Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass. cyber agencies warned.

Data collection 342

Data collection Authentication Access Cybersecurity 342

Security Affairs

DECEMBER 5, 2024

Security Operations Center (SOC) analyst burnout is a very real problem. Research published in Dark Reading in 2022 revealed that 70% experience burnout, and 65% said they were likely to change jobs in the next year. The two key problems are: Alert Overload Modern security environments generate an extraordinary number of alerts.

Cybersecurity 340

Cybersecurity Artificial Intelligence Risk Data collection 340

Security Affairs

JANUARY 24, 2025

Lumen experts also mentioned another variant of cd00r, codenamed SEASPY , that was used in a campaign targeting Barracuda Email Security Gateway (ESG) appliances that dates back in 2022. However, there is no evidence that the two campaigns are linked. ” concludes the report.

Encryption 304

Encryption Access Security IT 304

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett). critical infrastructure sectors.“

Cybersecurity 308

Cybersecurity IoT Risk IT 308

Security Affairs

NOVEMBER 13, 2024

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

e-Discovery 308

e-Discovery Communications Ransomware Government 308

Security Affairs

OCTOBER 16, 2024

However, the Brazilian national turned into more complex cybercriminal activities by 2022. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017.

Data breaches 318

Data breaches Cybersecurity Risk IT 318

Security Affairs

APRIL 25, 2024

CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

IT 353

IT Education Cybersecurity Risk 353

Security Affairs

AUGUST 14, 2024

Patch Tuesday security updates for August 2024 addressed 90 vulnerabilities in Microsoft products including Windows and Windows Components; Office and Office Components; NET and Visual Studio; Azure; Co-Pilot; Microsoft Dynamics; Teams; and Secure Boot and others, bringing the total to 102 when including third-party bugs.

Security 352

Security IT Information Security 352

Security Affairs

MARCH 5, 2025

On October 14, 2022, Tata Power, Indias largest power generation company, announced a cyber attack hit its infrastructure. The company confirmed that the security breach impacted some of its IT systems. The gang claims to have breached the corporate network on October 3rd, 2022. TB of data stored in over 730,000 files.

Ransomware 270

Ransomware Manufacturing IT Security 270

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Government 287

Government IT Access Information Security 287

Security Affairs

SEPTEMBER 8, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Security 288

Security Insurance Ransomware Government 288

Security Affairs

MARCH 20, 2025

The use of popular instant messaging apps on both mobile and desktop devices broadens the attack surface, creating uncontrolled information exchange channels that bypass security measures. DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched.

Computer and Electronics 270

Computer and Electronics Archiving Passwords Government 270

IT Governance

OCTOBER 23, 2024

What to do when your ‘supply chain’ is really a ‘supply loop’ When I asked Bridget Kenyon – CISO (chief information security officer) for SSCL, lead editor for ISO 27001:2022 and author of ISO 27001 Controls – what she’d like to cover in an interview, she suggested supply chain security. How can you secure a ‘supply loop’?

Security 108

Security Information Security Risk Access 108

Security Affairs

FEBRUARY 8, 2024

26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technolog y. Cyber Insurance: US cyber insurance premiums soared by 50% in 2022, reaching $7.2 million unfilled cyber security jobs, showing a big need for skilled professionals. million, up 15% in three years.

Security 355

Security Phishing IoT Ransomware 355

Data Breach Today

MARCH 26, 2025

UK ICO Says Advanced's Security Measures 'Fell Seriously Short' A British IT service company must pay a 3.07 million pound fine for a 2022 ransomware hack that exposed medical records of tens of thousands of National Health Service patients.

Ransomware 147

Ransomware Authentication Security IT 147

Security Affairs

SEPTEMBER 11, 2024

The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM). ” reads the advisory published by the company. High) CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Critical) CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Critical) CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Authentication 326

Authentication IT IoT Security 326

Security Affairs

SEPTEMBER 8, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Managing Cybersecurity in the Age of Artificial Intelligence Clearview AI Faces €30.5M

Security 307

Security Data breaches Artificial Intelligence Ransomware 307

Security Affairs

JUNE 27, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog. in April 2022. Technical details and PoC exploit code are publicly available since August 2022. Linux Kernel Flaw CVE-2022-2586 (CVSS score of 7.8)

IT 307

IT Cybersecurity Risk Security 307

Security Affairs

MAY 23, 2024

Ivanti this week rolled out security patches to address multiple critical vulnerabilities in the Endpoint Manager (EPM). AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H The vulnerabilities impact 2022 SU5 and earlier versions. AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H The vulnerabilities impact 2022 SU5 and earlier versions.

