Information Security and Software - Cyber Security Informer

New MassJacker clipper targets pirated software seekers

Security Affairs

MARCH 15, 2025

Pirated software seekers are targeted by the new MassJacker clipper malware, according to CyberArk researchers. A new malware campaign spreading a new clipper malware dubbed MassJacker targets users searching for pirated software, Cyberark users warn. com) distributing pirated software that also spreads malware.

Software

Software Cryptocurrency Malware Encryption

Just Culture and Information Security

Adam Shostack

JANUARY 2, 2025

What I said was a password management company had one job, and if they expose your passwords, you should not use their password management software. With a single site, you may be able to monitor for and respond to unusual access patterns rapidly, and you can upgrade all the software at once. There are tradeoffs.

Information Security

Information Security Password Management Passwords Accountability

Attackers exploit SimpleHelp RMM Software flaws for initial access

Security Affairs

JANUARY 28, 2025

Threat actors exploit recently fixed SimpleHelp RMM software vulnerabilities to breach targeted networks, experts warn. “On 22 January 2025, Arctic Wolf began observing a campaign involving unauthorised access to devices running SimpleHelp RMM software as an initial access vector. ” reads the report published by Artic Wolf.

Software

Software Passwords Accountability Encryption

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking

Hacking Cybercrime Advertising Data breaches

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

Russia’s NKTsKI warns financial sector organizations about a breach at major Russian IT service and software provider LANIT. According to the security breach notification published by GosSOPKA, the attack occurred on February 21, 2025. ” reads the security breach notification published by GosSOPKA.

Telecommunications

Telecommunications Software Technology Healthcare

Cisco addressed a high-severity flaw in NX-OS software

Security Affairs

AUGUST 29, 2024

Cisco addressed multiple vulnerabilities impacting NX-OS software, including a high-severity flaw in the DHCPv6 relay agent. Cisco released security updates for NX-OS software that address multiple vulnerabilities. The most severe of the vulnerabilities fixed by the IT giant is a high-severity issue tracked as CVE-2024-20446.

Software

Software Hacking Risk Information Security

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

Part three of a four-part series In 2024, global pressure on companies to implement advanced data protection measures intensified, with new standards in encryption and software transparency raising the bar. Similarly, software bills of materials (SBOMs) underscore the need for better accountability in third-party software.

Cybersecurity

Cybersecurity CISO Risk Government

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. “This is the first time Mandiant has seen a software supply chain attack lead to another software supply chain attack,” reads the April 20 Mandiant report.

Malware

Malware Software Technology Accountability

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

Security Affairs

APRIL 1, 2025

Threat actors are exploiting a critical authentication bypass vulnerability, tracked as CVE-2025-2825 , in the CrushFTP file transfer software. The file transfer software maker CrushFTP urge customers to take immediate action to address the vulnerability. The vulnerability impacts CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0,

Authentication

Authentication Software Ransomware Hacking

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Security Affairs

MARCH 30, 2025

This week, Cl0p ransomware group listed Sams Club among the victims of its December Cleo software exploit , accusing it of ignoring security. “We are aware of reports regarding a potential security incident and are actively investigating the matter,” a company spokesperson told BleepingComputer.

Ransomware

Ransomware Data breaches Software Hacking

Progress Software fixed 2 new critical flaws in WhatsUp Gold

Security Affairs

SEPTEMBER 29, 2024

Progress Software addresses six new security vulnerabilities affecting its WhatsUp Gold, two of them are rated as critical severity. Progress Software has addressed six new security vulnerabilities in its IT infrastructure monitoring product WhatsUp Gold.

Software

Software Encryption Passwords Hacking

‘Trojan Source’ Bug Threatens the Security of All Code

Krebs on Security

OCTOBER 31, 2021

Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns. ” Image: XKCD.com/2347/.

Software

Software Information Security Encryption Government

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

.” The research targeted a CMU unit manufactured by Visteon, with software initially developed by Johnson Controls Inc. The study focused on the latest software version (74.00.324A), but experts believe that earlier versions (at least 70.x) x) may also be vulnerable.

