Sodinokibi Ransomware gang threatens to disclose data from Kenneth Cole fashion firm
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT | Qilin ransomware steals credentials stored in Google Chrome | Phishing attacks target mobile users via progressive web applications (PWA) | Member of cybercrime group Karakurt charged in the US | New malware Cthulhu Stealer targets Apple macOS users | China-linked APT Velvet Ant exploited zero-day to compromise
Experts discovered millions of .git folders exposed to public
Transport for London (TfL) is dealing with an ongoing cyberattack | Lockbit gang claims the attack on the Toronto District School Board (TDSB) | A new variant of Cicada ransomware targets VMware ESXi systems | An air transport security system flaw allowed to bypass airport security screenings | SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 9 | Security Affairs newsletter Round 487 by Pierluigi Pagan
Port of Seattle confirmed that Rhysida ransomware gang was behind the August attack | SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11 | U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog | Ivanti Cloud Service Appliance flaw is being actively exploited in the wild | GitLab fixed a critical flaw in GitLab CE and GitLab EE | New Linux malware c
A flaw in LastPass password manager leaks credentials from previous site
Magento flaw exploited to deploy persistent backdoor hidden in XML | Cyberattack disrupted services at Omni Hotels & Resorts | HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks | US cancer center City of Hope: data breach impacted 827149 individuals | Ivanti fixed for 4 new issues in Connect Secure and Policy Secure | Jackson County, Missouri, discloses a ransomware attack | Goog
Cisco addressed a high-severity flaw in NX-OS software | Corona Mirai botnet spreads via AVTECH CCTV zero-day | Telegram CEO Pavel Durov charged in France for facilitating criminal activities | Iran-linked group APT33 adds new Tickler malware to its arsenal | U.S. CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog | Young Consulting data breach impacts 954,177 individu
GitHub flaw could have allowed attackers to takeover repositories of other users
Threat actors exploit Atlassian Confluence bug in cryptomining campaigns | Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa | Cisco addressed a high-severity flaw in NX-OS software | Corona Mirai botnet spreads via AVTECH CCTV zero-day | Telegram CEO Pavel Durov charged in France for facilitating criminal activities | Iran-linked group APT33 adds n
Microsoft provides mitigation for actively exploited CVE-2020-0674 IE 0Day
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT | Qilin ransomware steals credentials stored in Google Chrome | Phishing attacks target mobile users via progressive web applications (PWA) | Member of cybercrime group Karakurt charged in the US | New malware Cthulhu Stealer targets Apple macOS users | China-linked APT Velvet Ant exploited zero-day to compromise
Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684
Transport for London (TfL) is dealing with an ongoing cyberattack | Lockbit gang claims the attack on the Toronto District School Board (TDSB) | A new variant of Cicada ransomware targets VMware ESXi systems | An air transport security system flaw allowed to bypass airport security screenings | SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 9 | Security Affairs newsletter Round 487 by Pierluigi Pagan
Russia-linked Energetic Bear APT behind San Francisco airport attacks
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT | Qilin ransomware steals credentials stored in Google Chrome | Phishing attacks target mobile users via progressive web applications (PWA) | Member of cybercrime group Karakurt charged in the US | New malware Cthulhu Stealer targets Apple macOS users | China-linked APT Velvet Ant exploited zero-day to compromise
North Korea-linked Konni APT targets Russian diplomatic bodies
Earth Lusca adds multiplatform malware KTLVdoor to its arsenal | Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)? | Quishing, an insidious threat to electric car owners | Discontinued D-Link DIR-846 routers are affected by code execution flaws. Replace them! | Head Mare hacktivist group targets Russia and Belarus | Zyxel fixed critical OS command injec
350M decrypted email addresses left exposed on an unsecured server
