-warfare-2/may-08-may-14-ukraine-russia-the-silent-cyber-conflict.html www.secnews.physaphae.fr/article.php?IdArticle=4639903 True None None None Security Affairs - Blog Secu A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. The LEGION collective calls to action to attack the final of the Eurovision song contest […] ]]> 2022-05-15T14:34:10+00:00 https://securityaffairs.co/wordpress/131304/breaking-news/security-affairs-newsletter-round-365-by-pierluigi-paganini.html www.secnews.physaphae.fr/article.php?IdArticle=4637877 False None None None Security Affairs - Blog Secu Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign conducted by Armageddon APT using GammaLoad.PS1_v2 malware. Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign using messages with subject “On revenge in Kherson!” and containing the “Plan Kherson.htm” attachment. The HTM-file will decode and create an archive named “Herson.rar”, which contains a file-shortcut […] ]]> 2022-05-15T12:48:16+00:00 https://securityaffairs.co/wordpress/131296/breaking-news/cert-ua-warns-armageddon-apt.html www.secnews.physaphae.fr/article.php?IdArticle=4635850 False None None None Security Affairs - Blog Secu Microsoft reported that the Sysrv botnet is targeting Windows and Linux servers exploiting flaws in the Spring Framework and WordPress. Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. Threat actors use the botnet in a cryptomining campaign targeting Windows […] ]]> 2022-05-15T11:25:31+00:00 https://securityaffairs.co/wordpress/131290/cyber-crime/microsoft-sysrv-botnet-new-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=4634838 False Threat None None Security Affairs - Blog Secu The Pro-Russian volunteer movement known as LEGION is calling to launch DDoS attacks against the final of the Eurovision song contest. The LEGION is a Pro-Russian volunteer movement that focuses on DDOS attacks. The group made the headlines for attacks against Western organizations and governments, including NATO countries and Ukraine. This week the Pro-Russian hacker group […] ]]> 2022-05-14T16:45:53+00:00 https://securityaffairs.co/wordpress/131280/hacktivism/legion-collective-call-attack-eurovision.html www.secnews.physaphae.fr/article.php?IdArticle=4615070 False None None None Security Affairs - Blog Secu Another week has passed and Anonymous has hacked other Russian companies and leaked their data via DDoSecrets. The #OpRussia launched by Anonymous on Russia after the criminal invasion of Ukraine continues, the collective claims to have hacked multiple organizations and government entities. The hacktivists leaked the stolen data via DDoSecrets. Below is the list of […] ]]> 2022-05-14T14:45:51+00:00 https://securityaffairs.co/wordpress/131264/hacktivism/anonymous-oprussia-updates.html www.secnews.physaphae.fr/article.php?IdArticle=4612967 False None None None Security Affairs - Blog Secu Pro-Russian hacker group Killnet targeted the websites of several Italian institutions, including the senate and the National Institute of Health. A group of Pro-Russian hackers known as “Killnet” launched an attack against multiple websites of several Italian institutions, including the senate, the National Institute of Health, and the Automobile Club d’Italia (ACI), the national drivers’ […] ]]> 2022-05-14T13:00:21+00:00 https://securityaffairs.co/wordpress/131256/hacktivism/pro-russian-hacktivists-target-italy.html www.secnews.physaphae.fr/article.php?IdArticle=4610853 False None None None Security Affairs - Blog Secu SonicWall warns customers to address several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products. SonicWall urges customers to address several high-risk security vulnerabilities affecting its Secure Mobile Access (SMA) 1000 Series line of products. An attacker can exploit the vulnerabilities to bypass authorization and, potentially, compromise vulnerable devices. The first issue, tracked as […] ]]> 2022-05-13T21:30:47+00:00 https://securityaffairs.co/wordpress/131247/security/sonicwall-urges-customers-to-fix-sma-1000-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=4593546 False None None None Security Affairs - Blog Secu 2022-05-13T14:52:37+00:00 https://securityaffairs.co/wordpress/131243/hacking/zyxel-critical-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=4591010 False Vulnerability None None Security Affairs - Blog Secu 2022-05-13T06:52:53+00:00 https://securityaffairs.co/wordpress/131218/apt/iran-cobalt-mirage-ransomware-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=4589476 False Ransomware,Threat APT 15,APT 15 4.0000000000000000 Security Affairs - Blog Secu 2022-05-12T20:52:17+00:00 https://securityaffairs.co/wordpress/131221/cyber-crime/nerbian-rat-uses-covid-19-lure.html www.secnews.physaphae.fr/article.php?IdArticle=4586272 False Malware None 2.0000000000000000 Security Affairs - Blog Secu 2022-05-12T13:57:50+00:00 https://securityaffairs.co/wordpress/131202/hacking/wordpress-websites-hacking-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=4583859 False None None 3.0000000000000000 Security Affairs - Blog Secu 2022-05-12T12:00:08+00:00 https://securityaffairs.co/wordpress/131196/hacking/f5-traffix-sdc-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=4583171 False None None 3.0000000000000000 Security Affairs - Blog Secu 2022-05-12T10:10:25+00:00 https://securityaffairs.co/wordpress/131190/security/five-eyes-agencies-warn-attacks-msps.html www.secnews.physaphae.fr/article.php?IdArticle=4582597 False None None 3.0000000000000000 Security Affairs - Blog Secu 2022-05-11T21:45:31+00:00 https://securityaffairs.co/wordpress/131183/security/cisa-cve-2022-1388-known-exploited-vulnerabilities-catalog.html www.secnews.physaphae.fr/article.php?IdArticle=4580191 True None None 3.0000000000000000 Security Affairs - Blog Secu 2022-05-11T06:11:18+00:00 https://securityaffairs.co/wordpress/131175/security/microsoft-patch-tuesday-updates-for-may-2022.html www.secnews.physaphae.fr/article.php?IdArticle=4576327 False None None 3.0000000000000000 Security Affairs - Blog Secu 2022-05-11T06:03:47+00:00 https://securityaffairs.co/wordpress/131168/cyber-warfare-2/russia-behind-attacks-on-ukraine.html www.secnews.physaphae.fr/article.php?IdArticle=4576218 False None None 3.0000000000000000 Security Affairs - Blog Secu 2022-05-10T14:29:10+00:00 https://securityaffairs.co/wordpress/131159/hacking/azure-synapse-rce.html www.secnews.physaphae.fr/article.php?IdArticle=4572712 False Vulnerability None 2.0000000000000000 Security Affairs - Blog Secu 2022-05-10T06:55:14+00:00 https://securityaffairs.co/wordpress/131144/hacking/hacktivists-hacked-russian-tv-schedules-victory-day.html www.secnews.physaphae.fr/article.php?IdArticle=4571358 False None None 3.0000000000000000 Security Affairs - Blog Secu 2022-05-10T06:41:59+00:00 https://securityaffairs.co/wordpress/131132/hacking/big-ip-cve-2022-1388-exploitation.html www.secnews.physaphae.fr/article.php?IdArticle=4571359 False Threat None 4.0000000000000000 Security Affairs - Blog Secu 2022-05-10T06:04:58+00:00 https://securityaffairs.co/wordpress/131136/cyber-crime/frappo-phishing-as-a-service.html www.secnews.physaphae.fr/article.php?IdArticle=4571243 False None None 4.0000000000000000 Security Affairs - Blog Secu 2022-05-09T15:53:48+00:00 https://securityaffairs.co/wordpress/131122/cyber-crime/dcrat-cheap-rat.html www.secnews.physaphae.fr/article.php?IdArticle=4568462 False None None 3.0000000000000000