Hacking

Hacking Firmware Software Manufacturing

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Security Affairs

DECEMBER 3, 2024

The vulnerability resides in the WebVPN login page of Cisco Adaptive Security Appliance (ASA) Software, an unauthenticated, remote attacker could exploit the flaw to conduct a cross-site scripting (XSS) attack against a user of WebVPN on the Cisco ASA. ” reads the advisory. ” continues the advisory.

Software

Software Hacking Information Security

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

The most severe flaw included in the September 2024 security bulletin is the critical, remote code execution (RCE) vulnerability CVE-2024-40711 (CVSS v3.1 Veeam Backup & Replication is a comprehensive data protection and disaster recovery software developed by Veeam. Some of these VPNs were running unsupported software versions.”

Backups

Backups VPN Ransomware Authentication

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

Security Affairs

SEPTEMBER 11, 2024

The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM). The software firm released security updates to address a maximum security vulnerability, tracked as CVE-2024-29847, in its Endpoint Management software (EPM).

Software

Software Authentication IoT Hacking

A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature

Security Affairs

JANUARY 22, 2025

A vulnerability in the 7-Zip file software allows attackers to bypass the Mark of the Web (MotW) Windows security feature. Attackers can exploit a vulnerability, tracked as CVE-2025-0411 , in the free, open-source file archiver software 7-Zip to bypass the Mark of the Web (MotW) Windows security feature.

Software

Software Internet Internet Hacking

BIND updates fix four high-severity DoS bugs in the DNS software suite

Security Affairs

JULY 26, 2024

The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. The Internet Systems Consortium (ISC) released security updates for BIND that address DoS vulnerabilities that could be remotely exploited.

DNS

DNS Software Internet Internet

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

As a result, The majority of businesses (55 percent) are using some sort of a tool to monitor for insider threats; including data leak prevention (DLP) software (54 percent), user behavior analytics (UBA) software (50 percent), and employee monitoring and surveillance (47 percent). Yes, they are cheap to apply. They can be dynamic.

Marketing

Marketing Software Surveillance Information Security

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

. “Investigations into RedLine and Meta started after victims came forward and a security company notified authorities about possible servers in the Netherlands linked to the software. “Through Eurojust, authorities were able to quickly exchange information and coordinate actions to take down the infostealers.”

Identity Theft

Identity Theft Passwords Malware Banking

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

NOVEMBER 22, 2019

i speak at conferences around the world and run workshops on how to build more secure software within organisations. i'm a pluralsight author, microsoft regional director and most valued professional (mvp) specialising in online security and cloud development.

Data breaches

Data breaches Technology Software Accountability

Experts found multiple flaws in Mercedes-Benz infotainment system

Security Affairs

JANUARY 21, 2025

The experts used a diagnostic software to analyze the vehicle architecture, scan the Electronic Control Unit (ECU), identify its version, and test diagnostic functions. The research combined hardware interfaces and software to communicate with the vehicle via Diagnostic Over Internet Protocol (DoIP).

Software

Software Architecture Media Engineering

Citrix addressed NetScaler console privilege escalation flaw

Security Affairs

FEBRUARY 20, 2025

Cloud Software Group recommends configuring external authentication for NetScaler Console as a best practice.” ” Cloud Software Group addressed the flaw with the release of the following versions: NetScaler Console 14.1-38.53 ” reads the advisory published by Netscaler. and later releases NetScaler Console 13.1-56.18

Authentication

Authentication Software Hacking Information Security

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

It provides a range of development resources, including SDKs (Software Development Kits), documentation, sample code, and learning materials for networking, security, and cloud infrastructure. Below is an update published on October 18, 2024: Based on our investigations, we are confident that there has been no breach of our systems.

Cybercrime

Cybercrime Data breaches Technology Banking

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

The Triada Trojan makes use of the Zygote parent process to implement its code in the context of all software on the device, this means that the threat is able to run in each application. The experts who investigated the issue discovered that a software developer from Shanghai was responsible for the infection.