U.S. CISA adds Ivanti Cloud Services Appliance Vulnerability to its Known Exploited Vulnerabilities catalog | Ivanti Cloud Service Appliance flaw is being actively exploited in the wild | GitLab fixed a critical flaw in GitLab CE and GitLab EE | New Linux malware called Hadooken targets Oracle WebLogic servers | Lehigh Valley Health Network hospital network has agreed to a $65 million settlement a
DarkHotel uses VPN zero-day in attacks on Chinese government agencies
MITRE released EMB3D Threat Model for embedded devices | Google fixes sixth actively exploited Chrome zero-day this year | Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware | Threat actors may have exploited a zero-day in older iPhones, Apple warns | City of Helsinki suffered a data breach | Russian hackers defaced local British news sites | Australian Firstmac L
250 Million Microsoft customer support records and PII exposed online
CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog | CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog | North Korea-linked Kimsuky APT attack targets victims via Messenger | Electronic prescription provider MediSecure impacted by a ransomware attack | Google fixes seventh actively exploited Chrome zero-day this year, the third in a week
Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws
CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog | North Korea-linked Kimsuky APT attack targets victims via Messenger | Electronic prescription provider MediSecure impacted by a ransomware attack | Google fixes seventh actively exploited Chrome zero-day this year, the third in a week | Santander: a data breach at a third-party provider impacted customers and employ
Mozilla banned hundreds of malicious Firefox add-ons over the last weeks
North Korea-linked Kimsuky APT attack targets victims via Messenger | Electronic prescription provider MediSecure impacted by a ransomware attack | Google fixes seventh actively exploited Chrome zero-day this year, the third in a week | Santander: a data breach at a third-party provider impacted customers and employees | FBI seized the notorious BreachForums hacking forum | A Tornado Cash develope
Greek Government websites hit by DDoS attacks, it's the second time
North Korea-linked Kimsuky APT attack targets victims via Messenger | Electronic prescription provider MediSecure impacted by a ransomware attack | Google fixes seventh actively exploited Chrome zero-day this year, the third in a week | Santander: a data breach at a third-party provider impacted customers and employees | FBI seized the notorious BreachForums hacking forum | A Tornado Cash develope
Anonymous hacked Russia's Ministry of Culture and leaked 446 GB
VMware fixed a code execution flaw in Fusion hypervisor | Vulnerabilities in Microsoft apps for macOS allow stealing permissions | Three men plead guilty to running MFA bypass service OTP.Agency | Transport for London (TfL) is dealing with an ongoing cyberattack | Lockbit gang claims the attack on the Toronto District School Board (TDSB) | A new variant of Cicada ransomware targets VMware ESXi sys
CentOS8のカーネル再構築(Linux kernel 5.7.10) - Opensourcetechブログ
LinuCエヴァンジェリストの鯨井貴博@opensourcetechです。 Linux Kernelの再構築方法の紹介です。 CentOS8のデフォルトカーネル(4.18.0-193.el8.x86_64)を新しめのカーネルにしてみます。 https://www.kernel.org/ CentOS8は、以下の状態。 カーネルのダウンロードとその展開の為に、そこそこディスクスペースが必要になるので、 HDD容量だけは気を付けたいところです。 今回のようにCentOS8(最小限インストール)+Linuxカーネル5.7.10だと、 再構築に必要なパッケージなど入れて、HDDが25GB程度あれば大丈夫かと思います。 [root@centos8test ~]# cat /etc/centos-release CentOS Linux release 8.2.2004 (Core) [root@ce
White hat hackers showed how to take over an ESA satellite
South Korea-linked group APT-C-60 exploited a WPS Office zero-day | Threat actors exploit Atlassian Confluence bug in cryptomining campaigns | Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa | Cisco addressed a high-severity flaw in NX-OS software | Corona Mirai botnet spreads via AVTECH CCTV zero-day | Telegram CEO Pavel Durov charged in France f
Fortra fixed two severe issues in FileCatalyst Workflow, including a critical flaw | South Korea-linked group APT-C-60 exploited a WPS Office zero-day | Threat actors exploit Atlassian Confluence bug in cryptomining campaigns | Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa | Cisco addressed a high-severity flaw in NX-OS software | Corona Mirai b
CVE-2021-3560 in polkit auth system service affects most of Linux distros
Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa | Cisco addressed a high-severity flaw in NX-OS software | Corona Mirai botnet spreads via AVTECH CCTV zero-day | Telegram CEO Pavel Durov charged in France for facilitating criminal activities | Iran-linked group APT33 adds new Tickler malware to its arsenal | U.S. CISA adds Google Chromium V8 bug t
Hackers targeted ICS/SCADA systems at water facilities,Israeli gov warns
Australian Firstmac Limited disclosed a data breach after cyber attack | Pro-Russia hackers targeted Kosovo’s government websites | Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION | As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide | Ohio Lottery data breach impacted over 538,000 individuals | Notorius threat actor IntelBr
Anonymous hacked Russian streaming services to broadcast war footage
Discontinued D-Link DIR-846 routers are affected by code execution flaws. Replace them! | Head Mare hacktivist group targets Russia and Belarus | Zyxel fixed critical OS command injection flaw in multiple routers | VMware fixed a code execution flaw in Fusion hypervisor | Vulnerabilities in Microsoft apps for macOS allow stealing permissions | Three men plead guilty to running MFA bypass service O
NK CARROTBALL dropper used in attacks on U.S. Govn Agency
North Korea-linked Kimsuky APT attack targets victims via Messenger | Electronic prescription provider MediSecure impacted by a ransomware attack | Google fixes seventh actively exploited Chrome zero-day this year, the third in a week | Santander: a data breach at a third-party provider impacted customers and employees | FBI seized the notorious BreachForums hacking forum | A Tornado Cash develope
Ransomware attack disrupts operations at Australian beverage firm Lion
Google fixes fifth actively exploited Chrome zero-day this year | Russia-linked APT28 targets government Polish institutions | Citrix warns customers to update PuTTY version installed on their XenCenter system manually | Dell discloses data breach impacting millions of customers | Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs | Zscaler is investigating data breac
Children's clothing maker Hanna Andersson discloses a data breach
CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog | CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog | North Korea-linked Kimsuky APT attack targets victims via Messenger | Electronic prescription provider MediSecure impacted by a ransomware attack | Google fixes seventh actively exploited Chrome zero-day this year, the third in a week
Russia-Linked Turla APT uses new malware in watering hole attacks
Ransomware attack on Singing River Health System impacted 895,000 people | Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days | VMware fixed zero-day flaws demonstrated at Pwn2Own Vancouver 2024 | MITRE released EMB3D Threat Model for embedded devices | Google fixes sixth actively exploited Chrome zero-day this year | Phorpiex botnet sent millions of phishin
Stolen OAuth tokens used to download data from dozens of orgs, GitHub warns
VMware fixed a code execution flaw in Fusion hypervisor | Vulnerabilities in Microsoft apps for macOS allow stealing permissions | Three men plead guilty to running MFA bypass service OTP.Agency | Transport for London (TfL) is dealing with an ongoing cyberattack | Lockbit gang claims the attack on the Toronto District School Board (TDSB) | A new variant of Cicada ransomware targets VMware ESXi sys
Kyiv blames Belarus-linked APT UNC1151 for recent cyberattack
Discontinued D-Link DIR-846 routers are affected by code execution flaws. Replace them! | Head Mare hacktivist group targets Russia and Belarus | Zyxel fixed critical OS command injection flaw in multiple routers | VMware fixed a code execution flaw in Fusion hypervisor | Vulnerabilities in Microsoft apps for macOS allow stealing permissions | Three men plead guilty to running MFA bypass service O
Expert released PoC exploits for recently disclosed Cisco DCNM flaws
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT | Qilin ransomware steals credentials stored in Google Chrome | Phishing attacks target mobile users via progressive web applications (PWA) | Member of cybercrime group Karakurt charged in the US | New malware Cthulhu Stealer targets Apple macOS users | China-linked APT Velvet Ant exploited zero-day to compromise
MalwareBazaar - welcome to the abuse-ch malware repository
Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days | VMware fixed zero-day flaws demonstrated at Pwn2Own Vancouver 2024 | MITRE released EMB3D Threat Model for embedded devices | Google fixes sixth actively exploited Chrome zero-day this year | Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware | Threat actors may have explo
Experts analyzed the evolution of the Emotet supply chain
Three men plead guilty to running MFA bypass service OTP.Agency | Transport for London (TfL) is dealing with an ongoing cyberattack | Lockbit gang claims the attack on the Toronto District School Board (TDSB) | A new variant of Cicada ransomware targets VMware ESXi systems | An air transport security system flaw allowed to bypass airport security screenings | SECURITY AFFAIRS MALWARE NEWSLETTER –
JhoneRAT uses Google Drive, Twitter, ImgBB, and Google Forms to target countries in Middle East
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT | Qilin ransomware steals credentials stored in Google Chrome | Phishing attacks target mobile users via progressive web applications (PWA) | Member of cybercrime group Karakurt charged in the US | New malware Cthulhu Stealer targets Apple macOS users | China-linked APT Velvet Ant exploited zero-day to compromise
Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world
Fortra fixed two severe issues in FileCatalyst Workflow, including a critical flaw | South Korea-linked group APT-C-60 exploited a WPS Office zero-day | Threat actors exploit Atlassian Confluence bug in cryptomining campaigns | Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa | Cisco addressed a high-severity flaw in NX-OS software | Corona Mirai b
Vulnerable Docker Installations Are A Playhouse for Malware Attacks
Russia-linked APT29 reused iOS and Chrome exploits previously developed by NSO Group and Intellexa | Cisco addressed a high-severity flaw in NX-OS software | Corona Mirai botnet spreads via AVTECH CCTV zero-day | Telegram CEO Pavel Durov charged in France for facilitating criminal activities | Iran-linked group APT33 adds new Tickler malware to its arsenal | U.S. CISA adds Google Chromium V8 bug t
Google warned 12K+ users targeted by state-sponsored hackers
GitCaught campaign relies on Github and Filezilla to deliver multiple malware | Two students uncovered a flaw that allows to use laundry machines for free | Grandoreiro Banking Trojan is back and targets banks worldwide | Healthcare firm WebTPA data breach impacted 2.5 million individuals | Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION | North Korea-linked Kim
Hack the Army bug bounty program paid $275,000 in rewards
Russian national arrested in Argentina for laundering money of crooks and Lazarus APT | Qilin ransomware steals credentials stored in Google Chrome | Phishing attacks target mobile users via progressive web applications (PWA) | Member of cybercrime group Karakurt charged in the US | New malware Cthulhu Stealer targets Apple macOS users | China-linked APT Velvet Ant exploited zero-day to compromise
Threat actors found a way to bypass mitigation F5 BIG-IP flaw
Cisco addressed a high-severity flaw in NX-OS software | Corona Mirai botnet spreads via AVTECH CCTV zero-day | Telegram CEO Pavel Durov charged in France for facilitating criminal activities | Iran-linked group APT33 adds new Tickler malware to its arsenal | U.S. CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog | Young Consulting data breach impacts 954,177 individu
Healthcare giant Magellan discloses data breach after ransomware attack
City of Helsinki suffered a data breach | Russian hackers defaced local British news sites | Australian Firstmac Limited disclosed a data breach after cyber attack | Pro-Russia hackers targeted Kosovo’s government websites | Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION | As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide
BlueBleed: Microsoft confirmed data leak exposing customers’ info
Transport for London (TfL) is dealing with an ongoing cyberattack | Lockbit gang claims the attack on the Toronto District School Board (TDSB) | A new variant of Cicada ransomware targets VMware ESXi systems | An air transport security system flaw allowed to bypass airport security screenings | SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 9 | Security Affairs newsletter Round 487 by Pierluigi Pagan
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
New EvilQuest ransomware targets macOS users ...
Two kids found a screensaver bypass in Linux Mint
Winnti APT Group targeted Hong Kong Universities