Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. A post about the Change breach from RansomHub on April 8, 2024.

Healthcare 297

Healthcare Insurance Computers and Electronics Data breaches 297

Security Affairs

OCTOBER 17, 2024

VMWare warns to address a remote code execution vulnerability, tracked as CVE-2024-38814 (CVSS score of 8.8), in its HCX application mobility platform. The vulnerability CVE-2024-38814 impacts multiple versions of the HCX platform, including versions 4.8.x, x, and 4.10.x. The vulnerability was fixed with versions 4.8.3, and 4.10.1.

Authentication 131

Authentication Mobile Hacking Information Security 131

Security Affairs

JANUARY 15, 2025

Microsoft disclosed details of a now-patched macOS flaw, tracked as CVE-2024-44243 (CVSS score: 5.5), that allows attackers with “root” access to bypass System Integrity Protection ( SIP ). SIP in macOS safeguards the system by blocking the execution of unauthorized code.

Malware 112

Malware Hacking Information Security 112

SecureList

FEBRUARY 20, 2025

Security incident statistics for 2024 In 2024, the MDR infrastructure received and processed on average 15,000 telemetry events per host every day, generating security alerts as a result. Users are still the weakest link, making Security Awareness training an important focus for corporate information security planning.

Social Engineering 101

Social Engineering Phishing Government Threat Detection 101

Security Affairs

FEBRUARY 16, 2025

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. ” reads the report published by Microsoft Threat Intelligence. “Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.”

Phishing 114

Phishing Authentication Telecommunications Accountability 114

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware 114

Ransomware Identity Theft Data breaches Cyber threats 114

Security Affairs

DECEMBER 18, 2024

Researchers warn that threat actors are attempting to exploit a recently disclosed Apache Struts vulnerability CVE-2024-53677. Researchers warn that threat actors are attempting to exploit the vulnerability CVE-2024-53677 (CVSS score of 9.5) “The vulnerability, CVE-2024-53677, appears to be related to CVE-2023-50164.

Hacking 79

Hacking Technology Software Information Security 79

Security Affairs

OCTOBER 23, 2024

He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy. About Author: Anas Baig With a passion for working on disruptive products, Anas Baig is currently working as a Product Manager at the Silicon Valley based company – Securiti.ai.

Data privacy 125

Data privacy Unstructured Data Risk Data breaches 125

Security Affairs

JANUARY 23, 2025

A CISA and FBI published a joint advisory warning that Chinese hackers exploited four Ivanti flaws ( CVE-2024-8963 , CVE-2024-9379 , CVE-2024-8190 , CVE-2024-9380 ) to achieve remote code execution, steal credentials, and deploy webshells. In one confirmed compromise, the actors moved laterally to two servers.”

Hacking 116

Hacking Government Cybersecurity Information Security 116

Security Affairs

NOVEMBER 7, 2024

Google as usual did not share details about the attacks exploiting the above vulnerability, however, it added that another issue, tracked as CVE-2024-43047, is actively exploited in the wild. CVE-2024-43093 CVE-2024-43047″ reads the security bulletin published by Google. Versions up to 2.3.6 and unpatched 2.3.7

Firewall 125

Firewall Authentication Accountability Risk 125

Krebs on Security

AUGUST 27, 2024

In a security advisory published Aug. 26, Versa urged customers to deploy a patch for the vulnerability ( CVE-2024-39717 ), which the company said is fixed in Versa Director 22.1.4 ISP on June 12, 2024. In January 2024, the U.S. victims and one non-U.S. ”

Internet 335

Internet Internet Technology Engineering 335

Security Affairs

NOVEMBER 2, 2024

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957 , in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warn.

Firmware 121

Firmware Manufacturing IoT Healthcare 121

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) This week, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 130

Backups VPN Ransomware Authentication 130

Security Affairs

OCTOBER 20, 2024

F5 addressed two vulnerabilities in BIG-IP and BIG-IQ enterprise products, respectively tracked as CVE-2024-45844 and CVE-2024-47139. An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP system.

Authentication 136

Authentication Hacking Technology Information Security 136

Security Affairs

MARCH 31, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco Smart Licensing Utility vulnerability, tracked as CVE-2024-20439 , to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2024-20440 (CVSS score: 9.8) The vulnerability is due to excessive verbosity in a debug log file. reads the advisory.

Software 109

Software Passwords Internet Internet 109

Security Affairs

NOVEMBER 27, 2024

The virtualization giant addressed the following vulnerabilities: Here are the details from VMware’s VMSA-2024-0022 bulletin : Local privilege escalation vulnerability (CVE-2024-38830) (CVSS 7.8) – A local admin on VMware Aria Operations can exploit a vulnerability to escalate privileges to root. Important 8.18.2

Hacking 116

Hacking Information Security 116

Security Affairs

OCTOBER 30, 2024

Google addressed a critical vulnerability in its Chrome browser, tracked as CVE-2024-10487, which was reported by Apple. Google has patched a critical Chrome vulnerability, tracked as CVE-2024-10487, reported by Apple Security Engineering and Architecture (SEAR) on October 23, 2024. 92 for Windows, Mac and 130.0.6723.91

Engineering 132

Engineering Architecture Hacking Information Security 132

Security Affairs

APRIL 8, 2025

Google released Android ‘s April 2025 security updates to address 62 vulnerabilities, including two zero-day vulnerabilities ( CVE-2024-53197 , CVE-2024-53150 ) exploited in targeted attacks. The vulnerability CVE-2024-53197 is a Linux kernel issue affecting ALSA USB audio.