Malware

Malware Cryptocurrency Mobile Firmware

CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

Security Affairs

JANUARY 21, 2025

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber scams involving threat actors impersonating the agency by sending fraudulent AnyDesk connection requests under the guise of security audits. CERT-UA pointed out that it uses the software AnyDesk in some cases, but only with prior approval via official channels.

Social Engineering

Social Engineering Scams Engineering Software

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

Security Affairs

JANUARY 17, 2025

ESET disclosed details of a now-patched vulnerability, tracked as CVE-2024-7344 (CVSS score: 6.7), that could allow a bypass of the Secure Boot mechanism in UEFI systems. The Unified Extensible Firmware Interface (UEFI) is a specification that defines a software interface between an operating system and platform firmware. SANFONG Inc.,

Firmware

Firmware Technology Software Manufacturing

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director , a software product used by many Internet and IT service providers. ” Ryan English , an information security engineer at Lumen, said it’s disappointing his employer didn’t at least garner an honorable mention in Versa’s security advisory.

Internet

Internet Internet Technology Engineering

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

According to rumors, the Polish special services are using surveillance software to spy on government opponents. At the time, NSO Group’s General Counsel Chaim Gelfand admitted that the company had “made mistakes,” but that after the abuses of its software made the headlines it has canceled several contracts.

Spyware

Spyware Government Surveillance Hacking

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

Military software is unlikely to be any more secure than commercial software. And since military software is vulnerable to the same cyberattacks as commercial software, military supply chains have many of the same risks. A 2018 GAO report expressed concern regarding the lack of secure and patchable U.S.

Software

Software Cybersecurity Backups Manufacturing

China-linked APTs’ tool employed in RA World Ransomware attack

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. Broadcom researchers reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups.

Ransomware

Ransomware Software Cybercrime Encryption

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 31, 2025

Multiple vulnerabilities in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to collect sensitive information or administer Cisco Smart Licensing Utility services on a system while the software is running. The IT giant also released software updates that address these flaws. reads the advisory.

Software

Software Passwords Internet Internet

Internet Archive data breach impacted 31M users

Security Affairs

OCTOBER 11, 2024

.” The Internet Archive is an American nonprofit digital library website that provides free access to collections of digitized materials including websites, software applications, music, audiovisual, and print materials. As of September 5, 2024, the Internet Archive held more than 42.1 million print materials, 13 million videos, 1.2

Data breaches

Data breaches Internet Internet DDOS

Palo Alto Networks fixed a high-severity PAN-OS flaw

Security Affairs

DECEMBER 27, 2024

Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. Palo Alto Networks addressed a high-severity PAN-OS flaw that could trigger denial-of-service (DoS) on vulnerable devices. ” reads the advisory.

DNS

DNS Firewall Spyware Software

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

The FBI Denver Field Office advises staying cautious online, being aware of potential risks, and keeping antivirus software updated to scan files before opening them. If users fall victim to this scam, immediately contact their financial institutions, secure their accounts, and change all passwords using a trusted device.

Malware

Malware Scams Identity Theft Antivirus

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

. “Typically, the mentioned archives contain a file with the extension “ pdf”, as well as an executable file classified as DarkTortilla, which is a cryptor/loader type software tool, the purpose of which is to decrypt and launch (including by injection) the Dark Crystal RAT (DCRAT) remote control software tool.”

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Security Affairs

DECEMBER 23, 2024

Court documents state that on October 29, 2019, plaintiffs filed this lawsuit, alleging that the defendants used WhatsApp to target approximately 1,400 mobile phones and devices to infect them with the surveillance software.

Spyware

Spyware Surveillance Software Hacking

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

In September, Broadcom released security updates to the vulnerability CVE-2024-38812. vCenter Server is a critical component in VMware virtualization and cloud computing software suite. VMware failed to fully address a remote code execution flaw, tracked as CVE-2024-38812 (CVSS score: 9.8), in its vCenter Server platform.

Hacking

Hacking Government Software Information Security

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

Salesforce Community is a widely-used cloud-based software product that makes it easy for organizations to quickly create websites. This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information.

