DATE |
NAME |
CATEGORY |
WEB |
|
31.8.23 |
IT threat evolution in Q2 2023. Mobile statistics |
Cyber |
Securelist |
|
31.8.23 |
IT threat evolution in Q2 2023 |
Cyber |
Securelist |
|
31.8.23 |
IT threat evolution in Q2 2023. Non-mobile statistics |
Cyber |
Securelist |
|
31.8.23 |
Paramount discloses data breach following security incident |
Incindent |
BleepingComputer |
|
31.8.23 |
Windows 11 browser change: Europe applauds, outrage everywhere else |
OS |
BleepingComputer |
|
31.8.23 |
Apple opens 2024 applications to get ‘security research’ iPhones |
Apple |
BleepingComputer |
|
31.8.23 |
WordPress migration add-on flaw could lead to data breaches |
Incindent |
BleepingComputer |
|
31.8.23 |
VMware Aria vulnerable to critical SSH authentication bypass flaw |
Vulnerebility |
BleepingComputer |
|
31.8.23 |
Hacking campaign bruteforces Cisco VPNs to breach networks |
Hack |
BleepingComputer |
|
31.8.23 |
Trojanized Signal and Telegram apps on Google Play delivered spyware |
Android |
BleepingComputer |
|
31.8.23 |
Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security |
Exploit |
The Hacker News |
|
31.8.23 |
MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature |
Android |
The Hacker News |
|
31.8.23 |
China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users |
Android |
The Hacker News |
|
31.8.23 |
How to Prevent ChatGPT From Stealing Your Content & Traffic |
AI |
The Hacker News |
|
30.8.23 |
Why are we seeing such a huge demand for AI at the moment? |
AI |
Securityaffairs |
|
30.8.23 |
Critical RCE flaw impacts VMware Aria Operations Networks |
Vulnerebility |
Securityaffairs |
|
30.8.23 |
FBI: Operation 'Duck Hunt' dismantled the Qakbot botnet |
BigBrothers |
Securityaffairs |
|
30.8.23 |
UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw |
Vulnerebility |
Securityaffairs |
|
30.8.23 |
FIN8-linked actor targets Citrix NetScaler systems |
Hack |
Securityaffairs |
|
30.8.23 |
Japan's JPCERT warns of new 'MalDoc in PDF' attack technique |
Hack |
Securityaffairs |
|
30.8.23 |
Attackers can discover IP address by sending a link over the Skype mobile app |
Hack |
Securityaffairs |
|
30.8.23 |
Researchers published PoC exploit code for Juniper SRX firewall flaws |
Exploit |
Securityaffairs |
|
30.8.23 |
How the FBI nuked Qakbot malware from infected Windows PCs |
Virus |
BleepingComputer |
|
30.8.23 |
DreamBus malware exploits RocketMQ flaw to infect servers |
Virus |
BleepingComputer |
|
30.8.23 |
New Android MMRat malware uses Protobuf protocol to steal your data |
Android |
BleepingComputer |
|
30.8.23 |
Qakbot botnet dismantled after infecting over 700,000 computers |
BotNet |
BleepingComputer |
|
30.8.23 |
Microsoft adds HSTS support to Exchange Server 2016 and 2019 |
Security |
BleepingComputer |
|
30.8.23 |
Hackers exploit critical Juniper RCE bug chain after PoC release |
Exploit |
BleepingComputer |
|
30.8.23 |
University of Michigan shuts down network after cyberattack |
Hack |
BleepingComputer |
|
30.8.23 |
Genshin Impact dev will sue Kaveh Hacks users and developers |
Hack |
BleepingComputer |
|
30.8.23 |
US govt email servers hacked in Barracuda zero-day attacks |
BigBrothers |
BleepingComputer |
|
30.8.23 |
Malicious npm Packages Aim to Target Developers for Source Code Theft |
Virus |
The Hacker News |
|
30.8.23 |
Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits |
Exploit |
The Hacker News |
|
30.8.23 |
Critical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote Attacks |
Vulnerebility |
The Hacker News |
|
30.8.23 |
FBI Dismantles QakBot Malware, Frees 700,000 Computers, Seizes $8.6 Million |
BigBrothers |
The Hacker News |
|
30.8.23 |
Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom |
Exploit |
The Hacker News |
|
30.8.23 |
DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates |
Virus |
The Hacker News |
|
29.8.23 |
Why LaZagne Makes D-Bus API Vigilance Crucial |
Cyber blog |
Palo Alto |
|
29.8.23 |
Crossing the Line: Unit 42 Wireshark Quiz for RedLine Stealer |
Malware blog |
Palo Alto |
|
29.8.23 |
28TH AUGUST – THREAT INTELLIGENCE REPORT |
Cyber blog |
Checkpoint |
|
29.8.23 |
TUNNEL WARFARE: EXPOSING DNS TUNNELING CAMPAIGNS USING GENERATIVE MODELS – COINLOADER CASE STUDY |
Cyber blog |
Checkpoint |
|
29.8.23 |
2023 Mid-Year Cyber Security Report: Report Reveals 48 Ransomware Groups Have Breached Over 2,200 Victims |
Ransom blog |
Checkpoint |
|
29.8.23 |
The Rhysida Ransomware: Activity Analysis and Ties to Vice Society |
Ransom blog |
Checkpoint |
|
29.8.23 |
What is commercial spyware? |
Malware blog |
Cisco Blog |
|
29.8.23 |
What Cisco Talos knows about the Rhysida ransomware |
Ransom blog |
Cisco Blog |
|
29.8.23 |
Six critical vulnerabilities included in August’s Microsoft security update |
Vulnerebility blog |
Cisco Blog |
|
29.8.23 |
Code leaks are causing an influx of new ransomware actors |
Ransom blog |
Cisco Blog |
|
29.8.23 |
New threat actor targets Bulgaria, China, Vietnam and other countries with customized Yashma ransomware |
BigBrother blog |
Cisco Blog |
|
29.8.23 |
Previewing Talos at BlackHat 2023 |
Cyber blog |
Cisco Blog |
|
29.8.23 |
Attacks on Citrix NetScaler systems linked to ransomware actor |
Ransom |
BleepingComputer |
|
29.8.23 |
MalDoc in PDFs: Hiding malicious Word docs in PDF files |
Virus |
BleepingComputer |
|
29.8.23 |
Microsoft will enable Exchange Extended Protection by default this fall |
Security |
BleepingComputer |
|
29.8.23 |
Spain warns of LockBit Locker ransomware phishing attacks |
Ransom |
BleepingComputer |
|
29.8.23 |
Microsoft blames ‘unsupported processor’ blue screens on OEM vendors |
OS |
BleepingComputer |
|
29.8.23 |
Exploit released for Juniper firewall bugs allowing RCE attacks |
Exploit |
BleepingComputer |
|
29.8.23 |
Mom’s Meals discloses data breach impacting 1.2 million people |
Incindent |
BleepingComputer |
|
29.8.23 |
Citrix NetScaler Alert: Ransomware Hackers Exploiting Critical Vulnerability |
Ransom |
The Hacker News |
|
29.8.23 |
Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks |
Phishing |
The Hacker News |
|
28.8.23 |
Recovering from a supply-chain attack: What are the lessons to learn from the 3CX hack? |
Attack blog |
Eset |
|
28.8.23 |
How a Telegram bot helps scammers target victims – Week in security with Tony Anscombe |
Social blog |
Eset |
|
28.8.23 |
Telekopye: Hunting Mammoths using Telegram bot |
BotNet blog |
Eset |
|
28.8.23 |
Scarabs colon-izing vulnerable servers |
