Category: Securityaffairs

FIN8 Group spotted delivering the BlackCat RansomwareSecurity Affairs
18
Jul
2023

FIN8 Group spotted delivering the BlackCat RansomwareSecurity Affairs

The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group…

Hacking campaign targets sites using WordPress WooCommerce Payments PluginSecurity Affairs
18
Jul
2023

Hacking campaign targets sites using WordPress WooCommerce Payments PluginSecurity Affairs

Threat actors are actively exploiting a critical flaw, tracked as CVE-2023-28121, in the WooCommerce Payments WordPress plugin. Threat actors are actively…

JumpCloud was hit by a sophisticated attack by nation-state actorSecurity Affairs
18
Jul
2023

JumpCloud was hit by a sophisticated attack by nation-state actorSecurity Affairs

Software firm JumpCloud announced it was the victim of a sophisticated cyber attack carried out by a nation-state actor. JumpCloud…

Adobe warns customers of critical ColdFusion RCE exploited in attacksSecurity Affairs
17
Jul
2023

Adobe warns customers of critical ColdFusion RCE exploited in attacksSecurity Affairs

Adobe is warning customers of a critical ColdFusion pre-authentication RCE bug, tracked as CVE-2023-29300, which is actively exploited. Adobe warns…

Admins of Genesis Market sold their infrastructure on hacker forumSecurity Affairs
17
Jul
2023

Admins of Genesis Market sold their infrastructure on hacker forumSecurity Affairs

The admins of the darkweb Genesis Market announced the sale of their platform to a threat actor that will restart…

A Russian national charged for committing LockBit Ransomware attacksSecurity Affairs
17
Jul
2023

Pompompurin, the BreachForums owner, pleads guilty to hacking charges and possession of child pornographySecurity Affairs

The owner of the BreachForums Conor Brian Fitzpatrick, aka Pompompurin, pleads guilty to hacking charges. The owner of the BreachForums…

Researchers released a PoC exploit for CVE-2023-20178 flaw in Cisco AnyConnect SecureSecurity Affairs
17
Jul
2023

Cisco fixed a critical flaw in SD-WAN vManageSecurity Affairs

Cisco warns of a critical unauthenticated REST API access vulnerability, tracked as CVE-2023-20214, impacting its SD-WAN vManage. Cisco addressed a…

WormGPT, a generative AI tool to launch sophisticated BEC attacksSecurity Affairs
16
Jul
2023

WormGPT, a generative AI tool to launch sophisticated BEC attacksSecurity Affairs

The WormGPT case: How Generative artificial intelligence (AI) can improve the capabilities of cybercriminals and allows them to launch sophisticated…

Security Affairs newsletter Round 424 by Pierluigi Paganini – International edition
15
Jul
2023

Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromiseSecurity Affairs
15
Jul
2023

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromiseSecurity Affairs

Ukraine’s Computer Emergency Response Team (CERT-UA) states that Russia-linked APT Gamaredon starts stealing data 30 minutes after the initial compromise….

Source code of the BlackLotus UEFI Bootkit was leaked on GitHubSecurity Affairs
14
Jul
2023

Source code of the BlackLotus UEFI Bootkit was leaked on GitHubSecurity Affairs

The source code for the BlackLotus UEFI bootkit has been published on GitHub and experts warn of the risks of…

CISA adds recently disclosed Apple flaws to its Known Exploited Vulnerabilities catalogSecurity Affairs
14
Jul
2023

US CISA warns of Rockwell Automation ControlLogix flawsSecurity Affairs

The U.S. CISA warns of two flaws impacting Rockwell Automation ControlLogix that can lead to remote code execution and DoS…