Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 143

Government Surveillance Cybercrime Ransomware 143

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST.

Passwords 140

Passwords Authentication Architecture Risk 140

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. OmniVision Technologies Inc.

Data breaches 140

Data breaches Ransomware Manufacturing Encryption 140

Schneier on Security

SEPTEMBER 20, 2023

million in 2023, with more than 750,000 of those positions in the U.S. And this is nothing that can be fixed by a newbie taking a six-month information security boot camp. […] Most entry-level roles tend to be quite specific, focused on one part of the profession, and are not generalist roles.

Cybersecurity 322

Cybersecurity Engineering CISO Architecture 322

Security Affairs

JULY 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported.

Artificial Intelligence 145

Artificial Intelligence Technology Risk Hacking 145

Security Affairs

OCTOBER 17, 2024

Russia-linked threat actor RomCom targeted Ukrainian government agencies and Polish entities in cyber attacks since late 2023. In the recent attacks, RomCom deployed an updated variant of the RomCom RAT dubbed ‘SingleCamper.’

Government 129

Government Malware Cyber Attacks Ransomware 129

Security Affairs

JUNE 7, 2024

The campaign seems to have been active since at least October 2023, it initially targeted a limited number of customers/organizations but recently became widespread. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

Passwords 141

Passwords Hacking Information Security 141

Krebs on Security

AUGUST 27, 2024

” Those third-party reports came in late June 2024 from Michael Horka , senior lead information security engineer at Black Lotus Labs , the security research arm of Lumen Technologies , which operates one of the global Internet’s largest backbones. victims and one non-U.S. ”

Internet 314

Internet Internet Technology Engineering 314

Security Affairs

MAY 25, 2024

The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update about the December 2023 attack. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks.

Risk 135

Risk Accountability Cyber threats Hacking 135

Security Affairs

MAY 8, 2024

The issue is tracked as CVE-2023-49606 and received a CVSS score of 9.8. Researchers from Cisco Talos reported a use-after-free vulnerability in the HTTP Connection Headers parsing of Tinyproxy 1.11.1 and Tinyproxy 1.10.0. The exploitation of the issue can potentially lead to remote code execution.

Internet 133

Internet Internet Authentication Passwords 133

Security Affairs

NOVEMBER 11, 2024

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. Amazon was compromised in May, 2023 via a MoveIT 0day exploit.

Data breaches 101

Data breaches Hacking Technology Ransomware 101

Schneier on Security

MARCH 31, 2024

Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and Information Security. Most recently was last June, at SHB 2023 , in Pittsburgh. I can’t remember when I first met Ross. I will see about posting it.)

Surveillance 331

Surveillance Engineering Encryption Government 331

Joseph Steinberg

DECEMBER 11, 2023

Veteran cybersecurity expert witness executive will help strengthen law enforcement capabilities to prevent, investigate, and prosecute information-age crimes. His opinions are frequently cited in books, law journals, security publications, and general interest periodicals; his cybersecurity-related inventions appear in over 500 U.S.

Cybersecurity 278

Cybersecurity Artificial Intelligence CISO Technology 278

Joseph Steinberg

JANUARY 4, 2023

The term Zero Trust refers to a concept, an approach to information security that dramatically deviates from the common approach of yesteryear; Zero Trust states that no request for service is trusted, even if it is issued by a device owned by the resource’s owner, and is made from an internal, private network belonging to the same party.

Architecture 361

Architecture Artificial Intelligence Encryption Cybersecurity 361

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. “My team is frustrated by the permissive nature of the platform,” Carbee said. Akiri said he notified the Washington D.C.

Banking 330

Banking Government Information Security Authentication 330

Security Affairs

MARCH 1, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-29360 (CVSS Score 8.4) An attacker can exploit this vulnerability to gain SYSTEM privileges.

Hacking 143

Hacking Cybersecurity Risk Information Security 143

Security Affairs

JUNE 21, 2024

French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information security agency ANSSI reported that Russia-linked APT Nobelium targeted French diplomatic entities. ” continues the report.

Phishing 139

Phishing Accountability Information Security Cyber Attacks 139

Security Affairs

APRIL 9, 2024

running on OLED55A23LA Below is the disclosure timeline: November 01, 2023: Vendor disclosure November 15, 2023: Vendor confirms the vulnerabilities. running on OLED55A23LA Below is the disclosure timeline: November 01, 2023: Vendor disclosure November 15, 2023: Vendor confirms the vulnerabilities. Sweden, and Finland.

Hacking 143

Hacking Internet Internet Authentication 143

Security Affairs

FEBRUARY 27, 2024

Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points. APs affected by CVE-2023-6398 AP model Affected version Patch availability NWA50AX 6.29(ABYW.3) Patch 1 ZLD V4.32

Firewall 141

Firewall VPN Authentication Hacking 141

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. According to an August 2023 report (PDF) from the U.S. Image: Ke-la.com.

Hacking 149

Hacking Cybercrime Advertising Data breaches 149

Security Affairs

MARCH 27, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the 2023 Pwn2Own to its Known Exploited Vulnerabilities catalog. Microsoft addressed the remote code execution flaw in SharePoint Server, tracked as CVE-2023-24955 (CVSS Score 7.2), in May 2023.

Hacking 138

Hacking Authentication Cybersecurity Risk 138

Security Affairs

AUGUST 10, 2024

In November 2023, McLaren Health Care (McLaren) disclosed a data breach that occurred between late July and August 2023. The security breach exposed the sensitive personal information of 2,192,515 people. As a result of the cyber attack, some appointments and elective procedures might be rescheduled as a precaution.