Vulnerebility blog |
Eset |
|
28.8.23 |
A Bard’s Tale – how fake AI bots try to install malware |
Malware blog |
Eset |
|
28.8.23 |
Cyber blog |
Cyber blog |
Eset |
|
28.8.23 |
DEF CON 31: US DoD urges hackers to go and hack ‘AI’ |
Cyber blog |
Eset |
|
28.8.23 |
Mass-spreading campaign targeting Zimbra users |
Cyber blog |
Eset |
|
28.8.23 |
DEF CON 31: Robot vacuums may be doing more than they claim |
Cyber blog |
Eset |
|
28.8.23 |
Black Hat 2023: Hacking the police (at least their radios) |
Cyber blog |
Eset |
|
28.8.23 |
Black Hat 2023: How AI changes the monetization of search |
Cyber blog |
Eset |
|
28.8.23 |
Black Hat 2023: AI gets big defender prize money |
Cyber blog |
Eset |
|
28.8.23 |
Black Hat 2023: ‘Teenage’ AI not enough for cyberthreat intelligence |
Cyber blog |
Eset |
|
28.8.23 |
20k security folks in the desert – Week in security with Tony Anscombe |
Cyber blog |
Eset |
|
28.8.23 |
Black Hat 2023: Cyberwar fire-and-forget-me-not |
Cyber blog |
Eset |
|
28.8.23 |
MoustachedBouncer: Espionage against foreign diplomats in Belarus |
BigBrother blog |
Eset |
|
28.8.23 |
Time is money, and online game scammers have lots of it |
Phishing blog |
Eset |
|
28.8.23 |
Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege |
Exploit |
The Hacker News |
|
28.8.23 |
Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel |
Virus |
The Hacker News |
|
28.8.23 |
Rhysida claims ransomware attack on Prospect Medical, threatens to sell data |
Ransom |
BleepingComputer |
|
28.8.23 |
Microsoft wants you to learn more about new features in Windows 11 |
OS |
BleepingComputer |
|
28.8.23 |
Rhysida ransomware group claims the hack of Prospect Medical |
Ransom |
Securityaffairs |
|
28.8.23 |
Updated Kmsdx botnet targets IoT devices |
BotNet |
Securityaffairs |
|
28.8.23 |
Massive MOVEit campaign already impacted at least 1,000 organizations and 60 million individuals |
Hack |
Securityaffairs |
|
28.8.23 |
Poland's authorities investigate a hacking attack on country's railways |
BigBrothers |
Securityaffairs |
|
28.8.23 |
Leaked LockBit 3.0 ransomware builder used by multiple threat actors |
Ransom |
Securityaffairs |
|
28.8.23 |
Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software |
Vulnerebility |
Securityaffairs |
|
28.8.23 |
KmsdBot Malware Gets an Upgrade: Now Targets IoT Devices with Enhanced Capabilities |
Virus |
The Hacker News |
|
27.8.23 |
Cloud and hosting provider Leaseweb took down critical systems after a cyber attack |
Hack |
Securityaffairs |
|
27.8.23 |
LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants |
Ransom |
The Hacker News |
|
26.8.23 |
Kroll Suffers Data Breach: Employee Falls Victim to SIM Swapping Attack |
Incindent |
The Hacker News |
|
26.8.23 |
Two LAPSUS$ Hackers Convicted in London Court for High-Profile Tech Firm Hacks |
Hack |
The Hacker News |
|
26.8.23 |
Phishing with hacked sites |
Phishing |
Securelist |
|
26.8.23 |
Lockbit leak, research opportunities on tools leaked from TAs |
Ransom |
Securelist |
|
26.8.23 |
China-linked Flax Typhoon APT targets Taiwan |
APT |
Securityaffairs |
|
26.8.23 |
Whiffy Recon malware triangulates the position of infected systems via Wi-Fi |
Virus |
Securityaffairs |
|
26.8.23 |
FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective |
Vulnerebility |
Securityaffairs |
|
26.8.23 |
Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035 |
Exploit |
Securityaffairs |
|
26.8.23 |
Lazarus APT exploits Zoho ManageEngine flaw to target an Internet backbone infrastructure provider |
APT |
Securityaffairs |
|
26.8.23 |
Lapsus$ member has been convicted of having hacked multiple high-profile companies |
Hack |
Securityaffairs |
|
26.8.23 |
More than 3,000 Openfire servers exposed to attacks using a new exploit |
Exploit |
Securityaffairs |
|
26.8.23 |
DoJ charged Tornado Cash founders with laundering more than $1 billion |
BigBrothers |
Securityaffairs |
|
26.8.23 |
FBI identifies wallets holding cryptocurrency funds stolen by North Korea |
Cryptocurrency |
Securityaffairs |
|
25.8.23 |
Data breach at French govt agency exposes info of 10 million people |
Incindent |
BleepingComputer |
|
25.8.23 |
MSI: Recent wave of Windows blue screens linked to MSI motherboards |
OS |
BleepingComputer |
|
25.8.23 |
ICO calls social media firms to protect people's data from scraping |
Social |
BleepingComputer |
|
25.8.23 |
Microsoft: Stealthy Flax Typhoon hackers use LOLBins to evade detection |
Hack |
BleepingComputer |
|
25.8.23 |
Leaseweb is restoring ‘critical’ systems after security breach |
Incindent |
BleepingComputer |
|
25.8.23 |
Kroll data breach exposes info of FTX, BlockFi, Genesis creditors |
Incindent |
BleepingComputer |
|
25.8.23 |
FBI warns of patched Barracuda ESG appliances still being hacked |
Vulnerebility |
BleepingComputer |
|
25.8.23 |
Ransomware hackers dwell time drops to 5 days, RDP still widely used |
Ransom |
BleepingComputer |
|
25.8.23 |
Jupiter X Core WordPress plugin could let hackers hijack sites |
Hack |
BleepingComputer |
|
25.8.23 |
New Windows updates cause UNSUPPORTED_PROCESSOR blue screens |
OS |
BleepingComputer |
|
25.8.23 |
New Whiffy Recon malware uses WiFi to triangulate your location |
Virus |
BleepingComputer |
|
25.8.23 |
Exploit released for Ivanti Sentry bug abused as zero-day in attacks |
Exploit |
BleepingComputer |
|
25.8.23 |
Hackers use public ManageEngine exploit to breach internet org |
Exploit |
BleepingComputer |
|
25.8.23 |
Lapsus$ teen hackers convicted of high-profile cyberattacks |
Attack |
BleepingComputer |
|
25.8.23 |
Windows 10 KB5029331 update introduces a new Backup app |
OS |
BleepingComputer |
|
25.8.23 |
Over 3,000 Openfire servers vulnerable to takover attacks |
Hack |
BleepingComputer |
|
25.8.23 |
Bitwarden releases free and open-source E2EE Secrets Manager |
Cyber |
BleepingComputer |
|
25.8.23 |
Discord starts notifying users affected by March data breach |
Incindent |
BleepingComputer |
|
25.8.23 |
New stealthy techniques let hackers gain Windows SYSTEM privileges |
Hack |
BleepingComputer |
|
25.8.23 |
US charges founders of Tornado Cash mixer used by Lazarus hackers |
Hack |
BleepingComputer |
|
25.8.23 |
Kali Linux 2023.3 released with 9 new tools, internal changes |
OS |
BleepingComputer |
|
25.8.23 |
Google Workspace will require two admins to sign off on critical changes |
Cyber |
BleepingComputer |
|
25.8.23 |
FBI: Lazarus hackers readying to cash out $41 million in stolen crypto |
