Search.AI.Wiki

Category: Security Affairs

Security Affairs newsletter Round 420 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

We

2021 data breach exposed data of 70 Million Luxottica customers

Luxottica has finally confirmed the 2021 data breach that exposed the personal information of 70 million customers.

Luxottica Group S.p.A. is an Italian eyewear conglomerate and the world’s largest company in the eyewear industry. As a vertically integrated company, Luxottica …

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Cybercriminal gang FIN7 returned with a new wave of attacks aimed at deploying the Clop ransomware on victims’ networks.

Researchers at Microsoft Security Intelligence team published a series of tweets to warn of a new wave of attacks aimed at …

US CISA warns of a Samsung vulnerability under active exploitation

US CISA added the vulnerability CVE-2023-21492 flaw affecting Samsung devices to its Known Exploited Vulnerabilities Catalog.

US CISA added the vulnerability CVE-2023-21492 vulnerability (CVSS score: 4.4) affecting Samsung devices to its Known Exploited Vulnerabilities Catalog.

The issue affects Samsung mobile …

February cyber incident will cost molten metal flow engineering firm Vesuvius £3.5 million

Vesuvius, a leader in molten metal flow engineering and technology, revealed that the February cyber incident will cost it £3.5 million

Vesuvius is a global leader in molten metal flow engineering and technology, it employs more than 10,000 people and …

NPM packages found containing the TurkoRat infostealer

Experts discovered two malicious packages in the npm package repository, both were laced with an open-source info-stealer called TurkoRat.

ReversingLabs discovered two malicious packages, respectively named nodejs-encrypt-agent and nodejs-cookie-proxy-agent, in the npm package repository containing an open-source info-stealer called TurkoRat.…

NPM packages found containing the TurkoRat infostealer

Experts discovered two malicious packages in the npm package repository, both were laced with an open-source info-stealer called TurkoRat.

ReversingLabs discovered two malicious packages, respectively named nodejs-encrypt-agent and nodejs-cookie-proxy-agent, in the npm package repository containing an open-source info-stealer called TurkoRat.…

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices.

A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. Infected devices were …

Apple fixed three new actively exploited zero-day vulnerabilities

Apple released security updates to address three zero-day vulnerabilities in iPhones, Macs, and iPads that are actively exploited in attacks.

Apple has addressed three new zero-day vulnerabilities that are actively exploited in attacks in the wild to hack into iPhones, …

KeePass 2.X Master Password Dumper allows retrieving the KeePass master password

A researcher published a PoC tool to retrieve the master password from KeePass by exploiting the CVE-2023-32784 vulnerability.

Security researcher Vdohney released a PoC tool called KeePass 2.X Master Password Dumper that allows retrieving the master password for KeePass.

The …

Admin of the darknet carding platform Skynet Market pleads guilty

A US national has pleaded guilty to operating the carding site Skynet Market and selling financial information belonging to tens of thousands of US victims.

The U.S. national Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, pleaded guilty …

Critical fixed critical flaws in Cisco Small Business Switches

Cisco fixed nine flaws in its Small Business Series Switches that could be exploited to execute arbitrary code or cause a DoS condition.

Cisco has released security updates to address nine security vulnerabilities in the web-based user interface of certain …

Critical fixed critical flaws in Cisco Small Business Switches

Cisco fixed nine flaws in its Small Business Series Switches that could be exploited to execute arbitrary code or cause a DoS condition.

Cisco has released security updates to address nine security vulnerabilities in the web-based user interface of certain …

Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) announced that Ukraine, Ireland, Japan and Iceland joined the organization.

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a multinational organization established to enhance cyber defence capabilities and promote …

Monitoring the dark web to identify threats to energy sector organizations

Searchlight Cyber researchers warn of threat actors that are offering on the dark web access to energy sector organizations.

Dark web intelligence firm Searchlight Cyber published a report that analyzes how threat actors in the dark web prepare their malicious …

US Gov offers a $10M reward for a Russian ransomware actor

The US government is offering a $10M reward for Russian national Mikhail Pavlovich Matveev (30) charged for his role in ransomware attacks

The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar, for …

University admission platform Leverage EDU exposed student passports

The popular university admission platform Leverage EDU leaked almost 240,000 sensitive files, including students’ passports, financial documents, certificates, and exam results.

The Cybernews research team discovered that Leverage EDU leaked extremely sensitive data due to the misconfiguration of their systems. …

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack.

The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response …

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023.

Since January 2023, Check Point Research monitored a series of targeted attacks aimed at European foreign affairs entities that have been …

President Zelensky imposes sanctions against the Russian IT sector

Ukraine’s President Zelensky and the country’s Council of National Security introduced new sanctions against individuals and businesses.

Ukraine’s President Volodymyr Zelensky and the country’s Council of National Security introduced new sanctions against 351 Russian individuals and 241 business entities.

The …
文 » A