Hacking 90

Hacking Information Security 90

Security Affairs

NOVEMBER 13, 2024

Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information. The vulnerability CVE-2024-45421 (CVSS score of 8.5) The vulnerability CVE-2024-45419 (CVSS score of 8.5)

Authentication 114

Authentication Mobile Hacking Information Security 114

Security Affairs

NOVEMBER 9, 2024

Below are the vulnerabilities reported by ZDI: CVE-2024-8355 : SQL injection in DeviceManager, enabling database manipulation or code execution via spoofed Apple device connections. CVE-2024-8358 : Command injection in UPDATES_ExtractFile , enabling command execution via file paths during updates.

Hacking 128

Hacking Firmware Software Manufacturing 128

Security Affairs

NOVEMBER 6, 2024

Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest.

Firmware 123

Firmware Manufacturing Hacking Media 123

Security Affairs

NOVEMBER 18, 2024

On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. ” reads the notice of security incident published by the organization.

Ransomware 124

Ransomware Insurance Encryption Healthcare 124

Security Affairs

FEBRUARY 3, 2025

The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104 , which is actively exploited in attacks in the wild.

Media 114

Media Authentication Hacking Accountability 114

Security Affairs

OCTOBER 11, 2024

As of September 5, 2024, the Internet Archive held more than 42.1 HIBP permalink: [link] pic.twitter.com/Oc2Qvrh6Ov — HackManac (@H4ckManac) October 10, 2024 The threat actors that breached the popular website have shared a copy of the stolen data with the data breach notification service Have I Been Pwned data.

Data breaches 121

Data breaches Internet Internet DDOS 121

Security Affairs

OCTOBER 22, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog. x, and 11.3.x.”

Encryption 122

Encryption Hacking Accountability Cybersecurity 122

Security Affairs

MARCH 4, 2025

CVE-2024-50302 (CVSS score of 5.5) Google did now share details about the attacks exploiting the above vulnerabilities, however, in 2024, the Security Lab provided evidence of a Cellebrite zero-day exploit chain to industry partners, leading Google to identify three vulnerabilities.

Mobile 112

Mobile Hacking Cybersecurity Risk 112

Security Affairs

DECEMBER 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA)added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference ( CVE-2024-35250 ) and Adobe ColdFusion Improper Access Control ( CVE-2024-20767 ) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The attack complexity is labeled as low.

Hacking 107

Hacking Cybersecurity Ransomware Risk 107

Security Affairs

DECEMBER 11, 2024

Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-11639 (CVSS score of 10), in its Cloud Services Appliance (CSA) solution. The company also fixed a critical SQL injection vulnerability, tracked as CVE-2024-11772 (CVSS score of 9.1) ” reads the advisory published by the company.

Authentication 105

Authentication Software Hacking Information Security 105

Security Affairs

OCTOBER 25, 2024

The vulnerability CVE-2024-20481 (CVSS score of 5.8) Now the company confirmed that the flaw CVE-2024-20481 is actively exploited in the wild. The Cisco Product Security Incident Response Team (PSIRT) is aware of malicious use of the vulnerability that is described in this advisory.” released in May 2024. x before 1.6.7,

VPN 112

VPN Firewall Technology Passwords 112

Security Affairs

MARCH 19, 2025

CCB discovered unauthorized activity on its IT systems on April 21, 2024, and promptly isolated the affected systems. An investigation revealed that an unauthorized party accessed or acquired files between April 20 and April 22, 2024. As a precaution, the company conducted a thorough review of potentially compromised files.

Data breaches 108

Data breaches Banking Insurance Hacking 108

Security Affairs

DECEMBER 3, 2024

” The networking giant first published the advisory on March 18, 2024, however in November 2024, Cisco PSIRT detected new exploitation attempts for the vulnerability. An attacker could exploit this vulnerability by convincing a user to access a malicious link.” ” continues the advisory.

Software 119

Software Hacking Information Security 119

Security Affairs

OCTOBER 25, 2024

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals.

Data breaches 128

Data breaches Healthcare Cybercrime Insurance 128

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. During the attack in late 2024, the attacker deployed a distinct toolset that had previously been used by a China-linked actor in classic espionage attacks.” ” reads the report published by Broadcom. .

Ransomware 118

Ransomware Software Cybercrime Encryption 118

Security Affairs

DECEMBER 4, 2024

Veeam released security updates for a critical vulnerability, tracked as CVE-2024-42448 (CVSS score of 9.9) Veeam also addressed a vulnerability, tracked as CVE-2024-42449 (CVSS score 7.1) Veeam addressed a critical vulnerability in Service Provider Console (VSPC) that could allow remote attackers to execute arbitrary code.

Backups 113

Backups Ransomware Accountability Hacking 113

Security Affairs

DECEMBER 8, 2024

Anna Jaques Hospital completed the forensic investigation on November 5, 2024 and determined that the incident impacted 316,342 patients. While we conducted our investigation, out of anbundance of caution, on Janurary 24, 2024, Anna Jaques posted a notice on ther website.”

Data breaches 116

Data breaches Insurance Healthcare Ransomware 116

Security Affairs

DECEMBER 2, 2024

Our goal is to deploy 200 new WebTunnel bridges by the end of this December (2024) to open secure access for users in Russia.” Tunnel bridges have grown from 60 to 143 since early 2024, but they are not enough. If you’ve ever thought about running a Tor bridge, now is the time.

Government 127

Government Internet Internet Hacking 127

Security Affairs

JANUARY 26, 2025

In October 2024, UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. reads an update published by the company on February 29, 2024. The final figure represents well over half of the U.S. population.”

Healthcare 128

Healthcare Data breaches Insurance Cybercrime 128