Security Affairs

JUNE 7, 2024

The campaign seems to have been active since at least October 2023, it initially targeted a limited number of customers/organizations but recently became widespread. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

File names 339

File names Passwords Access Cloud 339

Security Affairs

NOVEMBER 18, 2024

In 2023, the carrier disclosed two data breaches , one in January and another in May. In May 2023, T-Mobile threat actors had access to the personal information of hundreds of customers starting in late February 2023. The bad news is that this isn’t the first incident suffered by T-Mobile.

Data breaches 279

Data breaches Communications Artificial Intelligence Government 279

Security Affairs

DECEMBER 23, 2024

The decision stems from a March 2023 investigation and aligns with the EDPB’s guidance on AI-driven services and personal data processing. ” reads the press release published by Italy’s Garante.

Artificial Intelligence 266

Artificial Intelligence Personal data Data collection Privacy 266

Security Affairs

MAY 25, 2024

The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update about the December 2023 attack. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks.

Communications 315

Communications Risk Access Security 315

Security Affairs

DECEMBER 19, 2024

Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerability, tracked as CVE-2023-34990 (CVSS score of 9.6), that could lead to admin access and sensitive information disclosure. The researcher also noticed that the vulnerability CVE-2023-34990 can be chained with CVE-2023-48782 (CVSS score of 8.8) through 8.6.5

Authentication 260

Authentication Education Access IT 260

Security Affairs

JANUARY 31, 2025

In October 2024, VMware warned customers of the availability of a proof-of-concept (PoC) exploit code for another authentication bypass vulnerability, tracked as CVE-2023-34051 , in VMware Aria Operations for Logs (formerly known as vRealize Log Insight). The vulnerability CVE-2023-34051 (CVSS score 8.1)

Authentication 263

Authentication Cloud Cybersecurity Access 263

Security Affairs

JANUARY 4, 2025

According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. and European entities, exploiting VPNs and RDPs, including a California-based organization’s servers.

Cybersecurity 302

Cybersecurity IoT Risk IT 302

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. In December 2023, the Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon.

e-Discovery 302

e-Discovery Communications Ransomware Government 302

Security Affairs

FEBRUARY 4, 2025

Netgear addressed two critical vulnerabilities, internally tracked as PSV-2023-0039 and PSV-2021-0117 , impacting multiple WiFi router models and urged customers to install the latest firmware. Netgear disclosed two critical flaws impacting multiple WiFi router models and urges customers to address them. ” reads the advisory.

Authentication 269

Authentication Security IT Information Security 269

Security Affairs

OCTOBER 14, 2024

The Bohemia marketplace ceased operations in late 2023 due to service disruptions, while its members suspected an exit scams of a rogue developer. At the time of its shut down, Bohemia hosted 82,000 daily ads and handled around 67,000 transactions monthly, with a turnover of €12 million in September 2023 alone.

Marketing 312

Marketing IT Information Security Security 312

Security Affairs

FEBRUARY 27, 2025

Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023. Chinese hackers gained access to the VSSE’s email server between 2021 and May 2023, stealing 10% of staff incoming and outgoing emails. ” reported Reuters.

Security 174

Security Access Government Cybersecurity 174

Security Affairs

JANUARY 16, 2025

The law firm Wolf Haldenstein disclosed a 2023 data breach that exposed the personal information of nearly 3.5 The security breach occurred on December 13, 2023, but the company discovered the incident only on April 18, 2024, and has only now disclosed it due to the complexity of the digital forensic investigation. million individuals.

Data breaches 236

Data breaches Data collection Data Privacy Cybersecurity 236

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 337

Data collection Authentication Access Cybersecurity 337

Krebs on Security

NOVEMBER 1, 2024

In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware. SecureWorks said these attacks had been going on since at least March 2023. million phishing attempts in 2023.” A scan of social media networks showed this is not an uncommon scam.

Phishing 260

Phishing Artificial Intelligence Authentication Cloud 260

Data Breach Today

JULY 5, 2024

Hacker had Unauthorized Access to Data on Designs for New AI Use Cases A hacker reportedly stole information on OpenAI's new technologies last year by breaking into the company's internal messaging systems. The messages comprised details of designs for new AI technologies, the New York Times said.

Access 311

Access IT 311

Security Affairs

APRIL 9, 2024

running on OLED55A23LA Below is the disclosure timeline: November 01, 2023: Vendor disclosure November 15, 2023: Vendor confirms the vulnerabilities. running on OLED55A23LA Below is the disclosure timeline: November 01, 2023: Vendor disclosure November 15, 2023: Vendor confirms the vulnerabilities. Sweden, and Finland.

