IT Information Security – Page 9

Former NSA employee pleads guilty to attempted selling classified documents to Russia

A former NSA employee has pleaded guilty to charges of attempting to transmit classified defense information to Russia.

Jareh Sebastian Dalke (31), a former NSA employee has admitted to attempting to convey classified defense information to Russia, pleading guilty to …

Experts released PoC exploit code for VMware Aria Operations for Logs flaw. Patch it now!

VMware is aware of the availability of a proof-of-concept (PoC) exploit code for an authentication bypass flaw in VMware Aria Operations for Logs.

VMware warned customers of the availability of a proof-of-concept (PoC) exploit code for an authentication bypass vulnerability, …

How did the Okta Support breach impact 1Password?

1Password detected suspicious activity on its Okta instance after the recent compromise of the Okta support system.

The password management and security application 1Password announced it had detected suspicious activity on its Okta instance on September 29, but excluded that …

How did the Okta Support breach impact 1Password?

1Password detected suspicious activity on its Okta instance after the recent compromise of the Okta support system.

The password management and security application 1Password announced it had detected suspicious activity on its Okta instance on September 29, but excluded that …

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Hundreds of millions of PII records belonging to Indian residents, including Aadhaar cards, are being offered for sale on the Dark Web.

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

In early …

Spain police dismantled a cybercriminal group who stole the data of 4 million individuals

The Spanish police have arrested 34 members of the cybercriminal group that is accused of having stolen data of over four million individuals.

The Spanish police have arrested 34 members of a cybercriminal group that is suspected to have stolen …

CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog

US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

The vulnerability …

CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog

US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.

The vulnerability …

Cisco warns of a second IOS XE zero-day used to infect devices worldwide

Cisco found a second IOS XE zero-day vulnerability, tracked as CVE-2023-20273, which is actively exploited in attacks in the wild.

Cisco last week warned customers of a zero-day vulnerability, tracked as CVE-2023-20198 (CVSS score 10), in its IOS XE Software …

City of Philadelphia suffers a data breach

The City of Philadelphia discloses a data breach that resulted from a cyber attack that took place on May 24 and that compromised City email accounts.

The City of Philadelphia announced it is investigating a data breach after attackers that …

SolarWinds fixed three critical RCE flaws in its Access Rights Manager product

Researchers discovered three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product.

Security researchers discovered three critical remote code execution vulnerabilities in the SolarWinds Access Rights Manager (ARM) product.

SolarWinds Access Rights Manager (ARM) is a software …

Don’t use AI-based apps, Philippine defense ordered its personnel

The Philippine defense ordered its personnel to stop using AI-based applications to generate personal portraits.

The Philippine defense warned of the risks of using AI-based applications to generate personal portraits and ordered its personnel to stop using them.

On October …

Don’t use AI-based apps, Philippine defense ordered its personnel

The Philippine defense ordered its personnel to stop using AI-based applications to generate personal portraits.

The Philippine defense warned of the risks of using AI-based applications to generate personal portraits and ordered its personnel to stop using them.

On October …

Vietnamese threat actors linked to DarkGate malware campaign

Researchers linked Vietnamese threat actors to the string of DarkGate malware attacks on entities in the U.K., the U.S., and India.

WithSecure researchers linked the recent attacks using the DarkGate malware to a Vietnamese cybercrime group previously known for the …

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

MI5 chief warns Chinese cyber espionage reached an epic scale, more than 20,000 people in the UK have now been targeted.

The head of MI5, Ken McCallum, warns that Chinese spies targeted more than 20,000 people in the UK.

During …

The attack on the International Criminal Court was targeted and sophisticated

The International Criminal Court revealed the recent attack was carried out by a threat actor for espionage purposes.

The International Criminal Court shared additional information about the cyberattack that hit the organizations in September.

In September, the International Criminal Court …

Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

…

A threat actor is selling access to Facebook and Instagram’s Police Portal

A threat actor is selling access to Facebook and Instagram’s Police Portal used by law enforcement agencies to request data relating to users under investigation.

Cyber security researcher Alon Gal, co-founder & CTO of Hudson Rock, first reported that a …

Threat actors breached Okta support system and stole customers’ data

Okta revealed that threat actors breached its support case management system and stole sensitive data that can be used in future attacks.

Okta says that threat actors broke into its support case management system and stole authentication data, including cookies …

Threat actors breached Okta support system and stole customers’ data

Okta revealed that threat actors breached its support case management system and stole sensitive data that can be used in future attacks.

Okta says that threat actors broke into its support case management system and stole authentication data, including cookies …