Security Affairs

OCTOBER 11, 2022

VMware has yet to address the CVE-2021-22048 privilege escalation vulnerability in vCenter Server disclosed in November 2021. VMware warns customers that it has yet to address a high-severity privilege escalation vulnerability, tracked as CVE-2021-22048 , in the vCenter Server. Please review KB89027 for more information.”

Authentication 144

Authentication Hacking Information Security 144

Security Affairs

JUNE 20, 2024

A China-linked cyber espionage group has compromised telecom operators in an Asian country since at least 2021. The Symantec Threat Hunter Team reported that an alleged China-linked APT group has infiltrated several telecom operators in a single, unnamed, Asian country at least since 2021.

DNS 141

DNS Malware Media Encryption 141

Security Affairs

APRIL 13, 2022

The Apache Software Foundation urges organizations to address a vulnerability, tracked as CVE-2021-31805, affecting Struts versions ranging 2.0.0 SecurityAffairs – hacking, Apache). The post CVE-2021-31805 RCE bug in Apache Struts was finally patched appeared first on Security Affairs. To nominate, please visit:?

Software 145

Software Hacking Cybersecurity Information Security 145

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. According to DoJ, from at least in or about 2016 through or about April 2021, Nasab and other co-conspirators carried out a coordinated multi-year campaign to breach computers worldwide. ” concludes DoJ.

Hacking 142

Hacking Identity Theft Social Engineering Accountability 142

Security Affairs

JANUARY 19, 2024

China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. ” concludes the report.

Firewall 139

Firewall Accountability Malware Authentication 139

Security Affairs

SEPTEMBER 10, 2023

Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. Margaret’s Health announced it is partly closing operations at its hospitals due to a 2021 ransomware attack that impacted its payment system.

Hacking 145

Hacking Ransomware Healthcare Cyber Attacks 145

Security Affairs

SEPTEMBER 30, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Motel One ) The post ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One appeared first on Security Affairs. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Hacking 143

Hacking Ransomware Manufacturing Media 143

Security Affairs

JULY 12, 2022

Microsoft experts believe that the AiTM phishing campaign was used to target more than 10,000 organizations since September 2021. SecurityAffairs – hacking, AiTM phishing). The post Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021? appeared first on Security Affairs. Pierluigi Paganini.

Phishing 145

Phishing Authentication Social Engineering Passwords 145

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site.

Hacking 140

Hacking Ransomware Computers and Electronics Marketing 140

Krebs on Security

FEBRUARY 22, 2024

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government 302

Government Hacking Cyber threats Mobile 302

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. On September 23, the group announced the hack of the company and the theft of sensitive data, including partners’ documents. Clarion Japan is the Japanese subsidiary of Clarion Co.,

Manufacturing 143

Manufacturing Hacking Data breaches Ransomware 143

Security Affairs

JANUARY 8, 2024

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Hacking 144

Hacking Ransomware Data breaches Manufacturing 144

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. RockYou2021 had 8.4 billion passwords from various internet data leaks.

Passwords 138

Passwords Data breaches Hacking Accountability 138

Security Affairs

MAY 22, 2024

According to the researchers, the malware campaign targeting MS Exchange Server has been active since at least 2021. The threat actors exploited the ProxyShell vulnerabilities ( CVE-2021-34473 , CVE-2021-34523 , and CVE-2021-31207 ) in Microsoft Exchange Server to inject an info stealer.

Malware 142

Malware Accountability Technology Internet 142

Security Affairs

DECEMBER 2, 2024

Russia first blocked Tor in 2021, but at the time the censorship was bypassed via bridges. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, WebTunnel bridges) .” reads the announcement published by Tor Project.

Government 136

Government Internet Internet Hacking 136

Krebs on Security

MARCH 7, 2022

In 2020, researchers from Athens University School of Information Sciences and Technology in Greece showed (PDF) how ransomware-as-a-service offerings might one day be executed through smart contracts. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., ” Stern wrote.

Ransomware 247

Ransomware Cryptocurrency DDOS Scams 247

Security Affairs

MARCH 30, 2024

The seller, who goes online with the moniker MajorNelson, claims that the data was obtained from an unnamed AT&T division by @ ShinyHunters in 2021. It should be noted before anyone hits us with an “aktschually” – the data was stolen in 2021. The archive contains 73.481.539 records. “It It was leaked online today.”

Data breaches 145

Data breaches Telecommunications Cybercrime Hacking 145

Security Affairs

OCTOBER 20, 2023

US CISA added the vulnerability CVE-2021-1435 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2021-1435 in Cisco IOS XE. ” reads the report published by Cisco Talos.

Authentication 142

Authentication Hacking Accountability Software 142

CyberSecurity Insiders

MAY 1, 2023

Surprisingly, the analysis conducted by American law firm BakerHostetler found that victims who made ransomware payments increased in the year 2022 compared to 2021. Additionally, the average ransom amount paid last year was recorded as $600,000, up from the $511,000 payment made in 2021.

Data breaches 138

Data breaches Cyber Insurance Insurance Technology 138

Security Affairs

FEBRUARY 15, 2024

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. The US government operation blocked access to the routers by Russian cyberspies.

