Security Affairs

NOVEMBER 9, 2024

Below are the vulnerabilities reported by ZDI: CVE-2024-8355 : SQL injection in DeviceManager, enabling database manipulation or code execution via spoofed Apple device connections. CVE-2024-8358 : Command injection in UPDATES_ExtractFile , enabling command execution via file paths during updates. ” concludes the report.

Hacking 127

Hacking Firmware Software Manufacturing 127

Security Affairs

APRIL 29, 2025

Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group’s latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. In 2024, over half of zero-days enabled remote code execution or privilege escalation.

Surveillance 107

Surveillance Mobile Software Hacking 107

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) The CEO of the Croatian Port, Duko Grabovac, told local media outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post.

Ransomware 122

Ransomware Hacking Accountability Cyber Attacks 122

Security Affairs

OCTOBER 17, 2024

VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability CVE-2024-38814 impacts multiple versions of the HCX platform, including versions 4.8.x, x, and 4.10.x. The vulnerability was fixed with versions 4.8.3, and 4.10.1.

Authentication 129

Authentication Mobile Hacking Information Security 129

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government 143

Government Hacking Ransomware Insurance 143

Security Affairs

MARCH 10, 2025

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. The flaw CVE-2024-4577 (CVSS score: 9.8) Over 1,000 attacks detected globally. is a PHP-CGI OS Command Injection Vulnerability.

DDOS 101

DDOS Security Intelligence Malware Hacking 101

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking 128

Hacking Internet Internet Government 128

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware 142

Ransomware Hacking Malware Cybercrime 142

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. The experts reported the vulnerability to the carmaker on November 20, 2024, and the company fixed it within 24 hours after receiving the report. Admin panel access exposed vehicle data (e.g., ” added Curry.

Hacking 123

Hacking Accountability Passwords Authentication 123

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024. In 2024, its U.S.

Spyware 107

Spyware Hacking Surveillance Malware 107

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data. Ransomware attacks on U.S.

Hacking 114

Hacking Healthcare Backups Ransomware 114

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)

Phishing 113

Phishing Authentication Telecommunications Accountability 113

Security Affairs

JANUARY 15, 2025

Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection ( SIP ). SIP in macOS safeguards the system by blocking the execution of unauthorized code.

Malware 111

Malware Hacking Information Security 111

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. The incident has raised serious concerns about the security of Oracles cloud infrastructure and the potential implications for affected customers. reported Bloomberg. This is not okay.

Hacking 118

Hacking Data breaches Encryption Passwords 118

Security Affairs

JANUARY 12, 2025

Facebook paid $100,000 to a researcher for discovering a bug that granted him command access to an internal server in October 2024. TechCrunch first reported that Facebook awarded security researcherBen Sadeghipour( @NahamSec ) $100,000 for reporting a vulnerability that granted him access to an internal server.

Hacking 111

Hacking Media Information Security 111

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware 113

Ransomware Identity Theft Data breaches Cyber threats 113

Security Affairs

APRIL 26, 2025

The man is accused of having installed the malware on the hospital computers on August 6, 2024. Security footage reportedly shows the man attempting to access multiple offices before installing malicious software designed to capture screenshots every 20 minutes and transmit them to an external IP address. Anthony Hospital.

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

FEBRUARY 28, 2025

In August 2024, Bitdefender found a major bug in Solarman PVs software, exposing all client connections. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,smart solar systems) They demonstrated how to get access to systems in the United States.

Hacking 99

Hacking Passwords Risk Cyber threats 99

Security Affairs

NOVEMBER 6, 2024

Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest.

Firmware 122

Firmware Manufacturing Hacking Media 122

Security Affairs

DECEMBER 18, 2024

Researchers warn that threat actors are attempting to exploit a recently disclosed Apache Struts vulnerability CVE-2024-53677. Researchers warn that threat actors are attempting to exploit the vulnerability CVE-2024-53677 (CVSS score of 9.5) “The vulnerability, CVE-2024-53677, appears to be related to CVE-2023-50164.