Ransomware 138

Ransomware Insurance Data breaches Cyber Attacks 138

Security Affairs

JULY 15, 2024

Multiple ransomware groups were spotted exploiting a vulnerability, tracked as CVE-2023-27532, in Veeam Backup & Replication. The vulnerability CVE-2023-275327 (CVSS score of 7.5) The vulnerability was addressed in March 2023, and shortly after a PoC exploit code for this issue was released publicly.

Backups 143

Backups Ransomware Antivirus DNS 143

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government 302

Government Hacking Cyber threats Mobile 302

Security Affairs

MAY 21, 2024

The vendor responded to the vulnerability reports submitted between December 12, 2023, and January 23, 2024, with multiple delays and has fixed only four of the fifteen flaws. At this time, QNAP only addressed CVE-2023-50361, CVE-2023-50362, CVE-2023-50363, and CVE-2023-50364 with the release of a security update in April 2024.

Authentication 140

Authentication Accountability Social Engineering Engineering 140

Security Affairs

FEBRUARY 7, 2024

The CERT-EU also published an advisory for the above vulnerabilities: “In February 2024, Fortinet quietly updated a 2023 advisory, joining two critical flows to the list of OS Command vulnerabilities affecting its FortiSIEM product. The affected products are: FortiSIEM version 7.1.0 through 7.1.1 FortiSIEM version 7.0.0 through 7.0.2

Hacking 143

Hacking Cybersecurity Information Security 143

Security Affairs

MARCH 6, 2024

The exploitation of this vulnerability could lead to local information disclosure with no additional execution privileges needed. The exploitation of this vulnerability could lead to local information disclosure with no additional execution privileges needed. ” reads the security bulletin published by the company.

Spyware 142

Spyware Ransomware Cybersecurity Risk 142

Security Affairs

APRIL 22, 2024

The expert exploiting this known issue discovered the following vulnerabilities: CVE-2023-36396 Windows Compressed Folder Remote Code Execution Vulnerability – The RCE issue resides in Windows’s new extraction logic for all newly supported archive types. The expert reported to the Microsoft Security Response Center (MSRC) in 2023.

Software 142

Software Engineering Hacking Malware 142

Security Affairs

AUGUST 30, 2024

The critical vulnerability CVE-2023-22527 (CVSS score 10.0) 5, 2023 as well as 8.4.5 which no longer receives backported fixes in accordance with our Security Bug Fix Policy. “With its continuous exploitation by threat actors, CVE-2023-22527 presents a significant security risk to organizations worldwide.

Cryptocurrency 141

Cryptocurrency Risk Hacking Cybercrime 141

Schneier on Security

AUGUST 8, 2022

NIST was poised to make final algorithm selections in 2022, with a plan to have a draft standard available for public comment in 2023. Fun fact: Those three algorithms were broken by the Center of Encryption and Information Security, part of the Israeli Defense Force. Cryptanalysis over the competition was brutal.

Encryption 358

Encryption Architecture Engineering Information Security 358

Security Affairs

FEBRUARY 27, 2024

Researchers warn of an XSS vulnerability, tracked as CVE-2023-40000, in the LiteSpeed Cache plugin for WordPress Patchstack researchers warn of an unauthenticated site-wide stored XSS vulnerability, tracked as CVE-2023-40000, that impacts the LiteSpeed Cache plugin for WordPress. and assigned CVE-2023-40000.”

Risk 141

Risk Hacking Information Security 141

Krebs on Security

DECEMBER 6, 2023

In the meantime, registrars were to continue collecting the data but not publish it, and ICANN promised it would develop a system that facilitates access to this information. This video from ICANN walks through how the system works.

Internet 269

Internet Internet Phishing Scams 269

Security Affairs

OCTOBER 1, 2024

Since March 2023, Unit 42 researchers have observed a variant of the Mirai botnet spreading by targeting tens of flaws in D-Link, Zyxel, and Netgear devices, including CVE-2023-25280. CVE-2020-15415 is an OS command injection vulnerability in DrayTek Multiple Vigor Routers.

IoT 134

IoT Hacking Cybersecurity Risk 134

Security Affairs

JULY 5, 2024

The two vulnerabilities are: CVE ID CVSS Score Vulnerability CVE-2023-2071 9.8 Remote code execution (RCE) CVE-2023-29464 8.2 DoS via out-of-bounds read CVE-2023-2071 (CVSS score: 9.8) CVE-2023-29464 (CVSS score: 8.2) ” The flaw impacts FactoryTalk View Machine Edition (versions 13.0, and prior).

Hacking 137

Hacking Risk Cybersecurity Information Security 137

Security Affairs

MAY 19, 2024

WebTPA discovered suspicious activity on its network on December 28, 2023 and launched an investigation with the help of third-party cybersecurity experts. The investigation revealed that an unauthorized actor may have obtained personal information between April 18 and April 23, 2023.

Data breaches 142

Data breaches Healthcare Insurance Identity Theft 142

Security Affairs

MAY 14, 2024

The Singing River Health System revealed that the ransomware attack that hit the organization in August 2023 impacted 895,204 people. At the end of August 2023, the systems at three hospitals and other medical facilities operated by Singing River Health System (SRHS) were hit by a Rhysida ransomware attack.

Identity Theft 138

Identity Theft Ransomware Data breaches Insurance 138

Security Affairs

MAY 15, 2024

From June 2023 until May 2024, BreachForums (hosted at breachforums.st/.cx/.is/.vc) From March 2022 until March 2023, a separate version of BreachForums (hosted at breached.vc/.to/.co) In July 2023, the owner of the BreachForums Conor Brian Fitzpatrick, aka Pompompurin, pleaded guilty to hacking charges. In March 2023, U.S.

Hacking 140

Hacking Cybercrime Information Security 140