Monti Ransomware gang launched a new Linux encryptorSecurity Affairs
Monti Ransomware operators returned, after a two-month pause, with a new Linux variant of their encryptor. The Monti ransomware operators returned, after a two-month break,…
Category: Securityaffairs
Hacking ATMs by exploiting flaws in ScrutisWeb ATM fleet softwareSecurity Affairs
Researchers found several flaws in the ScrutisWeb ATM fleet monitoring software that can expose ATMs to hack. Researchers from the Synack Red Team found multi…
QwixxRAT, a new Windows RAT appears in the threat landscapeSecurity Affairs
QwixxRAT is a new Windows remote access trojan (RAT) that is offered for sale through Telegram and Discord platforms. The Uptycs Threat Research team discovered…
Ongoing Xurum attacks target Magento 2 e-storesSecurity Affairs
Experts warn of ongoing attacks, dubbed Xurum, targeting e-commerce websites using Adobe’s Magento 2 CMS. Akamai researchers warn of ongoing attacks, dubbed Xurum, targeting e-commerce…
Colorado HCPF Department notifies 4M after IBM MOVEit breachSecurity Affairs
The Colorado Department of Health Care Policy & Financing (HCPF) disclose a data breach after MOVEit attack on IBM. The Colorado Department of Health Care…
Experts found multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP)Security Affairs
Multiple flaws in AudioCodes desk phones and Zoom’s Zero Touch Provisioning (ZTP) can expose to several attacks. Researchers from security firm SySS discovered multiple vulnerabilities…
Flaws in CyberPower solutions expose data centers to hackingSecurity Affairs
Multiple vulnerabilities in CyberPower PowerPanel Enterprise DCIM platform and Dataprobe PDU could expose data centers to hacking. Researchers from Trellix Advanced Research Center discovered multiple…
Multiple flaws in CODESYS V3 SDK could lead to RCE or DoSSecurity Affairs
16 vulnerabilities in Codesys products could result in remote code execution and DoS attacks exposing OT environments to hacking. Microsoft Threat Intelligence researchers discovered 16…
Security Affairs newsletter Round 432 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email…
The DHS’s CSRB to review cloud security practices following the hack of Microsoft Exchange govt email accountsSecurity Affairs
The DHS’s CSRB will review cloud security practices following recent hacks of Microsoft Exchange accounts used by US govt agencies. The US DHS announced that…
Police dismantled bulletproof hosting service provider Lolek HostedSecurity Affairs
A joint operation conducted by European and U.S. law enforcement agencies dismantled the bulletproof hosting service provider Lolek Hosted. Lolek Hosted is a bulletproof hosting service…
Python URL parsing function flaw can enable command executionSecurity Affairs
A severe vulnerability in the Python URL parsing function can be exploited to gain arbitrary file reads and command execution. Researchers warn of a high-severity…