Cryptocurrency |
BleepingComputer |
|
25.8.23 |
Hosting firm says it lost all customer data after ransomware attack |
Ransom |
BleepingComputer |
|
25.8.23 |
WinRAR zero-day exploited since April to hack trading accounts |
Vulnerebility |
BleepingComputer |
|
25.8.23 |
China-Linked Flax Typhoon Cyber Espionage Targets Taiwan's Key Sectors |
BigBrothers |
The Hacker News |
|
25.8.23 |
Urgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent Patches |
BigBrothers |
The Hacker News |
|
25.8.23 |
Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT |
Virus |
The Hacker News |
|
24.8.23 |
New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia |
BotNet |
The Hacker News |
|
24.8.23 |
New "Whiffy Recon" Malware Triangulates Infected Device Location via Wi-Fi Every Minute |
Virus |
The Hacker News |
|
24.8.23 |
WinRAR Security Flaw Exploited in Zero-Day Attacks to Target Traders |
Vulnerebility |
The Hacker News |
|
24.8.23 |
Thousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity Flaw |
Vulnerebility |
The Hacker News |
|
24.8.23 |
Tornado Cash Founders Charged in Billion-Dollar Crypto Laundering Scandal |
Cryptocurrency |
The Hacker News |
|
24.8.23 |
North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns |
BigBrothers |
The Hacker News |
|
24.8.23 |
Meta Set to Enable Default End-to-End Encryption on Messenger by Year End |
Security |
The Hacker News |
|
23.8.23 |
Carderbee APT targets Hong Kong orgs via supply chain attacks |
APT |
Securityaffairs |
|
23.8.23 |
TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwords |
Vulnerebility |
Securityaffairs |
|
23.8.23 |
Defense contractor Belcan leaks admin password with a list of flaws |
Incindent |
Securityaffairs |
|
23.8.23 |
Akira ransomware gang spotted targeting Cisco VPN products to hack organizations |
Ransom |
Securityaffairs |
|
23.8.23 |
Scraped data of 2.6 million Duolingo users released on hacking forum |
Incindent |
BleepingComputer |
|
23.8.23 |
New Windows 11 policy lets admins control optional updates installation |
OS |
BleepingComputer |
|
23.8.23 |
Windows 11 KB5029351 preview update released with Search fixes |
OS |
BleepingComputer |
|
23.8.23 |
New HiatusRAT malware attacks target US Defense Department |
Virus |
BleepingComputer |
|
23.8.23 |
Microsoft Excel to let you run Python scripts as formulas |
OS |
BleepingComputer |
|
23.8.23 |
Akira ransomware targets Cisco VPNs to breach organizations |
Ransom |
BleepingComputer |
|
23.8.23 |
Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead |
Cryptocurrency |
The Hacker News |
|
23.8.23 |
Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware |
Virus |
The Hacker News |
|
23.8.23 |
Spacecolon Toolset Fuels Global Surge in Scarab Ransomware Attacks |
Ransom |
The Hacker News |
|
23.8.23 |
Over a Dozen Malicious npm Packages Target Roblox Game Developers |
Virus |
The Hacker News |
|
22.8.23 |
Snatch gang claims the hack of the Department of Defence South Africa |
CyberCrime |
Securityaffairs |
|
22.8.23 |
CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalog |
Vulnerebility |
Securityaffairs |
|
22.8.23 |
A cyber attack hit the Australian software provider Energy One |
BigBrothers |
Securityaffairs |
|
22.8.23 |
Ivanti fixed a new critical Sentry API authentication bypass flaw |
Vulnerebility |
Securityaffairs |
|
22.8.23 |
BlackCat ransomware group claims the hack of Seiko network |
Ransom |
Securityaffairs |
|
22.8.23 |
New HiatusRAT campaign targets Taiwan and U.S. military procurement system |
Virus |
Securityaffairs |
|
22.8.23 |
Spoofing an Apple device and tricking users into sharing sensitive data |
Apple |
Securityaffairs |
|
22.8.23 |
Israel and US to Invest $3.85 Million in projects for critical infrastructure protection through the BIRD Cyber Program |
BigBrothers |
Securityaffairs |
|
22.8.23 |
N. Korean Kimsuky APT targets S. Korea-US military exercises |
APT |
Securityaffairs |
|
22.8.23 |
Carderbee hacking group hits Hong Kong orgs in supply chain attack |
CyberCrime |
BleepingComputer |
|
22.8.23 |
TP-Link smart bulbs can let hackers steal your WiFi password |
Incindent |
BleepingComputer |
|
22.8.23 |
Sneaky Amazon Google ad leads to Microsoft support scam |
Spam |
BleepingComputer |
|
22.8.23 |
Ongoing Duo outage causes Azure Auth authentication errors |
Vulnerebility |
BleepingComputer |
|
22.8.23 |
Ivanti warns of new actively exploited MobileIron zero-day bug |
Vulnerebility |
BleepingComputer |
|
22.8.23 |
Japanese watchmaker Seiko breached by BlackCat ransomware gang |
Ransom |
BleepingComputer |
|
22.8.23 |
Hands on with Windows 11's 'never combine' taskbar feature |
OS |
BleepingComputer |
|
22.8.23 |
Google Chrome to warn when installed extensions are malware |
Virus |
BleepingComputer |
|
22.8.23 |
Cuba ransomware uses Veeam exploit against critical U.S. organizations |
Ransom |
BleepingComputer |
|
22.8.23 |
Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates |
Virus |
The Hacker News |
|
22.8.23 |
New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App |
Virus |
The Hacker News |
|
22.8.23 |
Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software |
Vulnerebility |
The Hacker News |
|
22.8.23 |
Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog |
Vulnerebility |
The Hacker News |
|
21.8.23 |
New WinRAR Vulnerability Could Allow Hackers to Take Control of Your PC |
Vulnerebility |
The Hacker News |
|
21.8.23 |
This Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy Servers |
Apple |
The Hacker News |
|
21.8.23 |
HiatusRAT Malware Resurfaces: Taiwan Firms and U.S. Military Under Attack |
Virus |
The Hacker News |
|
20.8.23 |
Four Juniper Junos OS flaws can be chained to remotely hack devices |
Vulnerebility |
Securityaffairs |
|
20.8.23 |
Cybersecurity: CASB vs SASE |
Cyber |
Securityaffairs |
|
20.8.23 |
Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection |
Android |
Securityaffairs |
|
20.8.23 |
WinRAR flaw enables remote code execution of arbitrary code |
Vulnerebility |
Securityaffairs |
|
20.8.23 |
#OpFukushima: Anonymous group protests against the plan to dump Fukushima RADIOACTIVE wastewater into Pacific |
Hack |
Securityaffairs |
|
20.8.23 |
Massive phishing campaign targets users of the Zimbra Collaboration email server |
Phishing |
Securityaffairs |
|
20.8.23 |
Africa Cyber Surge II law enforcement operation has led to the arrest of 14 suspects |
CyberCrime |
Securityaffairs |
