Category: Securityaffairs

NodeStealer 2.0 takes over Facebook Business accountsSecurity Affairs
01
Aug
2023

NodeStealer 2.0 takes over Facebook Business accountsSecurity Affairs

Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. Palo Alto…

APT VANGUARD PANDA uses a new tradecraft in recent attacksSecurity Affairs
01
Aug
2023

US govt is hunting a Chinese malware that can interfere with its military operationsSecurity Affairs

The US government believes that China has deployed malware in key US power and communications networks that can be activated…

WikiLoader malware-as-a-service targets Italian organizationsSecurity Affairs
01
Aug
2023

WikiLoader malware-as-a-service targets Italian organizationsSecurity Affairs

Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is…

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printersSecurity Affairs
01
Aug
2023

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printersSecurity Affairs

Canon warns that sensitive data on the Wi-Fi connection settings stored in the memories of inkjet printers may not be…

Experts discovered a previously undocumented initial access vector used by P2PInfect wormSecurity Affairs
31
Jul
2023

Experts discovered a previously undocumented initial access vector used by P2PInfect wormSecurity Affairs

Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector….

New AVrecon botnet remained under the radar for 2 years while targeting SOHO RoutersSecurity Affairs
31
Jul
2023

Experts link AVRecon bot to malware proxy service SocksEscortSecurity Affairs

The AVRecon botnet relies on compromised small office/home office (SOHO) routers since at least May 2021. In early July, researchers…

Three flaws in Ninja Forms plugin for WordPress impact 900K sitesSecurity Affairs
31
Jul
2023

Three flaws in Ninja Forms plugin for WordPress impact 900K sitesSecurity Affairs

Experts warn of vulnerabilities impacting the Ninja Forms plugin for WordPress that could be exploited for escalating privileges and data…

Experts warn attackers started exploiting Citrix ShareFile RCE flawSecurity Affairs
31
Jul
2023

Experts warn attackers started exploiting Citrix ShareFile RCE flawSecurity Affairs

Researchers warn that threat actors started exploiting Citrix ShareFile RCE vulnerability CVE-2023-24489 in the wild. Citrix ShareFile is a widely…

In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issuesSecurity Affairs
30
Jul
2023

In 2022, more than 40% of zero-day exploits used in the wild were variations of previous issuesSecurity Affairs

Google’s Threat Analysis Group Google states that more than 40% of zero-day flaws discovered in 2022 were variants of previous…

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wildSecurity Affairs
30
Jul
2023

New flaw in Ivanti Endpoint Manager Mobile actively exploited in the wildSecurity Affairs

Software firm Ivanti disclosed another security vulnerability impacting Endpoint Manager Mobile (EPMM), that it said actively exploited. Ivanti disclosed a…

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
30
Jul
2023

Security Affairs newsletter Round 430 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…

CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacksSecurity Affairs
29
Jul
2023

CISA warns about SUBMARINE Backdoor employed in Barracuda ESG attacksSecurity Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of threat actors deploying the SUBMARINE Backdoor in Barracuda ESG attacks….