Category: Securityaffairs

Three flaws in Ninja Forms plugin for WordPress impact 900K sitesSecurity Affairs
31
Jul
2023

Three flaws in Ninja Forms plugin for WordPress impact 900K sitesSecurity Affairs

Experts warn of vulnerabilities impacting the Ninja Forms plugin for WordPress that could be exploited for escalating privileges and data…

Experts warn attackers started exploiting Citrix ShareFile RCE flawSecurity Affairs
31
Jul
2023

Experts warn attackers started exploiting Citrix ShareFile RCE flawSecurity Affairs

Researchers warn that threat actors started exploiting Citrix ShareFile RCE vulnerability CVE-2023-24489 in the wild. Citrix ShareFile is a widely…

In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issuesSecurity Affairs
30
Jul
2023

In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issuesSecurity Affairs

Google’s Threat Analysis Group Google states that more than 40% of zero-day flaws discovered in 2022 were variants of previous…

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wildSecurity Affairs
30
Jul
2023

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wildSecurity Affairs

Software firm Ivanti disclosed another security vulnerability impacting Endpoint Manager Mobile (EPMM), that it said actively exploited. Ivanti disclosed a…

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
30
Jul
2023

Security Affairs newsletter Round 430 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…

CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacksSecurity Affairs
29
Jul
2023

CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacksSecurity Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of threat actors deploying the SUBMARINE Backdoor in Barracuda ESG attacks….

Now Abyss Locker also targets VMware ESXi serversSecurity Affairs
29
Jul
2023

Now Abyss Locker also targets VMware ESXi serversSecurity Affairs

A Linux variant of the Abyss Locker designed to target VMware ESXi servers appeared in the threat landscape, experts warn….

Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoorSecurity Affairs
28
Jul
2023

Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoorSecurity Affairs

Russia-linked BlueBravo has been spotted targeting diplomatic entities in Eastern Europe with the GraphicalProton Backdoor. The Russia-linked threat-state actor BlueBravo…

Group-IB CEO Ilya Sachkov sentenced to 14 years in a strict prison colonySecurity Affairs
28
Jul
2023

Group-IB former CEO Ilya Sachkov sentenced to 14 years in a strict prison colonySecurity Affairs

Ilya Sachkov, former CEO and co-founder of Group-IB was sentenced to 14 years in a high security prison colony according…

Hackers stole millions of dollars worth of crypto assets from Poly Network platformSecurity Affairs
28
Jul
2023

CoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrencySecurity Affairs

Crypto-payments service provider CoinsPaid suffered a cyber attack that resulted in the theft of $37,200,000 worth of cryptocurrency. CoinsPaid, a…

Monitor Insider Threats but Build Trust FirstSecurity Affairs
28
Jul
2023

Monitor Insider Threats but Build Trust FirstSecurity Affairs

The issue of how to prevent insider threats without infringing on employee privacy is one that has been a hot…

Zimbra urges customers to manually fix actively exploited zero-daySecurity Affairs
27
Jul
2023

Zimbra fixed actively exploited zero-day CVE-2023-38750 in ZCSSecurity Affairs

Zimbra addressed a zero-day vulnerability exploited in attacks aimed at Zimbra Collaboration Suite (ZCS) email servers. Two weeks ago Zimbra…