|
20.8.23 |
Bronze Starlight targets the Southeast Asian gambling sector |
APT |
Securityaffairs |
|
20.8.23 |
APT29 is targeting Ministries of Foreign Affairs of NATO-aligned countries |
APT |
Securityaffairs |
|
20.8.23 |
A massive campaign delivered a proxy server application to 400,000 Windows systems |
Cyber |
Securityaffairs |
|
20.8.23 |
Alarming lack of cybersecurity practices on world’s most popular websites |
Cyber |
Securityaffairs |
|
20.8.23 |
Experts devise an exploit for Apple iOS 16 that relies on fake Airplane Mode |
Apple |
Securityaffairs |
|
20.8.23 |
Cleaning Products manufacturer Clorox Company took some systems offline after a cyberattack |
Cyber |
Securityaffairs |
|
20.8.23 |
CISA adds flaw in Citrix ShareFile to its Known Exploited Vulnerabilities catalog |
Vulnerebility |
Securityaffairs |
|
20.8.23 |
A massive phishing campaign using QR codes targets the energy sector |
Phishing |
Securityaffairs |
|
20.8.23 |
Two unauthenticated stack buffer overflows found in Ivanti Avalanche EMM |
Vulnerebility |
Securityaffairs |
|
20.8.23 |
Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign |
Virus |
Securityaffairs |
|
20.8.23 |
Credentials for cybercrime forums found on roughly 120K computers infected with info stealers |
Virus |
Securityaffairs |
|
20.8.23 |
Monti Ransomware gang launched a new Linux encryptor |
Ransom |
Securityaffairs |
|
20.8.23 |
Hacking ATMs by exploiting flaws in ScrutisWeb ATM fleet software |
Exploit |
Securityaffairs |
|
20.8.23 |
QwixxRAT, a new Windows RAT appears in the threat landscape |
Virus |
Securityaffairs |
|
20.8.23 |
Ongoing Xurum attacks target Magento 2 e-stores |
Attack |
Securityaffairs |
|
20.8.23 |
Colorado HCPF Department notifies 4 million individuals after IBM MOVEit breach |
Incindent |
Securityaffairs |
|
20.8.23 |
Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) |
Vulnerebility |
Securityaffairs |
|
20.8.23 |
Hackers use VPN provider's code certificate to sign malware |
Virus |
BleepingComputer |
|
20.8.23 |
Rust devs push back as Serde project ships precompiled binaries |
Virus |
BleepingComputer |
|
19.8.23 |
WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams |
Spam |
The Hacker News |
|
19.8.23 |
New Juniper Junos OS Flaws Expose Devices to Remote Attacks - Patch Now |
Vulnerebility |
The Hacker News |
|
19.8.23 |
Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection |
Android |
The Hacker News |
|
19.8.23 |
The Week in Ransomware - August 18th 2023 - LockBit on Thin Ice |
Ransom |
BleepingComputer |
|
19.8.23 |
WinRAR flaw lets hackers run programs when you open RAR archives |
Vulnerebility |
BleepingComputer |
|
19.8.23 |
Hotmail email delivery fails after Microsoft misconfigures DNS |
Security |
BleepingComputer |
|
19.8.23 |
Interpol arrests 14 suspected cybercriminals for stealing $40 million |
CyberCrime |
BleepingComputer |
|
19.8.23 |
Microsoft: BlackCat's Sphynx ransomware embeds Impacket, RemCom |
Ransom |
BleepingComputer |
|
19.8.23 |
Hackers ask $120,000 for access to multi-billion auction house |
Incindent |
BleepingComputer |
|
19.8.23 |
Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks |
Attack |
BleepingComputer |
|
19.8.23 |
Phishing campaign steals accounts for Zimbra email servers worlwide |
Phishing |
BleepingComputer |
|
19.8.23 |
Windows Task Manager refresh can be paused using CTRL key |
OS |
BleepingComputer |
|
19.8.23 |
Thousands of Android APKs use compression trick to thwart analysis |
Android |
BleepingComputer |
|
19.8.23 |
File sharing site Anonfiles shuts down due to overwhelming abuse |
Cyber |
BleepingComputer |
|
19.8.23 |
CISA warns of critical Citrix ShareFile flaw exploited in the wild |
Vulnerebility |
BleepingComputer |
|
19.8.23 |
Google released first quantum-resilient FIDO2 key implementation |
Safety |
BleepingComputer |
|
19.8.23 |
Massive 400,000 proxy botnet built with stealthy malware infections |
BotNet |
BleepingComputer |
|
19.8.23 |
Major U.S. energy org targeted in QR code phishing attack |
Attack |
BleepingComputer |
|
19.8.23 |
14 Suspected Cybercriminals Arrested Across Africa in Coordinated Crackdown |
CyberCrime |
The Hacker News |
|
19.8.23 |
New Wave of Attack Campaign Targeting Zimbra Email Users for Credential Theft |
Phishing |
The Hacker News |
|
19.8.23 |
New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools |
Ransom |
The Hacker News |
|
19.8.23 |
Google Chrome's New Feature Alerts Users About Auto-Removal of Malicious Extensions |
Safety |
The Hacker News |
|
18.8.23 |
NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security |
Vulnerebility |
The Hacker News |
|
18.8.23 |
China-Linked Bronze Starlight Group Targeting Gambling Sector with Cobalt Strike Beacons |
APT |
The Hacker News |
|
18.8.23 |
New LABRAT Campaign Exploits GitLab Flaw for Cryptojacking and Proxyjacking Activities |
Cryptocurrency |
The Hacker News |
|
18.8.23 |
New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode |
Apple |
The Hacker News |
|
18.8.23 |
Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing Attacks |
Phishing |
The Hacker News |
|
18.8.23 |
CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks |
Vulnerebility |
The Hacker News |
|
18.8.23 |
Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks |
Attack |
The Hacker News |
|
18.8.23 |
Google Introduces First Quantum Resilient FIDO2 Security Key Implementation |
Security |
The Hacker News |
|
18.8.23 |
Critical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 Organizations |
Vulnerebility |
The Hacker News |
|
16.8.23 |
Ivanti Avalanche impacted by critical pre-auth stack buffer overflows |
Vulnerebility |
BleepingComputer |
|
16.8.23 |
LinkedIn accounts hacked in widespread hijacking campaign |
Social |
BleepingComputer |
|
16.8.23 |
Almost 2,000 Citrix NetScaler servers backdoored in hacking campaign |
Vulnerebility |
BleepingComputer |
|
16.8.23 |
Raccoon Stealer malware returns with new stealthier version |
Virus |
BleepingComputer |
|
16.8.23 |
New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices |
Vulnerebility |
BleepingComputer |
|
16.8.23 |
Threat actors use beta apps to bypass mobile app store security |
Mobil |
BleepingComputer |
|
16.8.23 |
Discord.io confirms breach after hacker steals data of 760K users |
Incindent |
BleepingComputer |
|
16.8.23 |
Over 100K hacking forums accounts exposed by info-stealing malware |
Virus |
BleepingComputer |
|
16.8.23 |
