Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8)

IT 327

IT Ransomware Authentication Cybersecurity 327

Security Affairs

NOVEMBER 7, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7 reads the advisory.

IT 314

IT Authentication Cybersecurity Risk 314

Security Affairs

AUGUST 14, 2024

Microsoft’s August 2024 Patch Tuesday addressed 90 vulnerabilities, including six that are actively exploited. No Yes RCE CVE-2024-38178 Scripting Engine Memory Corruption Vulnerability Important 7.5 No Yes RCE CVE-2024-38193 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Important 7.8

Security 352

Security IT Information Security 352

Security Affairs

MARCH 31, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439 , to its Known Exploited Vulnerabilities (KEV) catalog.

IT 275

IT Cybersecurity Access Passwords 275

Security Affairs

SEPTEMBER 16, 2024

Microsoft warns that a recently patched Windows flaw, tracked as CVE-2024-43461, was actively exploited as a zero-day before July 2024. Microsoft warns that attackers actively exploited the Windows vulnerability CVE-2024-43461 as a zero-day before July 2024. MSHTML is a platform used by Internet Explorer. “Yes.

Archiving 343

Archiving File names Libraries Passwords 343

Security Affairs

NOVEMBER 9, 2024

Below are the vulnerabilities reported by ZDI: CVE-2024-8355 : SQL injection in DeviceManager, enabling database manipulation or code execution via spoofed Apple device connections. CVE-2024-8358 : Command injection in UPDATES_ExtractFile , enabling command execution via file paths during updates.

Ransomware 324

Ransomware Manufacturing Access Risk 324

Security Affairs

OCTOBER 11, 2024

The Internet Archive disclosed a data breach, the security incident impacted more than 31 million users of its “The Wayback Machine.” As of September 5, 2024, the Internet Archive held more than 42.1 million print materials, 13 million videos, 1.2 Internet Archive hacked. 54% were already in @haveibeenpwned.

Archiving 304

Archiving Data breaches Passwords File names 304

Security Affairs

OCTOBER 25, 2024

OPPC reported to the US Department of Health and Human Services that the security incident impacted 795916 individuals. The organization observed suspicious activity on its network on August 8, 2024 and promptly initiated an internal investigation. “On August 8, 2024, OPPC detected suspicious activity on its computer network.

Data breaches 324

Data breaches Ransomware Security IT 324

Security Affairs

SEPTEMBER 11, 2024

Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. ” The four actively exploited zero-day vulnerabilities are: CVE-2024-38014 – Windows Installer Elevation of Privilege Vulnerability.

Security 324

Security IoT Authentication IT 324

Security Affairs

DECEMBER 24, 2024

Adobe released out-of-bandsecurity updates to address a critical vulnerability, tracked as CVE-2024-53961 (CVSS score 7.4), in ColdFusion. “Adobe has released security updates for ColdFusion versions2023 and 2021.These The vulnerability CVE-2024-20767 (CVSS score 7.4) ” reads the advisory. In December, the U.S.

Cybersecurity 166

Cybersecurity Access Security IT 166

Security Affairs

OCTOBER 25, 2024

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. According to the Associated Press, UnitedHealth booked $1.1

Data breaches 323

Data breaches Ransomware Insurance Cybersecurity 323

Security Affairs

OCTOBER 22, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog. x, and 11.3.x.”

IT 308

IT Cybersecurity Encryption Cloud 308

Security Affairs

NOVEMBER 27, 2024

VMware released security updates to address five vulnerabilities in its Aria Operations product. Local privilege escalation vulnerability (CVE-2024-38831) (CVSS 7.8) – A threat actor with local administrative privileges on VMware Aria Operations can exploit a properties file to execute malicious commands and gain root privileges.

Cloud 292

Cloud Access IT Security 292

Security Affairs

APRIL 3, 2025

39 Million Secrets Leaked on GitHub in 2024 GitHub found 39M secrets leaked in 2024 and launched new tools to help developers and organizations secure sensitive data in code. Microsoft-owned code hosting platform GitHub announced the discovery of 39 million secrets leaked in 2024. ” concludes the report.

153

153

Security Affairs

AUGUST 1, 2024

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Researchers at the Shadowserver Foundation reported that approximately 20,000 VMware ESXi servers exposed online appear impacted by the exploited vulnerability CVE-2024-37085.

Ransomware 354

Ransomware Authentication Cloud Security 354

Security Affairs

OCTOBER 31, 2024

kzoldyck, the Threat Actor behind the alleged Interbank breach/leak posted the following on BreachForums [link] pic.twitter.com/A8SYASxmsT — Dark Web Informer (@DarkWebInformer) October 30, 2024 “We have identified that some data of a group of clients has been exposed by a third party without our authorization.

Data breaches 321

Data breaches Financial Services Passwords Security 321

Security Affairs

NOVEMBER 8, 2024

.” Palo Alto Networks recommends reviewing best practices for securing management access to its devices. Cybersecurity and Infrastructure Security Agency (CISA) added a Palo Alto Expedition Missing Authentication Vulnerability, tracked as CVE-2024-5910 , to its Known Exploited Vulnerabilities (KEV) catalog.

