Category: Securityaffairs

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wildSecurity Affairs
03
Aug
2023

Rapid7 found a bypass for the recently patched actively exploited Ivanti EPMM bugSecurity Affairs

Researchers discovered a bypass for a recently fixed actively exploited vulnerability in Ivanti Endpoint Manager Mobile (EPMM). Rapid7 cybersecurity researchers…

Russian APT29 conducts phishing attacks through Microsoft TeamsSecurity Affairs
03
Aug
2023

Russian APT29 conducts phishing attacks through Microsoft TeamsSecurity Affairs

Russia-linked APT29 group targeted dozens of organizations and government agencies worldwide with Microsoft Teams phishing attacks. Microsoft Threat Intelligence reported…

Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacksSecurity Affairs
02
Aug
2023

Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacksSecurity Affairs

Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519. Security researchers…

Zero-day in Salesforce email services exploited in targeted Facebook phishing campaignSecurity Affairs
02
Aug
2023

Zero-day in Salesforce email services exploited in targeted Facebook phishing campaignSecurity Affairs

Experts spotted a spear-phishing Facebook campaign exploiting a zero-day vulnerability in Salesforce email services. Researchers from Guardio Labs uncovered a…

Burger King forgets to put a password on their systems, againSecurity Affairs
02
Aug
2023

Burger King forgets to put a password on their systems, againSecurity Affairs

The fast food giant Burger King put their systems and data at risk by exposing sensitive credentials to the public…

CISA adds recently disclosed Apple flaws to its Known Exploited Vulnerabilities catalogSecurity Affairs
02
Aug
2023

CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalogSecurity Affairs

US CISA added a second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog….

NodeStealer 2.0 takes over Facebook Business accountsSecurity Affairs
01
Aug
2023

NodeStealer 2.0 takes over Facebook Business accountsSecurity Affairs

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. Palo Alto…

APT VANGUARD PANDA uses a new tradecraft in recent attacksSecurity Affairs
01
Aug
2023

US govt is hunting a Chinese malware that can interfere with its military operationsSecurity Affairs

The US government believes that China has deployed malware in key US power and communications networks that can be activated…

WikiLoader malware-as-a-service targets Italian organizationsSecurity Affairs
01
Aug
2023

WikiLoader malware-as-a-service targets Italian organizationsSecurity Affairs

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is…

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printersSecurity Affairs
01
Aug
2023

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printersSecurity Affairs

Canon warns that sensitive data on the Wi-Fi connection settings stored in the memories of inkjet printers may not be…

Experts discovered a previously undocumented initial access vector used by P2PInfect wormSecurity Affairs
31
Jul
2023

Experts discovered a previously undocumented initial access vector used by P2PInfect wormSecurity Affairs

Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector….

New AVrecon botnet remained under the radar for 2 years while targeting SOHO RoutersSecurity Affairs
31
Jul
2023

Experts link AVRecon bot to malware proxy service SocksEscortSecurity Affairs

The AVRecon botnet relies on compromised small office/home office (SOHO) routers since at least May 2021. In early July, researchers…