Category: Security Affairs

Synology addressed a critical vulnerability in DiskStation and BeePhotos NAS devices that could lead to remote code execution. Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. An attacker can exploit the…

Read more →

The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions. Cleafy researchers spotted a new Android banking malware, dubbed ToxicPanda, which already infected over 1,500 Android devices. The ToxicPanda malware shares some bot command…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds PTZOptics PT30X-SDI/NDI camera bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Threat actors are attempting to exploit…

Read more →

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. Canadian law enforcement agencies arrested a suspect, Alexander “Connor” Moucka (aka Judische and Waifu), who is accused of being responsible…

Read more →

Google warned that a vulnerability, tracked as CVE-2024-43093, in the Android OS is actively exploited in the wild. Threat actors are actively exploiting a vulnerability, tracked as CVE-2024-43093, in the Android OS, Google warns. The vulnerability is a privilege escalation…

Read more →

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services. On…

Read more →

Nigerian Kolade Ojelade gets 26 years in U.S. for phishing scams that stole millions by hacking email accounts. A Nigerian national was sentenced to 26 years in prison in the US for stealing millions by compromising the email accounts of…

Read more →

U.S. intel says Russia made a fake video claiming Haitians voted illegally in Georgia, aiming to spread election disinformation. U.S. intel reports Russia created a fake viral video falsely claiming Haitians illegally voted multiple times in Georgia, aiming to spread…

Read more →

German police shut down DDoS-for-hire platform Dstat.cc and arrested two men accused of operating the site used for launching DDoS attacks. German police shut down the DDoS-for-hire platform Dstat.cc that allowed its customers to launch DDoS attacks. Two men, aged…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Chinese threat actors…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. EIW —…

Read more →

US Election 2024 – The FBI warned that two fake videos on X spread false claims of ballot fraud and misinformation about Kamala Harris’s husband. In a post on X on Saturday, the Federal Bureau of Investigation (FBI) said the…

Read more →

Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials. Chinese threat actors use the Quad7 botnet in password-spray attacks to steal credentials, Microsoft warns. Quad7 botnet, also known as CovertNetwork-1658 or…

Read more →

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities,…

Read more →

Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Sophos revealed a years-long “cat-and-mouse” battle with China-linked threat actors, using custom implants to track the attackers’ activities. Since 2018, Sophos has faced increasingly…

Read more →

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warn. GreyNoise discovered the two flaws while investigating…

Read more →

New LightSpy spyware targets iPhones supporting destructive features that can block compromised devices from booting up. In May 2024, ThreatFabric researchers discovered a macOS version of LightSpy spyware that has been active in the wild since at least January 2024.…

Read more →

LottieFiles confirmed a supply chain attack on Lottie-Player, and threat actors targeted cryptocurrency wallets to steal funds. LottieFiles confirmed that threat actors have hacked the Lottie-Player software in a supply chain attack. Lottie-Player is a web component from LottieFiles designed…

Read more →

Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Interbank, formally the Banco Internacional del Perú Service Holding S.A.A. is a leading Peruvian provider of financial services has over 2 million customers. Interbank disclosed a…

Read more →

QNAP addressed the second zero-day vulnerability demonstrated by security researchers during the recent Pwn2Own Ireland 2024. Taiwanese manufacturer QNAP patched the second zero-day vulnerability, tracked as CVE-2024-50387, which was exploited by security researchers during the recent Pwn2Own Ireland 2024. The vulnerability…

Read more →

The latest FakeCall malware version for Android intercepts outgoing bank calls, redirecting them to attackers to steal sensitive info and bank funds. Zimperium researchers spotted a new version of the FakeCall malware for Android that hijacks outgoing victims’ calls and…

Read more →

Microsoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scale spear-phishing campaign by Russia-linked APT Midnight Blizzard (aka APT29, SVR group, BlueBravo, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes), targeting 1,000+ users across 100+…

Read more →

Google addressed a critical vulnerability in its Chrome browser, tracked as CVE-2024-10487, which was reported by Apple. Google has patched a critical Chrome vulnerability, tracked as CVE-2024-10487, reported by Apple Security Engineering and Architecture (SEAR) on October 23, 2024. The…

Read more →

QNAP fixed critical zero-day CVE-2024-50388 which was demonstrated against a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. QNAP addressed a critical zero-day vulnerability, tracked as CVE-2024-50388, which was exploited by white hat hackers against a TS-464 NAS device…

Read more →

A global law enforcement operation disrupted RedLine and Meta infostealers, seizing their infrastructure and making arrests. The Dutch police announced it has dismantled infrastructure used by RedLine and Meta infostealers as part of an international law enforcement operation led by…