Microsoft enables Windows Kernel CVE-2023-32019 fix for everyone |
Vulnerebility |
BleepingComputer |
|
16.8.23 |
FBI warns of increasing cryptocurrency recovery scams |
Spam |
BleepingComputer |
|
16.8.23 |
Nearly 2,000 Citrix NetScaler Instances Hacked via Critical Vulnerability |
Vulnerebility |
The Hacker News |
|
16.8.23 |
Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn |
Phishing |
The Hacker News |
|
16.8.23 |
Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking |
Vulnerebility |
The Hacker News |
|
16.8.23 |
Monti Ransomware Returns with New Linux Variant and Enhanced Evasion Tactics |
Ransom |
The Hacker News |
|
16.8.23 |
Malware Unleashed: Public Sector Hit in Sudden Surge, Reveals New Report |
Virus |
The Hacker News |
|
16.8.23 |
Gigabud RAT Android Banking Malware Targets Institutions Across Countries |
Android |
The Hacker News |
|
15.8.23 |
Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums |
CyberCrime |
The Hacker News |
|
15.8.23 |
North Korean Hackers Suspected in New Wave of Malicious npm Packages |
BigBrothers |
The Hacker News |
|
14.8.23 |
Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) |
Vulnerebility |
Securityaffairs |
|
14.8.23 |
Nine flaws in CyberPower and Dataprobe solutions expose data centers to hacking |
Vulnerebility |
Securityaffairs |
|
14.8.23 |
Multiple flaws in CODESYS V3 SDK could lead to RCE or DoS |
Vulnerebility |
Securityaffairs |
|
14.8.23 |
The DHS’s CSRB to review cloud security practices following the hack of Microsoft Exchange govt email accounts |
BigBrothers |
Securityaffairs |
|
14.8.23 |
Police dismantled bulletproof hosting service provider Lolek Hosted |
CyberCrime |
Securityaffairs |
|
14.8.23 |
Python URL parsing function flaw can enable command execution |
Vulnerebility |
Securityaffairs |
|
14.8.23 |
Phishing with hacked sites |
Phishing |
Securelist |
|
14.8.23 |
Focus on DroxiDat/SystemBC |
Virus |
Securelist |
|
14.8.23 |
Monti ransomware targets VMware ESXi servers with new Linux locker |
Ransom |
BleepingComputer |
|
14.8.23 |
Colorado warns 4 million of data stolen in IBM MOVEit breach |
Incindent |
BleepingComputer |
|
14.8.23 |
MaginotDNS attacks exploit weak checks for DNS cache poisoning |
Attack |
BleepingComputer |
|
14.8.23 |
UK gov keeps repeating its voter registration website is NOT a scam |
BigBrothers |
BleepingComputer |
|
14.8.23 |
Knight ransomware distributed in fake Tripadvisor complaint emails |
Ransom |
BleepingComputer |
|
14.8.23 |
Ford says cars with WiFi vulnerability still safe to drive |
Vulnerebility |
BleepingComputer |
|
14.8.23 |
QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord |
Virus |
The Hacker News |
|
14.8.23 |
Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability |
Vulnerebility |
The Hacker News |
|
14.8.23 |
Identity Threat Detection and Response: Rips in Your Identity Fabric |
Security |
The Hacker News |
|
14.8.23 |
Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks |
APT |
The Hacker News |
|
14.8.23 |
New Financial Malware 'JanelaRAT' Targets Latin American Users |
Virus |
The Hacker News |
|
14.8.23 |
India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users' Privacy First |
BigBrothers |
The Hacker News |
|
12.8.23 |
Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk |
Vulnerebility |
The Hacker News |
|
12.8.23 |
Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping |
Vulnerebility |
The Hacker News |
|
12.8.23 |
UK govt contractor MPD FM leaks employee passport data |
BigBrothers |
Securityaffairs |
|
12.8.23 |
Power Generator in South Africa hit with DroxiDat and Cobalt Strike |
Virus |
Securityaffairs |
|
12.8.23 |
The Evolution of API: From Commerce to Cloud |
Security |
Securityaffairs |
|
12.8.23 |
Gafgyt botnet is targeting EoL Zyxel routers |
BotNet |
Securityaffairs |
|
12.8.23 |
Charming Kitten APT is targeting Iranian dissidents in Germany |
APT |
Securityaffairs |
|
12.8.23 |
Statc Stealer, a new sophisticated info-stealing malware |
Virus |
Securityaffairs |
|
12.8.23 |
CISA discovered a new backdoor, named Whirlpool, used in Barracuda ESG attacks |
BigBrothers |
Securityaffairs |
|
12.8.23 |
CISA adds actively exploited flaw in .NET, Visual Studio to its Known Exploited Vulnerabilities catalog |
BigBrothers |
Securityaffairs |
|
12.8.23 |
US Govt launches Artificial Intelligence Cyber Challenge |
BigBrothers |
Securityaffairs |
|
12.8.23 |
Data of all serving police officers Police Service of Northern Ireland (PSNI) mistakenly published online |
Incindent |
Securityaffairs |
|
12.8.23 |
Balada Injector still at large – new domains discovered |
Virus |
Securityaffairs |
|
12.8.23 |
EvilProxy used in massive cloud account takeover scheme |
Virus |
Securityaffairs |
|
12.8.23 |
The Week in Ransomware - August 11th 2023 - Targeting Healthcare |
Ransom |
BleepingComputer |
|
12.8.23 |
US cyber safety board to analyze Microsoft Exchange hack of govt emails |
BigBrothers |
BleepingComputer |
|
12.8.23 |
Xiaomi's MIUI now flags Telegram as dangerous in China |
BigBrothers |
BleepingComputer |
|
12.8.23 |
LOLEKHosted admin arrested for aiding Netwalker ransomware gang |
CyberCrime |
BleepingComputer |
|
12.8.23 |
Lolek Bulletproof Hosting Servers Seized, 5 Key Operators Arrested |
CyberCrime |
The Hacker News |
|
12.8.23 |
New Python URL Parsing Flaw Enables Command Injection Attacks |
Attack |
The Hacker News |
|
12.8.23 |
Researchers Uncover Years-Long Cyber Espionage on Foreign Embassies in Belarus |
BigBrothers |
The Hacker News |
|
12.8.23 |
Enhancing TLS Security: Google Adds Quantum-Resistant Encryption in Chrome 116 |
Security |
The Hacker News |
|
11.8.23 |
Police seize LOLEK bulletproof service for hosting malware |
Virus |
BleepingComputer |
|
11.8.23 |
Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws |
Vulnerebility |
BleepingComputer |
|
11.8.23 |
Amazon AWS distances itself from Moq amid data collection controversy |
Security |
BleepingComputer |
|
11.8.23 |
Lapsus$ hackers took SIM-swapping attacks to the next level |
Mobil |
BleepingComputer |
|
11.8.23 |
Gafgyt malware exploits five-years-old flaw in EoL Zyxel router |
Virus |
BleepingComputer |
|
11.8.23 |
Microsoft Exchange updates pulled after breaking non-English installs |
OS |
BleepingComputer |
|
11.8.23 |
MoustachedBouncer hackers use AiTM attacks to spy on diplomats |
Attack |
BleepingComputer |
|
11.8.23 |
CISA: New Whirlpool backdoor used in Barracuda ESG hacks |
