Security Affairs

NOVEMBER 18, 2024

The security breach poses a major national security risk. The WSJ states that the compromise remained undisclosed due to possible impact on national security. The security breach impacted a limited number of customers, only 836 individuals. Experts believe that threat actors are aimed at gathering intelligence.

Data breaches 282

Data breaches Communications Artificial Intelligence Government 282

Security Affairs

JANUARY 4, 2025

The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. In September 2024, cybersecurity researchers from Lumens Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices.

Cybersecurity 306

Cybersecurity IoT Risk IT 306

Security Affairs

OCTOBER 23, 2024

The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds. The federal securities laws prohibit half-truths, and there is no exception for statements in risk-factor disclosures.”

Cybersecurity 286

Cybersecurity Risk Access Government 286

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Security 360

Security Phishing Information Security Communications 360

Data Breach Today

JUNE 23, 2023

Bart Kalsu, Tim Brown Could Face Monetary Penalties, Public Company Officer Ban The Securities and Exchange Commission accused SolarWinds CFO Bart Kalsu and CISO Tim Brown of violating securities laws in their response to the 2020 cyberattack.

Security 300

Security 300

Security Affairs

NOVEMBER 5, 2024

” reads the report published by Mandiant, the company that helped Snowflake to investigate the security breach. Mandiant reported that many stolen credentials dated back to 2020. Snowflake is a multi-cloud data warehousing platform used to store and analyze large amounts of structured and unstructured data.”

Unstructured data 302

Unstructured data Cloud Sales Security 302

Security Affairs

NOVEMBER 26, 2024

Since learning of the security breach, the company immediately started incident response procedure with the help of external cybersecurity firms, including CrowdStrike. ” The incident response team is working to recover impacted systems and investigate the security breach.

Ransomware 290

Ransomware Retail Manufacturing Cloud 290

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. million unfilled cyber security jobs, showing a big need for skilled professionals. Market Growth: AI cyber security technology is projected to grow by 23.6%

Security 354

Security Phishing IoT Ransomware 354

IT Governance

OCTOBER 23, 2024

What to do when your ‘supply chain’ is really a ‘supply loop’ When I asked Bridget Kenyon – CISO (chief information security officer) for SSCL, lead editor for ISO 27001:2022 and author of ISO 27001 Controls – what she’d like to cover in an interview, she suggested supply chain security. How can you secure a ‘supply loop’?

Security 108

Security Information Security Risk Access 108

Security Affairs

DECEMBER 2, 2021

Cybersecurity and Infrastructure Security Agency (CISA) has updated its catalog of actively exploited vulnerabilities recommending federal agencies to address the flaws in Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software within specific timeframes and deadlines. This vulnerability must be addressed by June 1th 2022.

Cybersecurity 364

Cybersecurity Authentication Security Risk 364

Security Affairs

JANUARY 12, 2022

US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint alert to warn critical infrastructure operators about threats from Russian state-sponsored hackers. ” reads the joint alert. Pierluigi Paganini.

Cybersecurity 358

Cybersecurity Risk Government Phishing 358

Security Affairs

FEBRUARY 18, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 327

Security Ransomware Data breaches Libraries 327

Security Affairs

NOVEMBER 6, 2024

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The government is taking action to address the specific national security risks related to ByteDance Ltd.’s The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc.

Security 294

Security Government Risk Data collection 294

Security Affairs

OCTOBER 16, 2024

The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). However, the Brazilian national turned into more complex cybercriminal activities by 2022. The man used of the same email and phrases across social media and forums.

Data breaches 316

Data breaches Cybersecurity Risk IT 316

Security Affairs

FEBRUARY 20, 2025

The experts believe threat actors exploited the zero-dayCVE-2024-24919 in Check Point Security Gateways with Remote Access VPN or Mobile Access features. “On May 28, 2024 we discovered a vulnerability in Security Gateways with IPsec VPN in Remote Access VPN community and the Mobile Access software blade (CVE-2024-24919).

Ransomware 214

Ransomware Healthcare Encryption Access 214

Security Affairs

APRIL 13, 2022

According to the advisory published by Apache, the issue addressed by the organization is a critical flaw in Apache Struts linked to a previous OGNL Injection flaw ( CVE-2020-17530 ) that wasn’t properly fixed. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation.”.

Security 362

Security Cybersecurity IT Information Security 362

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. In early 2020, Exorn promoted a website called “ orndorks[.]com

IT 238

IT Data breaches Cloud Passwords 238

Security Affairs

OCTOBER 1, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link DIR-820 Router, DrayTek Multiple Vigor Router, Motion Spell GPAC, SAP Commerce Cloud bugs to its Known Exploited Vulnerabilities catalog. CVE-2020-15415 is an OS command injection vulnerability in DrayTek Multiple Vigor Routers.