Read more →

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access.…

Read more →

Suspected Russia-linked espionage group UNC5812 targets Ukraine’s military with Windows and Android malware via Telegram. Google TAG and Mandiant observed a Russia-linked group, tracked as UNC5812, targeting Ukraine’s military with Windows and Android malware via the Telegram channel “Civil Defense.”…

Read more →

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A. that provides voice, video, data, and Internet telecommunications to consumers in France. The company is the second-largest ISP in France…

Read more →

Italian police arrested four and are investigating dozens, including Leonardo Maria Del Vecchio, for alleged unauthorized access to state databases. Italian authorities have arrested four individuals as part of an investigation into alleged illegal access to state databases. The police…

Read more →

A long supply chain adds third-party risks, as each partner’s security affects your own, making identity and access management more challenging. Identity-related attack vectors are a significant concern, with a substantial percentage of cyberattacks—often cited as over 70%—involving compromised credentials…

Read more →

ReliaQuest researchers observed Black Basta affiliates relying on Microsoft Teams to gain initial access to target networks. ReliaQuest researchers warn that Black Basta ransomware affiliates switched to Microsoft Teams, posing as IT support to deceive employees into granting access. The…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Chinese cyber spies…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. New Bumblebee…

Read more →

Russian authorities sentenced four members of the REvil ransomware operation to several years in prison in Russia. Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian…

Read more →

China-linked threat actors targeted the phone communications of Donald Trump and vice presidential nominee JD Vance. China-linked hackers reportedly targeted phones used by former President Donald Trump and Senator JD Vance as part of a cyber espionage campaign aimed at gathering…

Read more →

Irish Data Protection Commission fined LinkedIn €310M for violating user privacy by using behavioral data analysis for targeted advertising. Irish Data Protection Commission fined LinkedIn €310M after finding its use of behavioral data for targeted ads violated privacy laws, requiring…

Read more →

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million…

Read more →

US hospice pharmacy OnePoint Patient Care suffered a data breach that exposed the personal info of approximately 800,000 individuals. OnePoint Patient Care is a U.S.-based pharmacy specializing in hospice and palliative care services, providing customized medications and support for patients…

Read more →

DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybersecurity strategy. Protecting sensitive data is what cybersecurity is all about. So,…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: This…

Read more →

On the second day of Pwn2Own Ireland 2024, researchers demonstrated an exploit for the Samsung Galaxy S24.  On day two of Pwn2Own Ireland 2024, hackers demonstrated attacks against 51 zero-day vulnerabilities, earning a total of $358,625, prizes that we have…

Read more →

Cisco patched vulnerabilities in ASA, FMC, and FTD products, including one actively exploited in a large-scale brute-force attack campaign. Cisco addressed multiple vulnerabilities in Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Firepower Threat Defense (FTD) products, including…

Read more →

The “FortiJump” flaw (CVE-2024-47575) has been exploited in zero-day attacks since June 2024, impacting over 50 servers, says Mandiant. A new report published by Mandiant states that the recently disclosed Fortinet FortiManager flaw “FortiJump” CVE-2024-47575 (CVSS v4 score: 9.8) has…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiManager flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Fortinet FortiManager missing authentication vulnerability CVE-2024-47575 (CVSS v4 score: 9.8) to its Known Exploited…

Read more →

Resecurity reports a rise in political content related to the 2024 US elections on social media, with increased activity from foreign sources. Resecurity has detected a substantial increase in the distribution of political content related to the 2024 US elections…

Read more →

Threat actors are targeting Docker remote API servers to deploy SRBMiner crypto miners on compromised instances, Trend Micro warns. Trend Micro researchers observed attackers targeting Docker remote API servers to deploy SRBMiner crypto miners on compromised instances. The threat actors…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft SharePoint Deserialization Vulnerability CVE-2024-38094 (CVSS v4 score: 7.2) to its Known Exploited Vulnerabilities…

Read more →

Threat actors are targeting Docker remote API servers to deploy SRBMiner crypto miners on compromised instances, Trend Micro warns. Trend Micro researchers observed attackers targeting Docker remote API servers to deploy SRBMiner crypto miners on compromised instances. The threat actors…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft SharePoint Deserialization Vulnerability CVE-2024-38094 (CVSS v4 score: 7.2) to its Known Exploited Vulnerabilities…

Read more →

Data Security Posture Management (DSPM) helps organizations address evolving data security and privacy requirements by protecting and managing sensitive information. Data Security Posture Management (DSPM) comes into play– an essential solution for addressing evolving data security and privacy requirements Data…