Authentication 292

Authentication Cybersecurity Access Communications 292

Security Affairs

OCTOBER 21, 2024

“ Hello BreachForums Community , Today, I am selling the Cisco breach that recently happened (6/10/2024)” reads the message published by IntelBroker. ” Immediately, the company launched an investigation, which is still ongoing, into the alleged security incident. for customers to use as needed.

Data breaches 329

Data breaches Access Cloud Security 329

Security Affairs

JULY 29, 2024

Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) The company released patches for security vulnerabilities affecting ESXi 8.0

Ransomware 339

Ransomware Cloud Encryption Authentication 339

Security Affairs

NOVEMBER 17, 2024

A Really Simple Security plugin flaw affects 4M+ sites, allowing attackers full admin access. Wordfence researchers warn of a vulnerability, tracked as CVE-2024-10924 (CVSS Score of 9.8), in the Really Simple Security plugin that affects 4M+ sites. CVE-2024-10924 impacts plugin versions from 9.0.0 and up to 9.1.1.1

Security 187

Security Authentication Access IT 187

Security Affairs

MARCH 24, 2025

Medusa ransomware uses a malicious Windows driver ABYSSWORKER to disable security tools, making detection and mitigation more difficult. Elastic Security Labs tracked a financially driven MEDUSA ransomware campaign using a HEARTCRYPT-packed loader and a revoked certificate-signed driver, ABYSSWORKER, to disable EDR tools.

Ransomware 219

Ransomware Security IT Access 219

Security Affairs

SEPTEMBER 18, 2024

Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server that could lead to remote code execution. The company also addressed a privilege escalation vulnerability, tracked as CVE-2024-38813, in vCenter Server. ” reads the advisory.

Cloud 324

Cloud Access IT Security 324

Security Affairs

SEPTEMBER 8, 2024

Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability has been addressed in versions 2.23.6,

Libraries 338

Libraries Encryption Cybersecurity Access 338

Security Affairs

DECEMBER 2, 2024

Our goal is to deploy 200 new WebTunnel bridges by the end of this December (2024) to open secure access for users in Russia.” Tunnel bridges have grown from 60 to 143 since early 2024, but they are not enough. If you’ve ever thought about running a Tor bridge, now is the time.

Government 321

Government Access Security IT 321

Security Affairs

NOVEMBER 26, 2024

In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. Researchers at Elastic Security Labs analyzed the malware and confirmed it can steal keychain passwords and data from multiple browsers. The code is now available on GitHub.

Archiving 359

Archiving Encryption Passwords IT 359

Security Affairs

JANUARY 26, 2025

In October 2024, UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. reads an update published by the company on February 29, 2024. According to the Associated Press, UnitedHealth booked $1.1 population.”

Data breaches 323

Data breaches Insurance Ransomware Cybersecurity 323

Security Affairs

OCTOBER 17, 2024

A critical, Kubernetes Image Builder vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), could allow attackers to gain root access if exploited under specific conditions. “A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the image build process.

Access 336

Access Passwords Cybersecurity Security 336

Security Affairs

DECEMBER 7, 2024

A cyber attack hit the Port of Rijeka in Croatia, the 8Base ransomware group claimed responsibility for the security breach. It also offers various economic services, including equipment maintenance, building upkeep, load securing, and quality control. The Port of Rijeka (Luka Rijeka d.d.),

Ransomware 311

Ransomware Personal data Security IT 311

Security Affairs

DECEMBER 16, 2024

The company discovered the security breach on May 12 and promptly began investigating into the incident. The company discovered that between February 16, 2024, and May 12, 2024, an unknown third party had access to ConnectOnCall and certain data within the application, including certain information in provider-patient communications.

Data breaches 270

Data breaches Communications Insurance Cybersecurity 270

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. Researchers at Elastic Security Labs who first analyzed the malware confirmed it can steal keychain passwords and data from multiple browsers.

Archiving 302

Archiving Phishing Encryption Passwords 302

Security Affairs

JULY 11, 2024

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The flaw CVE-2024-4577 (CVSS score: 9.8) Cybersecurity and Infrastructure Security Agency (CISA) added the the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. In June, the U.S.

Honeypots 347

Honeypots File names Mining IoT 347

Security Affairs

NOVEMBER 20, 2024

Apple released security updates for iOS, iPadOS, macOS, visionOS, and Safari browser to address two actively exploited zero-day flaws. The vulnerability CVE-2024-44309 is a cookie management issue in WebKit that could lead to a cross-site scripting (XSS) attack when processing malicious web content. ” reads the advisory.

Security 288

Security IT 288

Security Affairs

AUGUST 19, 2024

Microsoft has addressed a zero-day vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), which has been exploited by the North Korea-linked Lazarus APT group. The vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), is a privilege escalation issue that resides in the Windows Ancillary Function Driver (AFD.sys) for WinSock.

Access 345

Access Security Marketing IT 345

Security Affairs

OCTOBER 29, 2024

” The Telegram channel was created on September 10, 2024 and at this time has 189 subscribers. that was registered in April 2024. On September 18, 2024, a missile alert channel with over 80,000 subscribers promoted the “Civil Defense” Telegram channel.

Military 299

Military IT Security Information Security 299