Category: Securityaffairs

Internet Systems Consortium (ISC) fixed three DoS flaw in BINDSecurity Affairs
14
Aug
2023

Flaws in CyberPower solutions expose data centers to hackingSecurity Affairs

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. Researchers from Trellix…

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoSSecurity Affairs
13
Aug
2023

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoSSecurity Affairs

16 vulnerabilities in Codesys products could result in remote code execution and DoS attacks exposing OT environments to hacking. Microsoft…

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
13
Aug
2023

Security Affairs newsletter Round 432 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…

The DHS's CSRB to review cloud security practices following the hack of Microsoft Exchange govt email accountsSecurity Affairs
13
Aug
2023

The DHS’s CSRB to review cloud security practices following the hack of Microsoft Exchange govt email accountsSecurity Affairs

The DHS’s CSRB will review cloud security practices following recent hacks of Microsoft Exchange accounts used by US govt agencies….

Police dismantled bulletproof hosting service provider Lolek HostedSecurity Affairs
12
Aug
2023

Police dismantled bulletproof hosting service provider Lolek HostedSecurity Affairs

A joint operation conducted by European and U.S. law enforcement agencies dismantled the bulletproof hosting service provider Lolek Hosted. Lolek Hosted…

Python URL parsing function flaw can enable command executionSecurity Affairs
12
Aug
2023

Python URL parsing function flaw can enable command executionSecurity Affairs

A severe vulnerability in the Python URL parsing function can be exploited to gain arbitrary file reads and command execution….

Bangladesh government website leaked data of millions of citizensSecurity Affairs
12
Aug
2023

UK govt contractor MPD FM leaks employee passport dataSecurity Affairs

UK govt contractor MPD FM left an open instance that exposed employee passports, visas, and other sensitive data MPD FM,…

Mockingjay process injection technique allows EDR bypassSecurity Affairs
12
Aug
2023

Power Generator in South Africa hit with DroxiDat and Cobalt StrikeSecurity Affairs

Threat actors employed a new variant of the SystemBC malware, named DroxiDat, in attacks aimed at African critical infrastructure. Researchers from…

From Commerce to CloudSecurity Affairs
11
Aug
2023

From Commerce to CloudSecurity Affairs

API (or Application Programming Interface) is a ubiquitous term in the tech community today, and it’s one with a long…

Gafgyt botnet is targeting EoL Zyxel routers
11
Aug
2023

Gafgyt botnet is targeting EoL Zyxel routers

Researchers warn that the Gafgyt botnet is actively exploiting a vulnerability impacting the end-of-life Zyxel P660HN-T1A router. A variant of…

Charming Kitten APT is targeting Iranian dissidents in GermanySecurity Affairs
11
Aug
2023

Charming Kitten APT is targeting Iranian dissidents in GermanySecurity Affairs

Germany’s Federal Office for the Protection of the Constitution (BfV) warns that the Charming Kitten APT group targeted Iranian dissidents…

Statc Stealer, a new sophisticated info-stealing malwareSecurity Affairs
11
Aug
2023

Statc Stealer, a new sophisticated info-stealing malwareSecurity Affairs

Experts warn that a new info-stealer named Statc Stealer is infecting Windows devices to steal a broad range of sensitive information. Zscaler…