Authentication 348

Authentication Libraries Access Information Security 348

Security Affairs

JANUARY 24, 2025

Earliest evidence dates to September 2023, but the experts have yet to determine the initial access method. It activates upon detecting a “magic packet” with predefined parameters, enabling attackers to establish a reverse shell, control devices, steal data, or deploy malware.

Encryption 299

Encryption Access Security IT 299

Security Affairs

MARCH 24, 2025

The Cloak ransowmare group has been active since at least 2023 and breached more than one hundred organizations across the years. Initially, the group published screenshots of stolen data as proof of the attack, now the whole archive can be downloaded from the leak page. ” reads a report published by Halcyon.

Ransomware 253

Ransomware Manufacturing Paper Archiving 253

Security Affairs

OCTOBER 11, 2024

OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. OpenAI announced the disruption of over 20 cyber and influence operations this year, involving Iranian and Chinese state-sponsored hackers.

Phishing 337

Phishing Passwords Security IT 337

Krebs on Security

DECEMBER 19, 2024

Rumors of a cracked version of Acunetix being used by attackers surfaced in June 2023 on Twitter/X , when researchers first posited a connection between observed scanning activity and Araneida. According to an August 2023 report (PDF) from the U.S. co — first came online in February 2023. 2023 on the forum Cracked.

IT 229

IT Data breaches Cloud Passwords 229

Security Affairs

NOVEMBER 21, 2024

Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals. He is accused of stealing at least $800,000 from five victims between August 2022 and March 2023. In January 2024, U.S.

Phishing 272

Phishing Access Passwords Ransomware 272

Security Affairs

JANUARY 9, 2025

Medusind, a medical billing provider, disclosed a data breach that occurred in December 2023 and affected over 360,000 individuals. The company disclosed a data breach discovered on December 29, 2023, that impacted 360,934 individuals. “On December 29, 2023, Medusind discovered suspicious activity within its IT network.

Data breaches 174

Data breaches Insurance Ransomware Information governance 174

Security Affairs

JULY 15, 2024

Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) The vulnerability was addressed in March 2023, and shortly after a PoC exploit code for this issue was released publicly.

Ransomware 348

Ransomware Encryption Access Security 348

Security Affairs

OCTOBER 25, 2024

The INC RANSOM has been active since 2023, it claimed responsibility for the breach of at least 65 organizations to date. In September, the Inc Ransom ransomware group added healthcare organizations to the list of victims on its Tor leak site.

Data breaches 318

Data breaches Ransomware Security IT 318

Security Affairs

AUGUST 30, 2024

The critical vulnerability CVE-2023-22527 (CVSS score 10.0) 5, 2023 as well as 8.4.5 “The critical vulnerability CVE-2023-22527 is actively being exploited for cryptojacking activities, turning affected environments into cryptomining networks.” Customers using an affected version must take immediate action.”

Mining 339

Mining Cloud Risk Security 339

Security Affairs

MARCH 1, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-29360 (CVSS Score 8.4) The exploit for the vulnerability CVE-2023-29360 was publicly disclosed in June, and Raspberry Robin employed it in August. An attacker can exploit this vulnerability to gain SYSTEM privileges.

IT 346

IT Cybersecurity Risk Security 346

Security Affairs

AUGUST 10, 2024

In November 2023, McLaren Health Care (McLaren) disclosed a data breach that occurred between late July and August 2023. The company became aware of anomalous activity on or about August 22, 2023, and immediately launched an investigation with the help of third-party forensic experts. million of McLaren Health Care patients.

Ransomware 326

Ransomware Insurance Data breaches Access 326

Security Affairs

NOVEMBER 3, 2024

Quad7 botnet, also known as CovertNetwork-1658 or xlogin, was first spotted in the summer of 2023 by security researcher Gi7w0rm. Chinese threat actors use the Quad7 botnet in password-spray attacks to steal credentials, Microsoft warns.

Passwords 329

Passwords Access Cloud Government 329

Security Affairs

MAY 21, 2024

The vendor responded to the vulnerability reports submitted between December 12, 2023, and January 23, 2024, with multiple delays and has fixed only four of the fifteen flaws. At this time, QNAP only addressed CVE-2023-50361, CVE-2023-50362, CVE-2023-50363, and CVE-2023-50364 with the release of a security update in April 2024.

Authentication 333

Authentication Access Security Information Security 333

Security Affairs

APRIL 22, 2024

The expert exploiting this known issue discovered the following vulnerabilities: CVE-2023-36396 Windows Compressed Folder Remote Code Execution Vulnerability – The RCE issue resides in Windows’s new extraction logic for all newly supported archive types. The expert reported to the Microsoft Security Response Center (MSRC) in 2023.

Archiving 343

Archiving Access Security Risk 343