Hacking 79

Hacking Technology Software Information Security 79

Security Affairs

OCTOBER 11, 2024

As of September 5, 2024, the Internet Archive held more than 42.1 Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked. Internet Archive hacked. Hunt will add the information of the impacted users to HIBP very soon. 54% were already in @haveibeenpwned.

Data breaches 119

Data breaches Internet Internet DDOS 119

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 123

Firewall Authentication Accountability Risk 123

Security Affairs

NOVEMBER 2, 2024

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957 , in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warn.

Firmware 119

Firmware Manufacturing IoT Healthcare 119

Security Affairs

OCTOBER 20, 2024

F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise products, respectively tracked as CVE-2024-45844 and CVE-2024-47139. An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP system.

Authentication 135

Authentication Hacking Technology Information Security 135

Security Affairs

OCTOBER 23, 2024

He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, DSPM)

Data privacy 123

Data privacy Unstructured Data Risk Data breaches 123

Security Affairs

OCTOBER 30, 2024

Google addressed a critical vulnerability in its Chrome browser, tracked as CVE-2024-10487, which was reported by Apple. Google has patched a critical Chrome vulnerability, tracked as CVE-2024-10487, reported by Apple Security Engineering and Architecture (SEAR) on October 23, 2024. 92 for Windows, Mac and 130.0.6723.91

Engineering 130

Engineering Architecture Hacking Information Security 130

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 128

Backups VPN Ransomware Authentication 128

Security Affairs

APRIL 15, 2025

Hertz Corporation disclosed a data breach after customer data was stolen via Cleo zero-day exploits in late 2024, affecting Hertz, Thrifty, and Dollar brands. Threat actors gained access to customer data via Cleo zero-day exploits in late 2024. In December 2024, the U.S.

Data breaches 63

Data breaches Ransomware Software Hacking 63

Security Affairs

JANUARY 4, 2025

.“ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. persons from transactions involving the entity without OFAC authorization.

Cybersecurity 121

Cybersecurity IoT Hacking Technology 121

Security Affairs

OCTOBER 22, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog. x, and 11.3.x.”

Encryption 121

Encryption Hacking Accountability Cybersecurity 121

Security Affairs

NOVEMBER 27, 2024

The virtualization giant addressed the following vulnerabilities: Here are the details from VMware’s VMSA-2024-0022 bulletin : Local privilege escalation vulnerability (CVE-2024-38830) (CVSS 7.8) – A local admin on VMware Aria Operations can exploit a vulnerability to escalate privileges to root. Important 8.18.2

Hacking 115

Hacking Information Security 115

Krebs on Security

AUGUST 27, 2024

In a security advisory published Aug. 26, Versa urged customers to deploy a patch for the vulnerability ( CVE-2024-39717 ), which the company said is fixed in Versa Director 22.1.4 ISP on June 12, 2024. In January 2024, the U.S. victims and one non-U.S. ”

Internet 334

Internet Internet Technology Engineering 334

Security Affairs

FEBRUARY 3, 2025

The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104 , which is actively exploited in attacks in the wild.

Media 113

Media Authentication Hacking Accountability 113

Security Affairs

NOVEMBER 13, 2024

Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information. The vulnerability CVE-2024-45421 (CVSS score of 8.5) The vulnerability CVE-2024-45419 (CVSS score of 8.5)

Authentication 113

Authentication Mobile Hacking Information Security 113

Security Affairs

NOVEMBER 18, 2024

On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. ” reads the notice of security incident published by the organization.

Ransomware 123

Ransomware Insurance Encryption Healthcare 123

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanelflaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) CISA orders federal agencies to fix this vulnerability byDecember 25, 2024.

DNS 108

DNS Authentication Ransomware Hacking 108

Security Affairs

DECEMBER 2, 2024

Our goal is to deploy 200 new WebTunnel bridges by the end of this December (2024) to open secure access for users in Russia.” Tunnel bridges have grown from 60 to 143 since early 2024, but they are not enough. If you’ve ever thought about running a Tor bridge, now is the time.

Government 126

Government Internet Internet Hacking 126