Authentication 324

Authentication Security Information Security IT 324

Security Affairs

SEPTEMBER 8, 2023

Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. The state-sponsored hackers exploited the CVE-2022-47966 RCE vulnerability in Zoho ManageEngine. reads the advisory.

Cybersecurity 353

Cybersecurity Access Security Encryption 353

Security Affairs

JULY 4, 2024

The company confirmed it has already secured the vulnerable endpoint. We have taken action to secure this endpoint and no longer allow unauthenticated requests.” ” reads a security update published by the company. The company has more than 5,000 employees in 17 countries, and its revenues in 2021 are US$2.84

Authentication 333

Authentication Phishing Communications Access 333

Security Affairs

DECEMBER 6, 2023

Cybersecurity and Infrastructure Security Agency (CISA) adds four Qualcomm vulnerabilities to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added Qualcomm vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

IT 340

IT Cybersecurity Risk Security 340

Security Affairs

NOVEMBER 21, 2024

He is accused of stealing at least $800,000 from five victims between August 2022 and March 2023. Urban, known online as “Sosa” and “King Bob,” is linked to the same group that hacked Twilio and other companies in 2022. In January 2024, U.S.

Phishing 276

Phishing Access Passwords Ransomware 276

Security Affairs

JUNE 5, 2024

TikTok spokesperson Alex Haurek stated that their security team is aware of the exploit and has taken measures to stop the attack and prevent future incidents. “Our security team is aware of a potential exploit targeting a number of brand and celebrity accounts.

Access 336

Access Security IT Information Security 336

Security Affairs

OCTOBER 14, 2024

Law enforcement agencies from the United Kingdom, United States, and Ireland participated in the operation that began towards the end of 2022. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing 317

Marketing IT Information Security Security 317

Security Affairs

SEPTEMBER 29, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 292

Security Ransomware Phishing Cybersecurity 292

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums. is forum for $15,000.

Ransomware 353

Ransomware Cybersecurity Sales Security 353

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. ” Orn advertising Araneida Scanner in Feb. 2023 on the forum Cracked.

IT 229

IT Data breaches Cloud Passwords 229

Security Affairs

MAY 16, 2024

MediSecure is a company that provides digital health solutions, particularly focusing on secure electronic prescription delivery services in Australia. “MediSecure has identified a cyber security incident impacting the personal and health information of individuals. ” reads the statement published by the company.

Ransomware 329

Ransomware e-Delivery Data breaches Insurance 329

Krebs on Security

JUNE 15, 2024

. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “ Sosa ” and “ King Bob, ” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Phishing 333

Phishing Passwords Authentication Encryption 333

Security Affairs

JANUARY 23, 2024

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The man is responsible for the cyber attacks that in 2022 hit the Australian insurance provider Medibank. “ In November 2022, Medibank announced that personal data belonging to around 9.7M

Government 343

Government Insurance Ransomware Data breaches 343

Security Affairs

SEPTEMBER 11, 2024

The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM). ” reads the advisory published by the company. High) CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Critical) CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Critical) CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Authentication 279

Authentication IT IoT Access 279

Security Affairs

OCTOBER 4, 2023

Software giant Atlassian released emergency security updates to address a critical zero-day vulnerability, tracked as CVE-2023-22515 (CVSS score 10), in its Confluence Data Center and Server software. Atlassian fixed a critical zero-day flaw in its Confluence Data Center and Server software, which has been exploited in the wild.

Mining 357

Mining Access Authentication Cloud 357

Security Affairs

JANUARY 30, 2024

The Qualys Threat Research Unit discovered four security vulnerabilities in the GNU Library C (glibc) , including a heap-based buffer overflow tracked as CVE-2023-6246. in August 2022. “This vulnerability was introduced in glibc 2.37 (in August 2022) by the following commit: [link] and was also backported to glibc 2.36

Libraries 345

Libraries Access Security IT 345

Security Affairs

SEPTEMBER 10, 2024

Poland ‘s security officials announced that they successfully thwarted cyberattacks that were carried out by Russia and Belarus. In August 2023, Poland’s Internal Security Agency (ABW) and national police launched an investigation into a hacking attack on the state’s railway network.

Ransomware 324

Ransomware Government Military Security 324