Category: Securityaffairs

Experts released PoC exploit for Ivanti Sentry CVE-2023-38035Security Affairs
24
Aug
2023

Experts released PoC exploit for Ivanti Sentry CVE-2023-38035Security Affairs

Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit…

Lazarus APT exploits Zoho ManageEngine flaw to target an Internet backbone infrastructure providerSecurity Affairs
24
Aug
2023

Lazarus APT exploits Zoho ManageEngine flaw to target an Internet backbone infrastructure providerSecurity Affairs

The North Korea-linked Lazarus group exploits a critical flaw in Zoho ManageEngine ServiceDesk Plus to deliver the QuiteRAT malware. The…

Lapsus$ member has been convicted of having hacked multiple high-profile companiesSecurity Affairs
24
Aug
2023

Lapsus$ member has been convicted of having hacked multiple high-profile companiesSecurity Affairs

An 18-year-old member of the Lapsus$ gang has been convicted of having helped hack multiple high-profile companies. A teenage member of…

+3,000 Openfire servers exposed to attacks using a new exploitSecurity Affairs
24
Aug
2023

+3,000 Openfire servers exposed to attacks using a new exploitSecurity Affairs

Researchers warn that more than 3,000 unpatched Openfire servers are exposed to attacks using an exploit for a recent flaw….

Hackers stole millions of dollars worth of crypto assets from Poly Network platformSecurity Affairs
23
Aug
2023

DoJ charged Tornado Cash founders with laundering more than $1 billionSecurity Affairs

The U.S. DoJ charged two men with operating the Tornado Cash service and laundering more than $1 Billion in criminal…

N. Korean Kimsuky APT targets S. Korea-US military exercisesSecurity Affairs
23
Aug
2023

FBI identifies wallets holding cryptocurrency funds stolen by North KoreaSecurity Affairs

The U.S. FBI warned that North Korea-linked threat actors may attempt to cash out stolen cryptocurrency worth more than $40…

Carderbee APT targets Hong Kong orgs via supply chain attacksSecurity Affairs
23
Aug
2023

Carderbee APT targets Hong Kong orgs via supply chain attacksSecurity Affairs

A previously unknown APT group, tracked as Carderbee, was behind a supply chain attack against Hong Kong organizations. Symantec Threat…

TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwordsSecurity Affairs
23
Aug
2023

TP-Link Tapo L530E smart bulb flaws allow hackers to steal user passwordsSecurity Affairs

Four vulnerabilities in the TP-Link Tapo L530E smart bulb and impacting the mobile app used to control them expose users…

Avast released a free decryptor for Windows version of Akira ransomwareSecurity Affairs
22
Aug
2023

Akira ransomware gang spotted targeting Cisco VPN products to hack organizationsSecurity Affairs

The Akira ransomware gang targets Cisco VPN products to gain initial access to corporate networks and steal their data. The…

Defense contractor Belcan leaks admin password with a list of flawsSecurity Affairs
22
Aug
2023

Defense contractor Belcan leaks admin password with a list of flawsSecurity Affairs

US Government and defense contractor Belcan left its super admin credentials open to the public, Cybernews research team reveals. Belcan…

A cyber attack hit the Australian software provider Energy OneSecurity Affairs
22
Aug
2023

A cyber attack hit the Australian software provider Energy OneSecurity Affairs

The Australian software provider Energy One announced it was hit by a cyberattack last week that affected certain corporate systems…

Adobe warns customers of critical ColdFusion RCE exploited in attacksSecurity Affairs
22
Aug
2023

CISA adds critical Adobe ColdFusion flaw to its Known Exploited Vulnerabilities catalogSecurity Affairs

US CISA added critical vulnerability CVE-2023-26359 in Adobe ColdFusion to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA)…