[Security Affairs Newsletter Round 252
Tilo Chopin
The vulnerability CVE-2021-44832 is Apache Log4j2 library is still a serious problem for multiple industries, expert warns it threatens global Finance.The independent cyber threat intelligence an ...
Crooks stole approximately 48.2 billion yen ($304 million) worth of Bitcoin from the Japanese cryptocurrency exchange DMM Bitcoin.The Japanese cryptocurrency exchange DMM Bitcoin announced that c ...
The threat actor ShinyHunters claims breach of Santander and is offering for sale bank data, including information for 30 million customers.A notorious threat actor ShinyHunters is offering a hug ...
The BBC disclosed a data breach that exposed the personal information of BBC Pension Scheme members.The BBC disclosed a data breach that occurred on May 21. Threat actors gained access to files o ...
Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024.Researchers from ThreatFabric discovered a macOS version of ...
An international law enforcement operation, called Operation Endgame targeted multiple botnets and their operators.Between 27 and 29 May 2024, an international law enforcement operation coordinat ...
An international law enforcement operation led by the U.S. DoJ disrupted the 911 S5 botnet and led to the arrest of its administrator.The U.S. Justice Department led an international law enforcem ...
Dutch bank ABN Amro discloses data breach following a ransomware attack hit the third-party services provider AddComm.Dutch bank ABN Amro disclosed a data breach after third-party services provid ...
Researchers released a proof-of-concept (PoC) exploit for remote code execution flaw CVE-2024-23108 in Fortinet SIEM solution.Security researchers at Horizon3's Attack Team released a proof-of-co ...
Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data.Sucuri researchers observed threat actors using a PHP snippet WordPress ...
Prescription service firm Sav-Rx disclosed a data breach that potentially impacted over 2.8 million people in the United States.Prescription service company Sav-Rx disclosed a data breach after 2 ...
Organizations had to re-examine the traditional business perimeter and migrate to cloud-based tools to support distributed workforces. What is the impact?The almost overnight shift to remote work ...
The Ukraine CERT-UA warns of a concerning increase in cyberattacks attributed to the financially-motivated threat actor UAC-0006.The Computer Emergency Response Team of Ukraine (CERT-UA) warned o ...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.Enjoy a new round of the weekly Securi ...
Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware.In mid-April 2024, researchers at Trellix Advance ...
The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment.The MITRE Corporation has provided a new update abou ...
Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser.Google has released a new emergency security update to address a n ...
The use of Dynamic DNS (DDNS) services embedded in appliances can potentially expose data and devices to attacks.The use of Dynamic DNS (DDNS) services embedded in appliances, such as those provi ...
UK data watchdog is investigating Microsoft regarding the new Recall feature in Copilot+ PCs that captures screenshots of the user's laptop every few seconds.The UK data watchdog, the Information ...
Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities.Ivanti this week rolled out security patches to address multiple critical vulnerabil ...
A previously unknown China-linked threat actor dubbed 'Unfading Sea Haze' has been targeting military and government entities since 2018.Bitdefender researchers discovered a previously unknown Ch ...
A researcher discovered a consumer-grade spyware app on the check-in systems of at least three Wyndham hotels across the US.The security researcher Eric Daigle discovered a commercial spyware app ...
GitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication.GitHub has rolled out security fixes to address a critical authentica ...
CISA adds NextGen Healthcare Mirth Connect deserialization of untrusted data vulnerability to its Known Exploited Vulnerabilities catalog.The U.S. Cybersecurity and Infrastructure Security Agency ...
The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States.Atlas is one of the largest national fuel distributors to 49 cont ...
A vulnerability in the Fluent Bit Utility, which is used by major cloud providers, can lead to DoS, information disclosure, and potentially RCE.Tenable researchers have discovered a severe vulner ...
Experts warn of fifteen vulnerabilities in the QNAP QTS, the operating system for the Taiwanese vendor's NAS products.An audit of QNAP QTS conducted by WatchTowr Labs revealed fifteen vulnerabili ...
Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware.Recorded Future's Insikt Group discovered a sophisticated cy ...
Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free.CSC ServiceWorks is a company that provides laundry services and ai ...
WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach.WebTPA is a third-party administrator that provides healthcare managem ...
The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms.The Justice Department unsealed charges against an A ...
Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies.ESET researchers discovered two previously unknown backdoors na ...
The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansas's city earlier this month.On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware ...
Electronic prescription provider MediSecure in Australia suffered a ransomware attack likely originate from a third-party vendor.MediSecure is a company that provides digital health solutions, pa ...
Google released security updates to address a new actively exploited Chrome zero-day vulnerability, the third in a week.Google has released a new emergency security update to address a new vulner ...
The Spanish bank Santander disclosed a data breach at a third-party provider that impacted customers in Chile, Spain, and Uruguay.The Spanish financial institution Santander revealed a data breac ...
An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum.BreachForums is a cybercrime forum used by threat actors to purcha ...
One of the developers of the Tornado Cash cryptocurrency mixer has been sentenced to 64 months in prison.Alexey Pertsev (29), one of the main developers of the Tornado Cash cryptocurrency mixer h ...
Microsoft Patch Tuesday security updates for May 2024 fixed 59 flaws across various products including an actively exploited zero-day.Microsoft Patch Tuesday security updates for May 2024 address ...
VMware fixed four flaws in its Workstation and Fusion desktop hypervisors, including three zero-days exploited at the Pwn2Own Vancouver 2024VMware addressed four vulnerabilities in its Workstatio ...
Google released emergency security updates to address an actively exploited Chrome zero-day vulnerability.Google has released emergency security updates to address a high-severity zero-day vulner ...
Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware.New Jersey's Cybersecurity and Communications Integration Cell (NJCCIC) ...
Apple rolled out urgent security updates to address code execution vulnerabilities in iPhones, iPads, and macOS.Apple released urgent security updates to address multiple vulnerabilities in iPhon ...
The City of Helsinki suffered a data breach that impacted tens of thousands of students, guardians, and personnel.The Police of Finland is investigating a data breach suffered by the City of Hels ...
Pro-Russia hackers targeted government websites in Kosovo in retaliation for the government's support to Ukraine with military equipment.Pro-Russia hackers targeted Kosovo government websites, in ...
Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported.The FBI, CISA, HHS, and MS-ISAC have issued a joint Cybersecurity Adv ...
795a8134c1