Firewall 141

Firewall Government Malware Hacking 141

Security Affairs

JULY 9, 2022

Four of the fixed issues have been rated as a “high” severity, they are CVE-2022-26117, CVE-2021-43072, CVE-2022-30302, and CVE-2021-41031. SecurityAffairs – hacking, Forinet). The post Fortinet addressed multiple vulnerabilities in several products appeared first on Security Affairs. Pierluigi Paganini.

Authentication 145

Authentication Passwords Hacking Accountability 145

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 122

Mobile Telecommunications Data breaches Hacking 122

Security Affairs

OCTOBER 23, 2024

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds.

Hacking 124

Hacking Risk Cybersecurity Government 124

Security Affairs

JUNE 24, 2022

Google experts have been tracking the activities of surveillance firms for years, its experts reported that seven of the nine zero-days discovered by TAG in 2021 were developed by commercial providers and sold to and used by government-backed actors. CVE-2021-30983 internally referred to as Clicked3, fixed by Apple in December 2021.

Surveillance 141

Surveillance Mobile Spyware Telecommunications 141

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 141

Data collection Authentication Government Hacking 141

Security Affairs

MAY 23, 2022

Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting Android users with five zero-day vulnerabilities. “Seven of the nine 0-days TAG discovered in 2021 fall into this category: developed by commercial providers and sold to and used by government-backed actors. .

Spyware 145

Spyware Surveillance Government Banking 145

Security Affairs

APRIL 10, 2024

The seller, who goes online with the moniker MajorNelson, claimed that the data was obtained from an unnamed AT&T division by @ ShinyHunters in 2021. It should be noted before anyone hits us with an “aktschually” – the data was stolen in 2021. The archive contains 73.481.539 records. “It It was leaked online today.”

Data breaches 135

Data breaches Telecommunications Identity Theft Hacking 135

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. On April 26, 2021, Matveev and his Babuk coconspirators hit the Metropolitan Police Department in Washington, D.C.

Ransomware 127

Ransomware Healthcare Hacking Malware 127

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 137

Artificial Intelligence Hacking VPN Firewall 137

Security Affairs

AUGUST 16, 2024

The 27-year-old Russian national Georgy Kavzharadze (also known as “George,” “TeRorPP,” “Torqovec,” and “PlutuSS”) has been sentenced to over three years in prison for selling financial information, login credentials, and other personal data on the dark web marketplace, Slilpp. in restitution. These credentials were linked to $1.2

Banking 134

Banking Accountability Retail Mobile 134

Security Affairs

OCTOBER 9, 2023

The HelloKitty gang has been active since January 2021. In November 2021, the US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands). CVE-2021-20016 , CVE-2021-20021 , CVE-2021-20022 , CVE-2021-2002 ) or using compromised credentials.

Cybercrime 143

Cybercrime Ransomware DDOS Encryption 143

Security Affairs

JANUARY 10, 2024

Raoult and two other co-conspirators were charged with having hacked into protected computers of corporate entities and for the theft of stolen proprietary information. According to the indictment, Raoult was a participant in the notorious hacking group “ShinyHunters.” He sold hacked data. No more hacking.

Identity Theft 135

Identity Theft Hacking Cryptocurrency Advertising 135

Security Affairs

JUNE 24, 2024

The group exploited the following vulnerabilities for privilege escalation: CVE-2022-2586, CVE-2021-3156 , CVE-2021-4034 , CVE-2019-13272 , CVE-2022-27228, CVE-2021-44228, CVE-2021-40438 , CVE-2023-3519 , BDU:2023-05857, and CVE-2019-12725. ” concludes the report.

Cybercrime 128

Cybercrime Telecommunications DNS Technology 128

Security Affairs

DECEMBER 3, 2024

The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country. In 2021, the University of Toronto-based Citizen Lab Internet reported that a Polish opposition duo was hacked with NSO spyware.

Spyware 127

Spyware Government Surveillance Hacking 127

Security Affairs

OCTOBER 30, 2023

The man was sentenced for his role in a hacking scheme that led to the theft of approximately $1M worth of cryptocurrency from dozens of victims. Persad and his co-conspirators hacked the email accounts of the victims, hijacked their cell phone numbers, and took over their online cryptocurrency accounts.

Cryptocurrency 141

Cryptocurrency Accountability Hacking Cybercrime 141

Security Affairs

MARCH 27, 2024

The Star Labs team demonstrated the vulnerability at the Pwn2Own Vancouver 2023 hacking competition. Microsoft addressed the remote code execution flaw in SharePoint Server, tracked as CVE-2023-24955 (CVSS Score 7.2), in May 2023. ” reads the advisory published by Microsoft.

Hacking 138

Hacking Authentication Cybersecurity Risk 138

Security Affairs

NOVEMBER 9, 2022

Google Project Zero disclosed three Samsung phone vulnerabilities, tracked as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, that have been exploited by a surveillance company. Google reported the vulnerabilities to Samsung immediately after their discovery in late 2020s, and the vendor addressed them in March 2021.

Surveillance 137

Surveillance Spyware Mobile Manufacturing 137