Cloud 316

Cloud IT IoT Cybersecurity 316

Security Affairs

SEPTEMBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog. CVE-2020-14644 vulnerability (CVSS score of 9.8) CVE-2020-0618 vulnerability (CVSS score of 7.8)

IT 330

IT Cybersecurity Access Risk 330

Security Affairs

FEBRUARY 16, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Exchange and Cisco ASA and FTD bugs to its Known Exploited Vulnerabilities catalog. Cisco addressed the flaw in May 2020. “An attacker could target an NTLM client such as Outlook with an NTLM credentials-leaking type vulnerability.

IT 343

IT Cybersecurity Authentication Risk 343

Data Breach Today

OCTOBER 5, 2023

2020 Ransomware Incident Affected 13,000 Customers, Millions of Individuals Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack.

Ransomware 305

Ransomware Security IT 305

Security Affairs

SEPTEMBER 30, 2024

. “Robert Westbrook, 39, of London, United Kingdom, was arrested in the United Kingdom this week with a view towards extradition to the United States so that he can face an indictment charging him with securities fraud, wire fraud, and five counts of computer fraud.” ” reads the press release published by SEC.

Passwords 342

Passwords Security Information Security IT 342

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved. In a filing with the U.S.

Phishing 332

Phishing Passwords Authentication Security 332

Security Affairs

SEPTEMBER 12, 2023

Software giant Adobe is warning of a critical security vulnerability in the PDF Acrobat and Reader that is actively exploited in the wild. Adobe Patch Tuesday security updates (APSB23-34) addressed a critical zero-day vulnerability actively exploited in the wild in attacks on Adobe Acrobat and Reader products.

Security 332

Security Information Security IT 332

Security Affairs

JUNE 27, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog. Roundcube Webmail CVE-2020-13965 (CVSS score of 6.1) Roundcube addressed the flaw in June 2020, and PoC code was released shortly thereafter. and 1.3.12.

IT 306

IT Cybersecurity Risk Security 306

Security Affairs

OCTOBER 5, 2023

The research of zero-day exploits for popular applications such as WhatsApp is even more complex due to the security mechanisms implemented by the developers of the mobile OSs and the app. TechCrunch reported that a working zero-day exploit for the popular WhatsApp can be paid millions of dollars.

Marketing 351

Marketing Libraries Sales Government 351

Security Affairs

DECEMBER 29, 2021

T-Mobile has suffered another security breach, threat actors gained access to the accounts of “a small number of” customers.’. Unfortunately, this is the last incident in order of time suffered by the company, below is the list of previous incidents: In August 2021, a security breach impacted 54 million customers. Pierluigi Paganini.

Data breaches 362

Data breaches Access Security Information Security 362

Security Affairs

SEPTEMBER 21, 2023

The recently discovered Free Download Manager (FDM) supply chain attack, which distributed Linux malware, started back in 2020. The maintainers of Free Download Manager (FDM) confirmed that the recently discovered supply chain attack dates back to 2020. collect) that launches the /var/tmp/crond file every 10 minutes.”

Libraries 313

Libraries Passwords Access Security 313

Security Affairs

JUNE 21, 2022

Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia since at least December 2020. Researchers from Kaspersky have linked a new APT group, tracked as ToddyCat, to a series of attacks aimed at high-profile entities in Europe and Asia since at least December 2020.

Military 361

Military Security Cybersecurity IT 361

Security Affairs

SEPTEMBER 18, 2023

Microsoft AI researchers accidentally exposed 38TB of sensitive data via a public GitHub repository since July 2020. The Microsoft AI research team started publishing data in July 2020. Due to a lack of monitoring and governance, SAS tokens pose a security risk, and their usage should be as limited as possible.”

Risk 350

Risk Passwords Access Cloud 350

Security Affairs

NOVEMBER 16, 2023

The security breach was discovered on November 13, 2023, and impacted customers who made purchases from the Samsung UK online store between July 1, 2019, and June 30, 2020. “Dear Valued Customer, At Samsung Electronics (UK) Limited, security is a top priority. US customers were not impacted by the security breach.

Data breaches 347

Data breaches Access Archiving Passwords 347

Security Affairs

OCTOBER 3, 2022

The Finnish Security Intelligence Service ( SUPO ) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish Security Intelligence Service ( Suojelupoliisi or SUPO ) warn of a highly likely intensification of cyberespionage activities conducted by Russia-linked threat actors over the winter.

Manufacturing 355

Manufacturing Access Security Government 355

Security Affairs

MAY 30, 2022

The first version of the bot exploits tens of known vulnerabilities including: CVE-2020-17456 vulnerability affecting SEOWON INTECH SLC-130 and SLR-120S routers; CVE-2018-10823 flaw an older D-Link routers (DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01). .”

CMS 363

CMS IoT Security Passwords 363

Data Breach Today

FEBRUARY 1, 2024

FTC Is Latest Agency to Rebuke Fundraising Firm for Lax Security in 2020 Attack The Federal Trade Commission is the latest regulatory agency taking action against fundraising and customer relationship management software provider Blackbaud in the aftermath of a 2020 ransomware incident that compromised the data of tens of thousands of clients and millions (..)

Ransomware 279

Ransomware Security 279