Virus |
BleepingComputer |
|
11.8.23 |
Dell Compellent hardcoded key exposes VMware vCenter admin creds |
Incindent |
BleepingComputer |
|
11.8.23 |
Hackers use open source Merlin post-exploitation toolkit in attacks |
Exploit |
BleepingComputer |
|
11.8.23 |
New BitForge cryptocurrency wallet flaws lets hackers steal crypto |
Cryptocurrency |
BleepingComputer |
|
11.8.23 |
Missouri warns that health info was stolen in IBM MOVEit data breach |
Incindent |
BleepingComputer |
|
11.8.23 |
Rhysida ransomware behind recent attacks on healthcare |
Ransom |
BleepingComputer |
|
11.8.23 |
Popular open source project Moq criticized for quietly collecting data |
Incindent |
BleepingComputer |
|
11.8.23 |
Google to fight hackers with weekly Chrome security updates |
Security |
BleepingComputer |
|
11.8.23 |
Researchers Shed Light on APT31's Advanced Backdoors and Data Exfiltration Tactics |
APT |
The Hacker News |
|
11.8.23 |
New SystemBC Malware Variant Targets Southern African Power Company |
Virus |
The Hacker News |
|
11.8.23 |
16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks |
Vulnerebility |
The Hacker News |
|
11.8.23 |
CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation |
BigBrothers |
The Hacker News |
|
11.8.23 |
New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks |
Attack |
The Hacker News |
|
11.8.23 |
New Statc Stealer Malware Emerges: Your Sensitive Data at Risk |
Virus |
The Hacker News |
|
10.8.23 |
Emerging Attacker Exploit: Microsoft Cross-Tenant Synchronization |
Exploit |
The Hacker News |
|
10.8.23 |
Encryption Flaws in Popular Chinese Language App Put Users' Typed Data at Risk |
BigBrothers |
The Hacker News |
|
10.8.23 |
Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives |
Phishing |
The Hacker News |
|
10.8.23 |
Interpol Busts Phishing-as-a-Service Platform '16Shop,' Leading to 3 Arrests |
CyberCrime |
The Hacker News |
|
10.8.23 |
Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs |
Attack |
The Hacker News |
|
10.8.23 |
China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign |
BigBrothers |
The Hacker News |
|
9.8.23 |
Downfall Intel CPU side-channel attack exposes sensitive data |
Attack |
Securityaffairs |
|
9.8.23 |
LockBit threatens to leak medical data of cancer patients stolen from Varian Medical Systems |
Ransom |
Securityaffairs |
|
9.8.23 |
Microsoft Patch Tuesday for August 2023 fixed 2 actively exploited flaws |
OS |
Securityaffairs |
|
9.8.23 |
UK Electoral Commission discloses a data breach | Incindent |
Securityaffairs |
|
9.8.23 |
EvilProxy phishing campaign targets 120,000 Microsoft 365 users |
Phishing |
BleepingComputer |
|
9.8.23 |
Microsoft Visual Studio Code flaw lets extensions steal passwords |
Vulnerebility |
BleepingComputer |
|
9.8.23 |
Microsoft Office update breaks actively exploited RCE attack chain |
OS |
BleepingComputer |
|
9.8.23 |
Windows 11 KB5029263 cumulative update released with 27 fixes |
OS |
BleepingComputer |
|
9.8.23 |
Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws |
OS |
BleepingComputer |
|
9.8.23 |
Windows 10 KB5029244 and KB5029247 updates released |
OS |
BleepingComputer |
|
9.8.23 |
Interpol takes down 16shop phishing-as-a-service platform |
CyberCrime |
BleepingComputer |
|
9.8.23 |
New Downfall attacks on Intel CPUs steal encryption keys, data |
Attack |
BleepingComputer |
|
9.8.23 |
Android 14 to let you block connections to unencrypted cellular networks |
Android |
BleepingComputer |
|
9.8.23 |
New Inception attack leaks sensitive data from all AMD Zen CPUs |
Attack |
BleepingComputer |
|
9.8.23 |
New Android 14 Security Feature: IT Admins Can Now Disable 2G Networks |
Android |
The Hacker News |
|
9.8.23 |
U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons |
Incindent |
The Hacker News |
|
9.8.23 |
Microsoft Releases Patches for 74 New Vulnerabilities in August Update |
Vulnerebility |
The Hacker News |
|
9.8.23 |
Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining |
Cryptocurrency |
The Hacker News |
|
9.8.23 |
New Report Exposes Vice Society's Collaboration with Rhysida Ransomware |
Ransom |
The Hacker News |
|
8.8.23 |
QakBot Malware Operators Expand C2 Network with 15 New Servers |
Virus |
The Hacker News |
|
8.8.23 |
Hackers Abusing Cloudflare Tunnels for Covert Communications |
Hack |
The Hacker News |
|
8.8.23 |
43 Android apps in Google Play with 2.5M installs loaded ads when a phone screen was off |
Android |
Securityaffairs |
|
8.8.23 |
Zoom trains its AI model with some user data, without giving them an opt-out option |
AI |
Securityaffairs |
|
8.8.23 |
North Korea compromised Russian missile engineering firm NPO Mashinostroyeniya |
BigBrothers |
Securityaffairs |
|
8.8.23 |
A new sophisticated SkidMap variant targets unsecured Redis servers |
Virus |
Securityaffairs |
|
8.8.23 |
UK Electoral Commission data breach exposes 8 years of voter data |
Incindent |
BleepingComputer |
|
8.8.23 |
Hackers increasingly abuse Cloudflare Tunnels for stealthy connections |
Hack |
BleepingComputer |
|
8.8.23 |
Hands on with Windows 11's new modern File Explorer |
OS |
BleepingComputer |
|
8.8.23 |
Google Play apps with 2.5M installs load ads when screen's off |
Android |
BleepingComputer |
|
8.8.23 |
North Korean hackers 'ScarCruft' breached Russian missile maker |
BigBrothers |
BleepingComputer |
|
8.8.23 |
Understanding Active Directory Attack Paths to Improve Security |
Attack |
The Hacker News |
|
8.8.23 |
New Yashma Ransomware Variant Targets Multiple English-Speaking Countries |
Ransom |
The Hacker News |
|
8.8.23 |
LOLBAS in the Wild: 11 Living-Off-The-Land Binaries That Could Be Used for Malicious Purposes |
Virus |
The Hacker News |
|
8.8.23 |
New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs |
Virus |
The Hacker News |
|
8.8.23 |
North Korean Hackers Targets Russian Missile Engineering Firm |
BigBrothers |
The Hacker News |
|
7.8.23 |
FBI warns of crooks posing as NFT developers in fraudulent schema |
BigBrothers |
Securityaffairs |
|
7.8.23 |
The number of ransomware attacks targeting Finland increased fourfold since it started the process to join NATO |
Ransom |
Securityaffairs |
|
7.8.23 |
Microsoft fixed a flaw in Power Platform after being criticized |
Vulnerebility |
Securityaffairs |
|
7.8.23 |
Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack |
Ransom |
Securityaffairs |
|
7.8.23 |
BlueCharlie changes attack infrastructure in response to reports on its activity |
