Category: Securityaffairs

Ongoing Xurum attacks target Magento 2 e-storesSecurity Affairs
14
Aug
2023

Ongoing Xurum attacks target Magento 2 e-storesSecurity Affairs

Experts warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites using Adobe’s Magento 2 CMS. Akamai researchers warn of ongoing…

Colorado HCPF Department notifies 4M after IBM MOVEit breachSecurity Affairs
14
Aug
2023

Colorado HCPF Department notifies 4M after IBM MOVEit breachSecurity Affairs

The Colorado Department of Health Care Policy & Financing (HCPF) disclose a data breach after MOVEit attack on IBM. The…

Experts found multiple flaws in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP)Security Affairs
14
Aug
2023

Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)Security Affairs

Multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) can expose to several attacks. Researchers from security…

Internet Systems Consortium (ISC) fixed three DoS flaw in BINDSecurity Affairs
14
Aug
2023

Flaws in CyberPower solutions expose data centers to hackingSecurity Affairs

Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. Researchers from Trellix…

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoSSecurity Affairs
13
Aug
2023

Multiple flaws in CODESYS V3 SDK could lead to RCE or DoSSecurity Affairs

16 vulnerabilities in Codesys products could result in remote code execution and DoS attacks exposing OT environments to hacking. Microsoft…

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
13
Aug
2023

Security Affairs newsletter Round 432 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…

The DHS's CSRB to review cloud security practices following the hack of Microsoft Exchange govt email accountsSecurity Affairs
13
Aug
2023

The DHS’s CSRB to review cloud security practices following the hack of Microsoft Exchange govt email accountsSecurity Affairs

The DHS’s CSRB will review cloud security practices following recent hacks of Microsoft Exchange accounts used by US govt agencies….

Police dismantled bulletproof hosting service provider Lolek HostedSecurity Affairs
12
Aug
2023

Police dismantled bulletproof hosting service provider Lolek HostedSecurity Affairs

A joint operation conducted by European and U.S. law enforcement agencies dismantled the bulletproof hosting service provider Lolek Hosted. Lolek Hosted…

Python URL parsing function flaw can enable command executionSecurity Affairs
12
Aug
2023

Python URL parsing function flaw can enable command executionSecurity Affairs

A severe vulnerability in the Python URL parsing function can be exploited to gain arbitrary file reads and command execution….

Bangladesh government website leaked data of millions of citizensSecurity Affairs
12
Aug
2023

UK govt contractor MPD FM leaks employee passport dataSecurity Affairs

UK govt contractor MPD FM left an open instance that exposed employee passports, visas, and other sensitive data MPD FM,…

Mockingjay process injection technique allows EDR bypassSecurity Affairs
12
Aug
2023

Power Generator in South Africa hit with DroxiDat and Cobalt StrikeSecurity Affairs

Threat actors employed a new variant of the SystemBC malware, named DroxiDat, in attacks aimed at African critical infrastructure. Researchers from…

From Commerce to CloudSecurity Affairs
11
Aug
2023

From Commerce to CloudSecurity Affairs

API (or Application Programming Interface) is a ubiquitous term in the tech community today, and it’s one with a long…