Read more →

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures…

Read more →

Google’s Threat Analysis Group (TAG) researchers warn of a Samsung zero-day vulnerability that is exploited in the wild. Google’s Threat Analysis Group (TAG) warns of a Samsung zero-day vulnerability, tracked as CVE-2024-44068 (CVSS score of 8.1), which is exploited in…

Read more →

Experts warn of a new wave of attacks involving the Bumblebee malware, months after Europol’s ‘Operation Endgame‘ that disrupted its operations in May. The Bumblebee malware loader has resurfaced in new attacks, four months after Europol disrupted it during “Operation Endgame”…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog.…

Read more →

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. VMware failed to fully address a remote code execution flaw, tracked as CVE-2024-38812 (CVSS score: 9.8), in its vCenter Server…

Read more →

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. IntelBroker claimed to have…

Read more →

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The Internet Archive was breached via Zendesk, with users receiving warnings about stolen GitLab tokens due to improper token rotation after repeated…

Read more →

Hackers exploited a now-patched Roundcube flaw in a phishing attack to steal user credentials from the open-source webmail software. Researchers from Positive Technologies warn that unknown threat actors have attempted to exploit a now-patched vulnerability, tracked as CVE-2024-37383 (CVSS score: 6.1),…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Expanding the…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds…

Read more →

Technology firm F5 patches a high-severity elevation of privilege vulnerability in BIG-IP and a medium-severity flaw in BIG-IQ. F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise products, respectively tracked as CVE-2024-45844 and CVE-2024-47139. An authenticated attacker, with Manager role…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) to its Known…

Read more →

North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. A North Korea-linked threat actor, tracked as APT37 (also known as RedEyes, TA-RedAnt, Reaper, ScarCruft, Group123), exploited a recent Internet Explorer zero-day vulnerability, tracked as…

Read more →

Omni Family Health disclosed a data breach affecting nearly 470,000 current and former patients and employees. Omni Family Health is a nonprofit organization that provides healthcare services to communities in California, focusing on underserved populations. They offer a range of…

Read more →

U.S. and allies warn of attacks from Iran-linked actors targeting critical infrastructure through brute-force attacks in a year-long campaign. Intelligence and cybersecurity agencies from the U.S., Australia, and Canada, warn about a year-long campaign carried out by Iran-linked threat actors…

Read more →

Microsoft disclosed a flaw in the macOS Apple’s Transparency, Consent, and Control (TCC) framework that could allow it to bypass privacy settings and access user data. Microsoft discovered a vulnerability, tracked as CVE-2024-44133 and code-named ‘HM Surf’, in Apple’s Transparency,…

Read more →

The DoJ charged Anonymous Sudan members and disrupted their DDoS infrastructure, halting its cyber operations. The US Justice Department charged two Sudanese brothers (Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27) with operating and controlling the cybercrime…

Read more →

Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. Cisco Talos researchers observed Russia-linked threat actor RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) targeting Ukrainian government agencies and Polish entities in…

Read more →

A critical flaw in Kubernetes Image Builder could allow attackers to gain root access if exploited under specific conditions. A critical, Kubernetes Image Builder vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), could allow attackers to gain root access if exploited under specific…

Read more →

VMware fixes a high-severity SQL injection flaw in HCX allowing non-admin users to remotely execute code on the HCX manager. VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application…

Read more →

Brazil’s Polícia Federal has arrested hacker USDoD, the hacker behind the National Public Data and InfraGard breaches. Brazil’s Polícia Federal (PF) announced the arrest in Belo Horizonte/MG of the notorious hacker USDoD. In August, a CrowdStrike investigation revealed that the…

Read more →

Finnish Customs shut down the Tor darknet marketplace Sipulitie and seized the servers hosting the platform. Finnish Customs, with the help of Europol, Swedish and Polish law enforcement authorities and researchers at Bitdefender, shut down the Tor marketplace Sipulitie. “Finnish…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV)…

Read more →

GitHub addressed a critical vulnerability in Enterprise Server that could allow unauthorized access to affected instances. Code hosting platform GitHub addressed a critical vulnerability, tracked as CVE-2024-9487 (CVSS score of 9.5), in GitHub Enterprise Server that could lead to unauthorized access to…

Read more →

North Korea-linked actors deploy a new Linux variant of FASTCash malware to target financial systems, researcher HaxRob revealed. The cybersecurity researcher HaxRob analyzed a new variant of the FASTCash “payment switch” malware which targets Linux systems. The variant discovered by…

Read more →

WordPress Jetpack plugin issued an update to fix a critical flaw allowing logged-in users to view form submissions by others on the same site. The maintainers of the WordPress Jetpack plugin have addressed a critical vulnerability that could allow logged-in…

