Search.AI.Wiki

Category: information security news

A flaw in the Essential ‘Addons for Elementor’ WordPress plugin poses 1M sites at risk of hacking

Experts warn of an unauthenticated privilege escalation flaw in the popular Essential ‘Addons for Elementor’ WordPress plugin.

Essential ‘Addons for Elementor’ WordPress plugin is a collection of 90+ creative elements and extensions Enhance that allow admins to enhance Elementor page building …

Experts share details of five flaws that can be chained to hack Netgear RAX30 Routers 

Researchers disclosed the details of five vulnerabilities that can be chained to take over some Netgear router models.

Industrial and IoT cybersecurity firm Claroty disclosed technical details of five vulnerabilities that be exploited to hack some Netgear router models.

“Team82

Google will provide dark web monitoring to all US Gmail users and more

Google announced the opening of the dark web monitoring report security feature to all Gmail users in the United States.

Google is going to offer dark web monitoring to all U.S. Gmail users, the feature allows them to search for …

North Korea-linked APT breached the Seoul National University Hospital

The Korean National Police Agency (KNPA) warns that a North Korea-linked APT group had breached the Seoul National University Hospital (SNUH).

The Korean National Police Agency (KNPA) revealed that a North Korea-linked APT group has breached one of the largest …

Twitter now supports Encrypted Direct Messages, with some limitations

Twitter is rolling out support for encrypted direct messages (DMs), the security feature will be initially available for the verified users.

Twitter is rolling out support for encrypted direct messages (DMs), the feature is initially limited to verified users or …

A zero-click vulnerability in Windows allows stealing NTLM credentials

Researchers shared technical details about a flaw in Windows MSHTML platform, tracked as CVE-2023-29324, that could be abused to bypass security protections.

Cybersecurity researchers have shared details about a now-patched security flaw, tracked as CVE-2023-29324 (CVSS score: 6.5), in Windows …

Cybersecurity firm Dragos shared details about a failed extortion attempt it suffered

Industrial cybersecurity firm Dragos revealed that a ransomware group attempted to breach its infrastructure and extort it.

Industrial cybersecurity firm Dragos revealed that on May 8, 2023, a known ransomware group attempted and failed to breach the company systems.

The …

DownEx cyberespionage operation targets Central Asia

A new sophisticated malware strain, dubbed DownEx, was involved in attacks aimed at Government organizations in Central Asia.

In late 2022, Bitdefender Labs researchers first observed a highly targeted cyberattack targeting foreign government institutions in Kazakhstan that involved a new sophisticated strain …

Smashing Pumpkins frontman paid ransom to a hacker who threatened to leak the band’s songs

The frontman of the American alternative rock band Smashing Pumpkins, Billy Corgan, has revealed he paid hackers who stole the band’s songs

The frontman of the alternative rock band Smashing Pumpkins, Billy Corgan, revealed he paid a ransom after a …

US disrupts Russia-linked Snake implant’s network

The US government announced to have disrupted the peer-to-peer (P2P) network of computers compromised by the Snake malware.

The Snake implant is one of the most sophisticated implants used by Russia-linked threat actors for cyberespionage purposes. The malware has been …

Microsoft Patch Tuesday for May 2023 fixed 2 actively exploited zero-day flaws

Microsoft Patch Tuesday Security updates for May 2023 address a total of 40 vulnerabilities, including two zero-day actively exploited in attacks.

Microsoft’s May 2023 security updates address 40 vulnerabilities, including two zero-day flaws actively exploited in attacks. The flaws affect …

The global food distribution giant Sysco discloses a data breach

Sysco, the global food distribution giant, disclosed a data breach, the compromised data includes customer and employee data.

Sysco Corporation is an American multinational corporation involved in marketing and distributing food products, smallwares, kitchen equipment and tabletop items.

BleepingComputer, who …

A Linux NetFilter kernel flaw allows escalating privileges to ‘root’

A Linux NetFilter kernel flaw, tracked as CVE-2023-32233, can be exploited by unprivileged local users to escalate their privileges to root.

Netfilter is a framework provided by the Linux kernel that allows various networking-related operations to be implemented in the …

Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet

A DDoS botnet dubbed AndoryuBot has been observed exploiting an RCE, tracked as CVE-2023-25717, in Ruckus access points.

FortiGuard Labs researchers have recently observed a spike in attacks attempting to exploit the Ruckus Wireless Admin remote code execution vulnerability tracked …

FBI seized 13 domains linked to DDoS-for-hire platforms

The U.S. DoJ announced the seizure of 13 new domains associated with DDoS-for-hire platforms as part of Operation PowerOFF.

The U.S. Justice Department announced the seizure of 13 domains linked to DDoS-for-hire services as part of a coordinated international law …

New CACTUS ransomware appeared in the threat landscape

Researchers warn of a new ransomware family called CACTUS that exploits known vulnerabilities in VPN appliances to gain initial access to victims’ networks.

Researchers from cybersecurity firm Kroll have analyzed on a new ransomware family called CACTUS that has been …

Money Message gang leaked private code signing keys from MSI data breach

The ransomware gang behind the attack on Taiwanese PC maker MSI leaked the company’s private code signing keys on their darkweb leak site.

In early April, the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation …

NextGen Healthcare suffered a data breach that impacted +1 Million individuals

NextGen Healthcare suffered a data breach, the security incident exposed the personal information of approximately 1 million individuals.

Healthcare solutions provider NextGen Healthcare suffered a data breach that exposed the personal information of informing approximately one million individuals.

NextGen Healthcare, …

Western Digital notifies customers of data breach after March cyberattack

Western Digital is notifying its customers of a data breach that exposed their sensitive personal information, the incident took place in March.

In March 2022, Western Digital was hit by a ransomware attack and in response to the incident, it …

CERT-UA warns of an ongoing SmokeLoader campaign

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file.

CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot …
文 » A