Banking

Banking Government Information Security Authentication

Zero Trust: What These Overused Cybersecurity Buzz Words Actually Mean – And Do Not Mean

Joseph Steinberg

JANUARY 20, 2022

Zero Trust is a concept, an approach to information security that dramatically deviates from the approach commonly taken at businesses worldwide by security professionals for many years. . • Zero Trust cannot be purchased off the shelf even from a combination of vendors. So, what is Zero Trust – in layman’s terms?

Cybersecurity

Cybersecurity Artificial Intelligence Ransomware Social Engineering

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

The Last Watchdog

MAY 15, 2023

Related: Privacy rules for vehicles As vehicles continue to offer modern features such as app-to-car connectivity, remote control access, and driver assistance software, a huge risk lurks in the shadows. Funso Richard , Information Security Officer at Ensemble , highlighted the gravity of these threats.

Malware

Malware Manufacturing IoT Software

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

The following titles are fairly generic, and salary information comes from several sources (listed in parentheses). Security Engineer Security engineers build secure systems. Specific duties vary according to specialty — network, application, and, increasingly, cloud security engineer. Salary: $124,424, Cyberseek.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing CISO

Hundred of CISCO switches impacted by bootloader flaw

Security Affairs

DECEMBER 5, 2024

Cisco released security patches for a vulnerability, tracked as CVE-2024-20397 (CVSS score of 5.2), in the NX-OS softwares bootloader that could be exploited by attackers to bypass image signature verification. “A successful exploit could allow the attacker to bypassNX-OSimage signature verificationand loadunverified software.”

Software

Software Authentication Hacking Information Security

Valve removed the game PirateFi from the Steam video game platform because contained a malware

Security Affairs

FEBRUARY 13, 2025

. “The builds containing the suspected malware have been removed from Steam, but we strongly encourage you to run a full-system scan using an anti-virus product that you trust or use regularly, and inspect your system for unexpected or newly installed software. Valve have removed the game two days ago.

Malware

Malware Antivirus Accountability Software

New MassJacker clipper targets pirated software seekers

Just Culture and Information Security

Trending Sources

Attackers exploit SimpleHelp RMM Software flaws for initial access

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Russia warns financial sector organizations of IT service provider LANIT compromise

Cisco addressed a high-severity flaw in NX-OS software

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

3CX Breach Was a Double Supply Chain Compromise

CrushFTP CVE-2025-2825 flaw actively exploited in the wild

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Progress Software fixed 2 new critical flaws in WhatsUp Gold

‘Trojan Source’ Bug Threatens the Security of All Code

Mazda Connect flaws allow to hack some Mazda vehicles

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM)

A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature

BIND updates fix four high-severity DoS bugs in the DNS software suite

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

International law enforcement operation dismantled RedLine and Meta infostealers

Data Enrichment, People Data Labs and Another 622M Email Addresses

Experts found multiple flaws in Mercedes-Benz infotainment system

Citrix addressed NetScaler console privilege escalation flaw

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

New Triada Trojan comes preinstalled on Android devices

CERT-UA warned of scammers impersonating the agency using fake AnyDesk requests

ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Poland probes Pegasus spyware abuse under the PiS government

Vulnerabilities in Weapons Systems

China-linked APTs’ tool employed in RA World Ransomware attack

U.S. CISA adds Cisco Smart Licensing Utility flaw to its Known Exploited Vulnerabilities catalog

Internet Archive data breach impacted 31M users

Palo Alto Networks fixed a high-severity PAN-OS flaw

FBI warns of malicious free online document converters spreading malware

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Many Public Salesforce Sites are Leaking Private Data

Zero Trust: What These Overused Cybersecurity Buzz Words Actually Mean – And Do Not Mean

SHARED INTEL: From airbags to malware: vehicle cyber safety arises in the age of connected cars

Top 9 Trends In Cybersecurity Careers for 2025

Hundred of CISCO switches impacted by bootloader flaw

Valve removed the game PirateFi from the Steam video game platform because contained a malware

Stay Connected