Search.AI.Wiki

Category: IT Information Security

US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide

The U.S. government seized 17 website domains used by North Korean IT workers in a fraudulent scheme to defraud businesses worldwide.

The U.S. government announced the seizure of 17 website domains used by North Korean information technology (IT) workers as …

Alleged developer of the Ragnar Locker ransomware was arrested

A joint international law enforcement investigation led to the arrest of a malware developer who was involved in the Ragnar Locker ransomware operation.

Yesterday we became aware of a joint law enforcement operation that led to the seizure of the …

CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog

US CISA added the vulnerability CVE-2021-1435 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2021-1435 in Cisco IOS XE.

The vulnerability is a command injection vulnerability in the web user interface that could …

Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198

More than 40,000 Cisco IOS XE devices have been compromised in attacks exploiting recently disclosed critical vulnerability CVE-2023-20198.

Researchers from LeakIX used the indicators of compromise (IOCs) released by Cisco Talos and found around 30k Cisco IOS XE devices (routers, …

Law enforcement operation seized Ragnar Locker group’s infrastructure

An international law enforcement operation shuts down the infrastructure of the Ragnar Locker ransomware operation.

Law enforcement from the US, Europe, Germany, France, Italy, Japan, Spain, Netherlands, Czech Republic, and Latvia conducted a joint operation that led to the seizure …

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

I’m proud to announce the release of the 11th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape.

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report, which is …

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

I’m proud to announce the release of the 11th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape.

The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report, which is …

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw

North Korea-linked threat actors are actively exploiting a critical vulnerability CVE-2023-42793 in JetBrains TeamCity.

Microsoft warns that North Korea-linked threat actors are actively exploiting a critical security vulnerability, tracked as CVE-2023-42793 (CVSS score: 9.8), in JetBrains TeamCity.

CVE-2023-42793 is an …

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR.

Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. The …

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR.

Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. The …

Californian IT company DNA Micro leaks private mobile phone data

Hundreds of thousands of clients who opted-in for a screen warranty were exposed when DNA Micro leaked data from its systems.

The Cybernews research team found that DNA Micro, a California-based IT company, exposed the sensitive data of more than …

Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August.

On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices.…

A flaw in Synology DiskStation Manager allows admin account takeover

A vulnerability in Synology DiskStation Manager (DSM) could be exploited to decipher an administrator’s password.

Researchers from Claroty’s Team82 discovered a vulnerability, tracked as CVE-2023-2729 (CVSS score 5.9), in Synology DiskStation Manager (DSM).

Team82 discovered the use of a weak …

D-Link confirms data breach, but downplayed the impact

Taiwanese manufacturer D-Link confirmed a data breach after a threat actor offered for sale on BreachForums stolen data.

The global networking equipment and technology company D-Link confirmed a data breach after a threat actor earlier this month offered for sale …

CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems

Threat actors exploited the recently disclosed zero-day flaw (CVE-2023-20198) in a large-scale hacking campaign on Cisco IOS XE devices.

Threat actors have exploited the recently disclosed critical zero-day vulnerability (CVE-2023-20198) to compromise thousands of Cisco IOS XE devices, security firm …

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023.

The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency …

Ransomware realities in 2023: one employee mistake can cost a company millions

What is the impact of ransomware on organizations? One employee’s mistake can cost a company millions of dollars.

Studies show that human error is the root cause of more than 80% of all cyber breaches, whether malicious or unintended. The

Malware-laced ‘RedAlert – Rocket Alerts’ app targets Israeli users 

Threat actors are targeting Israeli Android users with a malicious version of the ‘RedAlert – Rocket Alerts’ that hide spyware.

A threat actor is targeting Israeli Android users with a spyware-laced version of the ‘RedAlert – Rocket Alerts’ app, Cloudflare …

Cisco warns of active exploitation of IOS XE zero-day

Cisco warned customers of a critical zero-day vulnerability in its IOS XE Software that is actively exploited in attacks.

Cisco warned customers of a zero-day vulnerability, tracked as CVE-2023-20198 (CVSS score 10), in its IOS XE Software that is actively …

Signal denies claims of an alleged zero-day flaw in its platform

Encrypted messaging app Signal denied claims of an alleged zero-day flaw in its platform after a responsible investigation.

The popular encrypted messaging app Signal denied claims of an alleged zero-day vulnerability in its platform. The company launched an investigation into …
文 » A