Search.AI.Wiki

Category: IT Information Security

Marina Bay Sands Luxury Hotel in Singapore Suffers a Data Breach

The iconic integrated resort Marina Bay Sands in Singapore has disclosed a data breach that impacted 665,000 customers.

The Marina Bay Sands (MBS) luxury resort in Singapore has suffered a data breach that impacted 665,000 customers.

Marina Bay Sands discovered …

Veeam fixed multiple flaws in Veeam ONE, including critical issues

Veeam addressed multiple vulnerabilities in its Veeam ONE IT infrastructure monitoring and analytics platform, including two critical issues.

Veeam addressed four vulnerabilities (CVE-2023-38547, CVE-2023-38548, CVE-2023-38549, CVE-2023-41723) in the Veeam ONE IT infrastructure monitoring and analytics platform.

The vulnerability CVE-2023-38547 (CVSS …

Pro-Palestinian hackers group ‘Soldiers of Solomon’ disrupted the production cycle of the biggest flour production plant in Israel

Pro-Palestinian hackers group ‘Soldiers of Solomon’ claims to have hacked one of the largest Israeli flour plants causing severe damage to the operations.

The Pro-Palestinian hackers group ‘Soldiers of Solomon’ announced that it had breached the infrastructure of the production …

Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks

Iran-linked Agonizing Serpens group has been targeting Israeli organizations with destructive cyber attacks since January.

Iran-linked Agonizing Serpens group (aka Agrius, BlackShadow, Pink Sandstorm, DEV-0022) has been targeting Israeli organizations in higher education and tech sectors with destructive cyber attacks …

Critical Confluence flaw exploited in ransomware attacks

Experts warn threat actors that started exploiting a recent critical flaw CVE-2023-22518 in Confluence Data Center and Confluence Server.

Over the weekend threat actors started exploiting a recently disclosed vulnerability (CVE-2023-22518) in all versions of Atlassian Confluence Data Center and …

QNAP fixed two critical vulnerabilities in QTS OS and apps

Taiwanese vendor QNAP warns of two critical command injection flaws in the QTS operating system and applications on its NAS devices.

Taiwanese vendor QNAP Systems addressed two critical command injection vulnerabilities, tracked as CVE-2023-23368 and CVE-2023-23369, that impact the …

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure.

Google warns of multiple threat actors sharing a public proof-of-concept (PoC) exploit, named Google Calendar RAT, that relies on Calendar service to host …

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure.

Google warns of multiple threat actors sharing a public proof-of-concept (PoC) exploit, named Google Calendar RAT, that relies on Calendar service to host …

Socks5Systemz proxy service delivered via PrivateLoader and Amadey

Threat actors infected more than 10,000 devices worldwide with the ‘PrivateLoader’ and ‘Amadey’ loaders to recruit them into the proxy botnet ‘Socks5Systemz.’

Bitsight researchers uncovered a proxy botnet delivered, tracked as Socks5Systemz, which was delivered by PrivateLoader and Amadey loaders. …

US govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actors

The Treasury Department sanctioned a Russian woman accused of laundering virtual currency on behalf of cybercriminals.

The Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Friday sanctioned Ekaterina Zhdanova, a Russian national, for her role in laundering and …

Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Kinsing

Lazarus targets blockchain engineers with new KandyKorn macOS Malware

North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers.

North Korea-linked Lazarus APT group were spotted using new KandyKorn macOS malware in attacks against blockchain engineers, reported Elastic Security Labs.

“KandyKorn is an advanced

Lazarus targets blockchain engineers with new KandyKorn macOS Malware

North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers.

North Korea-linked Lazarus APT group were spotted using new KandyKorn macOS malware in attacks against blockchain engineers, reported Elastic Security Labs.

“KandyKorn is an advanced

Kinsing threat actors probed the Looney Tunables flaws in recent attacks

Kinsing threat actors are exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables to target cloud environments.

Researchers are cloud security firm Aqua have observed threat actors exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables in attacks …

ZDI discloses four zero-day flaws in Microsoft Exchange

Researchers disclosed four zero-day flaws in Microsoft Exchange that can be remotely exploited to execute arbitrary code or disclose sensitive information on vulnerable installs.

Trend Micro’s Zero Day Initiative (ZDI) disclosed four zero-day vulnerabilities in Microsoft Exchange that can be …

Multiple WhatsApp mods spotted containing the CanesSpy Spyware

Kaspersky researchers are warning of multiple WhatsApp mods that embed a spyware module dubbed CanesSpy.

Kaspersky researchers discovered multiple WhatsApp mods that embed a spyware module dubbed CanesSpy.

mods are modifications or alterations made to an application, often by third-party developers or …

Russian FSB arrested Russian hackers who supported Ukrainian cyber operations

The FSB arrested two Russian hackers who are accused of having helped Ukrainian entities carry out cyberattacks on critical infrastructure targets.

The Russian intelligence agency Federal Security Service (FSB) arrested two individuals who are suspected of supporting Ukrainian entities to …

MuddyWater has been spotted targeting two Israeli entities

Iran-linked cyberespionage group MuddyWater is targeting Israeli entities in a new spear-phishing campaign.

Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, and Static Kitten) is targeting Israeli entities in a new spear-phishing campaign, Deep Instinct’s Threat Research team reported. The phishing messages were aimed at deploying a …

Clop group obtained access to the email addresses of about 632,000 US federal employees

Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice.

Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at …
文 » A