Read more →

Pokemon dev Game Freak confirmed that an August cyberattack led to source code leaks and designs for unpublished games online. Game Freak Inc. is a popular Japanese video game developer, founded on April 26, 1989, by Satoshi Tajiri, Ken Sugimori, and…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Last week,…

Read more →

An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation-state actor has been exploiting three Ivanti Cloud Service Appliance (CSA) zero-day issues to carry…

Read more →

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. The Dutch police have announced the success of a new joint law enforcement operation that led to the shutdown of the dual dark web…

Read more →

US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. U.S.-based financial services company Fidelity Investments is notifying 77,099 individuals that their personal information was compromised in an August cyberattack. The data…

Read more →

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000!…

Read more →

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A cyber attack…

Read more →

U.S. and U.K. cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale. Russia-linked cyber espionage group APT29 (aka SVR group, BlueBravo, Cozy Bear, Nobelium, Midnight Blizzard, and The Dukes) target vulnerable Zimbra and JetBrains TeamCity servers as…

Read more →

As Middle East tensions rise, cyberattacks hit Iran’s government branches and nuclear facilities, following Israel’s response to Iran’s October 1 missile barrage. Amid escalating Middle East tensions, Iran faced major cyberattacks Saturday, disrupting its government branches and targeting nuclear facilities.…

Read more →

Sophos reports ransomware operators are exploiting a critical code execution flaw in Veeam Backup & Replication. Sophos researchers warn that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.…

Read more →

GitLab issued updates for CE and EE to address multiple flaws, including a critical bug allowing CI/CD pipeline runs on unauthorized branches. GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE) to address multiple vulnerabilities, including a…

Read more →

OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. OpenAI announced the disruption of over 20 cyber and influence operations this year, involving Iranian and Chinese state-sponsored hackers. The…

Read more →

The Internet Archive disclosed a data breach, the security incident impacted more than 31 million users of its “The Wayback Machine.” The Internet Archive is an American nonprofit digital library website that provides free access to collections of digitized materials…

Read more →

Jscrambler researchers found a skimming campaign using unique JavaScript obfuscation with accented characters to hide a skimmer named Mongolian Skimmer. Jscrambler researchers uncovered a skimming campaign using unique JavaScript obfuscation with accented characters to hide a skimmer dubbed ‘Mongolian Skimmer.’…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: This week, Fortinet…

Read more →

Mozilla released an urgent Firefox update to fix a critical use-after-free vulnerability actively exploited in ongoing attacks. Mozilla released an emergency security update for its Firefox browser to address a critical use-after-free vulnerability, tracked as CVE-2024-9680, that is actively exploited…

Read more →

Palo Alto fixed critical flaws in PAN-OS firewalls, warning that attackers could chain these vulnerabilities to hijack the devices. Palo Alto Networks addressed multiple vulnerabilities that an attacker can chain to hijack PAN-OS firewalls. The vulnerabilities reside in the Palo…

Read more →

Resecurity reports a rise in attacks on AI Conversational platforms, targeting chatbots that use NLP and ML to enable automated, human-like interactions with consumers. Resecurity has observed a spike in malicious campaigns targeting AI agents and Conversational AI platforms that…

Read more →

A threat actor tracked as Awaken Likho is targeting Russian government agencies and industrial entities, reported cybersecurity firm Kaspersky. A recent investigation by Kaspersky researchers into the APT group Awaken Likho (aka Core Werewolf and PseudoGamaredon) uncovered a new campaign…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Qualcomm this week addressed…

Read more →

Software company Ivanti released security patches for three new CSA zero-day vulnerabilities actively exploited in attacks. Ivanti warned of three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its Cloud Service Appliance (CSA) that are actively exploited in attacks in…

Read more →

Ukrainian national pleads guilty in U.S. court for operating the Raccoon Infostealer, used to steal sensitive data globally. Ukrainian national Mark Sokolovsky has pleaded guilty in a US court to operating the Raccoon Infostealer. In October 2020, the US Justice…

Read more →

Qualcomm warns of 20 flaws in its products, including a potential zero-day vulnerability, in the DSP service that impacts multiple chipsets. Qualcomm addressed 20 vulnerabilities in its products, including a potential zero-day issue tracked as CVE-2024-43047 (CVSS score 7.8). The…

Read more →

MoneyGram disclosed a data breach following a cyberattack in September, during which threat actors stole customer data. In September, American interstate and international peer-to-peer payments and money transfer company MoneyGram confirmed that its services are currently unavailable due to a cyberattack. On September 22, the…

Read more →