Attack |
Securityaffairs |
|
7.8.23 |
Reptile Rootkit employed in attacks against Linux systems in South Korea |
Virus |
Securityaffairs |
|
7.8.23 |
New PaperCut flaw in print management software exposes servers to RCE attacks |
Vulnerebility |
Securityaffairs |
|
7.8.23 |
Google News, Discover links showing 404 Not Found? Here's how to fix |
Security |
BleepingComputer |
|
7.8.23 |
Google Gmail continuously nagging to enable Enhanced Safe Browsing |
Security |
BleepingComputer |
|
7.8.23 |
Tesla infotainment jailbreak unlocks paid features, extracts secrets |
Hack |
BleepingComputer |
|
7.8.23 |
How to enable hidden Windows 11 features with Microsoft StagingTool |
OS |
BleepingComputer |
|
7.8.23 |
Colorado Department of Higher Education warns of massive data breach |
Incindent |
BleepingComputer |
|
7.8.23 |
Clop ransomware now uses torrents to leak data and evade takedowns |
Ransom |
BleepingComputer |
|
7.8.23 |
New acoustic attack steals data from keystrokes with 95% accuracy |
Attack |
BleepingComputer |
|
7.8.23 |
New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy |
Attack |
The Hacker News |
|
7.8.23 |
New SkidMap Redis Malware Variant Targeting Vulnerable Redis Servers |
Virus |
The Hacker News |
|
7.8.23 |
FBI Alert: Crypto Scammers are Masquerading as NFT Developers |
BigBrothers |
The Hacker News |
|
6.8.23 |
NodeStealer 2.0 – The Python Version: Stealing Facebook Business Accounts |
Malware blog |
Palo Alto |
|
6.8.23 |
Ransomware Delivery URLs: Top Campaigns and Trends |
Ransom blog |
Palo Alto |
|
6.8.23 |
Half-Year in Review: Recapping the top threats and security trends so far in 2023 |
Security blog |
Cisco Blog |
|
6.8.23 |
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter |
Vulnerebility blog |
Cisco Blog |
|
6.8.23 |
Incident Response trends Q2 2023: Data theft extortion rises, while healthcare is still most-targeted vertical |
Incident blog |
Cisco Blog |
|
6.8.23 |
What might authentication attacks look like in a phishing-resistant future? |
Attack blog |
Cisco Blog |
|
6.8.23 |
Threat Source newsletter (Aug. 3, 2023) — Previewing Talos at BlackHat 2023 |
Cyber blog |
Cisco Blog |
|
6.8.23 |
Every company has its own version of ChatGPT now |
Cyber blog |
Cisco Blog |
|
6.8.23 |
The federal government’s cybersecurity policies are falling into place just in time to be stalled again |
BigBrother blog |
Cisco Blog |
|
6.8.23 |
Memory corruption vulnerability in Microsoft Edge; MilesightVPN and router could be taken over |
Vulnerebility blog |
Cisco Blog |
|
6.8.23 |
Why are there so many malware-as-a-service offerings? |
Malware blog |
Cisco Blog |
|
6.8.23 |
Implementing an ISO-compliant threat intelligence program |
Security blog |
Cisco Blog |
|
6.8.23 |
QR codes are relevant again for everyone from diners to threat actors |
Security blog |
Cisco Blog |
|
6.8.23 |
Uncovering weaknesses in Apple macOS and VMWare vCenter: 12 vulnerabilities in RPC implementation |
Vulnerebility blog |
Cisco Blog |
|
6.8.23 |
Check cybersecurity pre-invest – Week in security with Tony Anscombe |
Cyber blog |
Eset |
|
6.8.23 |
Fingerprints all over: Can browser fingerprinting increase website security? |
Security blog |
Eset |
|
6.8.23 |
The grand theft of Jake Moore’s voice: The concept of a virtual kidnap |
Malware blog |
Eset |
|
6.8.23 |
Is backdoor access oppressive? – Week in security with Tony Anscombe |
Malware blog |
Eset |
|
6.8.23 |
Gathering dust and data: How robotic vacuums can spy on you |
Malware blog |
Eset |
|
6.8.23 |
Dear all, What are some common subject lines in phishing emails? |
Phishing blog |
Eset |
|
5.8.23 |
Genesis Market No Longer Feeds The Evil Cookie Monster |
Hacking blog |
Trellix |
|
5.8.23 |
Microsoft mitigates Power Platform Custom Code information disclosure vulnerability |
Vulnerebility blog |
Microsoft Blog |
|
5.8.23 |
Linux Threat Hunting: ‘Syslogk’ a kernel rootkit found under development in the wild |
Malware blog |
Avast blog |
|
5.8.23 |
Reptile Malware Targeting Linux Systems |
Malware blog |
ASEC |
|
5.8.23 |
Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems |
Virus |
The Hacker News |
|
5.8.23 |
Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism |
Vulnerebility |
The Hacker News |
|
5.8.23 |
A cyberattack impacted operations of multiple hospitals in several US states |
BigBrothers |
Securityaffairs |
|
5.8.23 |
Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016 |
Cryptocurrency |
Securityaffairs |
|
5.8.23 |
Malicious packages in the NPM designed for highly-targeted attacks |
Virus |
Securityaffairs |
|
5.8.23 |
Attackers use dynamic code loading to bypass Google Play store’s malware detections |
Android |
Securityaffairs |
|
5.8.23 |
The Week in Ransomware - August 4th 2023 - Targeting VMware ESXi |
Ransom |
BleepingComputer |
|
5.8.23 |
Microsoft fixes flaw after being called irresponsible by Tenable CEO |
OS |
BleepingComputer |
|
5.8.23 |
Microsoft kills Cortana in Windows 11 preview, long live AI! |
OS |
BleepingComputer |
|
5.8.23 |
Google explains how Android malware slips onto Google Play Store |
Android |
BleepingComputer |
|
5.8.23 |
Extended warranty robocallers fined $300 million after 5 billion scam calls |
Spam |
BleepingComputer |
|
5.8.23 |
Fake VMware vConnector package on PyPI targets IT pros |
Hack |
BleepingComputer |
|
5.8.23 |
Researchers Uncover New High-Severity Vulnerability in PaperCut Software |
Vulnerebility |
The Hacker News |
|
4.8.23 |
NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack |
CyberCrime |
The Hacker News |
|
4.8.23 |
Malicious npm Packages Found Exfiltrating Sensitive Data from Developers |
Virus |
The Hacker News |
|
4.8.23 |
CISA, FBI, and NSA published the list of 12 most exploited vulnerabilities of 2022 |
BigBrothers |
Securityaffairs |
|
4.8.23 |
Decommissioned medical infusion pumps sold on secondary market could reveal Wi-Fi configuration settings |
Security |
Securityaffairs |
|
4.8.23 |
OWASP Top 10 for LLM (Large Language Model) applications is out! |
BigBrothers |
Securityaffairs |
|
4.8.23 |
Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bug |
Exploit |
Securityaffairs |
|
4.8.23 |
New Microsoft Azure AD CTS feature can be abused for lateral movement |
OS |
BleepingComputer |
|
4.8.23 |
Hacktivists fund their operations using common cybercrime tactics |
CyberCrime |
BleepingComputer |
|
4.8.23 |
Microsoft shares fix for Outlook asking to reopen closed windows |
OS |
BleepingComputer |
|
4.8.23 |
US govt contractor Serco discloses data breach after MoveIT attacks |
Incindent |
BleepingComputer |
|
4.8.23 |
Brave Search adds private image and video search capability |
Security |
BleepingComputer |
|
4.8.23 |
Hackers can abuse Microsoft Office executables to download malware |
Virus |
BleepingComputer |
|
4.8.23 |
FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022 |
Exploit |
BleepingComputer |
|
4.8.23 |
Chrome malware Rilide targets enterprise users via PowerPoint guides |
Virus |
BleepingComputer |
|
4.8.23 |
What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot |
Virus |
Securelist |
|
4.8.23 |
Major Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited Vulnerabilities |
Exploit |
The Hacker News |
|
3.8.23 |
Cyberthreats increasingly target the world’s biggest event stages |
Cyber blog |
Microsoft Blog |
|
3.8.23 |
Unraveling Russian Multi-Sector DDoS Attacks Across Spain |
BigBrother blog |
Radware |
|
3.8.23 |
Demystifying Mysterious Team Bangladesh |
BigBrother blog |
Group-IB |
|
3.8.23 |
GUARDING THE BRIDGE: NEW ATTACK VECTORS IN AZURE AD CONNECT |
Attack blog |
Sygnia |
|
3.8.23 |
BlueCharlie, Previously Tracked as TAG-53, Continues to Deploy New Infrastructure in 2023 |
Cyber blog |
Recordedfuture |
|
3.8.23 |
One Year After: The Cyber Implications of the Russo-Ukrainian War |
BigBrother blog |
Sekoia |
|
3.8.23 |
Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners |
Android |
The Hacker News |
|
3.8.23 |
New Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3 |
Virus |
The Hacker News |
|
3.8.23 |
Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack |
Hack |
The Hacker News |
|
3.8.23 |
Microsoft Flags Growing Cybersecurity Concerns for Major Sporting Events |
Security |
The Hacker News |
|
3.8.23 |
"Mysterious Team Bangladesh" Targeting India with DDoS Attacks and Data Breaches |
Incindent |
The Hacker News |
|
3.8.23 |
Russian APT29 conducts phishing attacks through Microsoft Teams |
APT |
Securityaffairs |
|
3.8.23 |
Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks |
Vulnerebility |
Securityaffairs |
|
3.8.23 |
Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign |
Social |
Securityaffairs |
|
3.8.23 |
Burger King forgets to put a password on their systems, again |
Incindent |
Securityaffairs |
|
3.8.23 |
Fake FlipperZero sites promise free devices after completing offer |
Security |
BleepingComputer |
|
3.8.23 |
Ivanti discloses new critical auth bypass bug in MobileIron Core |
Vulnerebility |
BleepingComputer |
|
3.8.23 |
Russian hackers target govt orgs in Microsoft Teams phishing attacks |
BigBrothers |
BleepingComputer |
|
3.8.23 |
Over 640 Citrix servers backdoored with web shells in ongoing attacks |
Vulnerebility |
BleepingComputer |
|
3.8.23 |
New Collide+Power side-channel attack impacts almost all CPUs |
Attack |
BleepingComputer |
|
3.8.23 |
Amazon's AWS SSM agent can be used as post-exploitation RAT malware |
Virus |
BleepingComputer |
|
3.8.23 |
Hackers exploited Salesforce zero-day in Facebook phishing attack |
Phishing |
BleepingComputer |
|
3.8.23 |
Microsoft Exposes Russian Hackers' Sneaky Phishing Tactics via Microsoft Teams Chats |
BigBrothers |
The Hacker News |
|
3.8.23 |
Researchers Discover Bypass for Recently Patched Critical Ivanti EPMM Vulnerability |
Vulnerebility |
The Hacker News |
|
3.8.23 |
Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures |
BigBrothers |
The Hacker News |
|
2.8.23 |
Phishers Exploit Salesforce's Email Services Zero-Day in Targeted Facebook Campaign |
Phishing |
The Hacker News |
|
2.8.23 |
Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023 |
ICS |
The Hacker News |
|
2.8.23 |
Top Industries Significantly Impacted by Illicit Telegram Networks |
Social |
The Hacker News |
|
2.8.23 |
Researchers Uncover AWS SSM Agent Misuse as a Covert Remote Access Trojan |
Virus |
The Hacker News |
|
2.8.23 |
CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog |
BigBrothers |
Securityaffairs |
|
2.8.23 |
NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets |
Virus |
Securityaffairs |
|
2.8.23 |
US govt is hunting a Chinese malware that can interfere with its military operations |
BigBrothers |
Securityaffairs |
|
2.8.23 |
WikiLoader malware-as-a-service targets Italian organizations |
Virus |
Securityaffairs |
|
2.8.23 |
Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers |
Hack |
Securityaffairs |
|
2.8.23 |
Experts discovered a previously undocumented initial access vector used by P2PInfect worm |
Virus |
Securityaffairs |
|
2.8.23 |
Iranian Company Cloudzy Accused of Aiding Cybercriminals and Nation-State Hackers |
BigBrothers |
The Hacker News |
|
2.8.23 |
Hackers use new malware to breach air-gapped devices in Eastern Europe |
Hack |
BleepingComputer |
|
2.8.23 |
Threat actors abuse Google AMP for evasive phishing attacks |
Phishing |
BleepingComputer |
|
2.8.23 |
CISA issues new warning on actively exploited Ivanti MobileIron bugs |
BigBrothers |
BleepingComputer |
|
2.8.23 |
Retail chain Hot Topic discloses wave of credential-stuffing attacks |
CyberCrime |
BleepingComputer |
|
2.8.23 |
Cybercriminals train AI chatbots for phishing, malware attacks |
AI |
BleepingComputer |
|
2.8.23 |
Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability |
Vulnerebility |
The Hacker News |
|
2.8.23 |
New NodeStealer Variant Targeting Facebook Business Accounts and Crypto Wallets |
Virus |
The Hacker News |
|
1.8.23 |
European Bank Customers Targeted in SpyNote Android Trojan Campaign |
Android |
The Hacker News |
|
1.8.23 |
Researchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia |
BigBrothers |
The Hacker News |
|
1.8.23 |
China's APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe |
APT |
The Hacker News |
|
1.8.23 |
Hackers steal Signal, WhatsApp user data with fake Android chat app |
Android |
BleepingComputer |
|
1.8.23 |
Google warns again it will start deleting inactive accounts in December |
Security |
BleepingComputer |
|
1.8.23 |
Canon warns of Wi-Fi security risks when discarding inkjet printers |
Security |
BleepingComputer |
|
1.8.23 |
P2PInfect server botnet spreads using Redis replication feature |
BotNet |
BleepingComputer |
|
1.8.23 |
Hackers exploit BleedingPipe RCE to target Minecraft servers, players |
Exploit |
BleepingComputer |
|
1.8.23 |
Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan |
Virus |
The Hacker News |