Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign
Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn...
News
A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder
A disgruntled developer seems to be responsible for the leak of the builder for the latest encryptor of the LockBit...
Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware
Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for...
US-CERT Bulletin (SB22-262):Vulnerability Summary for the Week of September 12, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign
Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. Redis,...
Hackers stole $160 Million from Crypto market maker Wintermute
Threat actors have stolen around $160 million worth of digital assets worth from crypto trading firm Wintermute. Malicious actors continue to...
U.S. gov adds more Chinese Telecom firms to the Covered List
The U.S. Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. The U.S. Federal Communications...
Imperva blocked a record DDoS attack with 25.3 billion requests
Cybersecurity company Imperva announced to have mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests....
Cybersecurity Awareness Month 2022: 3 Actionable Tips
Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack...
Security Risks in Logistics APIs Used by E-Commerce Platforms
Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially...
Russian Sandworm APT impersonates Ukrainian telcos to deliver malware
Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm...
UK and allies expose Iranian state agency for exploiting cyber vulnerabilities for ransomware operations
U The UK and international allies have issued a joint cyber security advisory highlighting that cyber actors affiliated with Iran’s...
Uber believes that the LAPSUS$ gang is behind the recent attack
Uber disclosed additional details about the security breach, the company blames a threat actor allegedly affiliated with the LAPSUS$ hacking...
Analyzing IP Addresses to Prevent Fraud for Enterprises
How can businesses protect themselves from fraudulent activities by examining IP addresses? The police would track burglars if they left...
American Airlines disclosed a data breach
American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts. American Airlines recently suffered...
IT giants warn of ongoing Chromeloader malware campaigns
VMware and Microsoft are warning of a widespread Chromeloader malware campaign that distributes several malware families. ChromeLoader is a malicious...
External attack surface and ongoing cybercriminal activity in APAC region
To prevent a cyberattack, it is vital to know what the attack surface for your organization is. To be prepared...
Revolut security breach: data of +50,000 users exposed
Revolut has suffered a cyberattack, threat actors have had access to personal information of tens of thousands of customers. The financial...
Alleged Grand Theft Auto 6 (GTA6) gameplay videos and source code leaked online
Threat actors leaked source code and gameplay videos of Grand Theft Auto 6 (GTA6) after they have allegedly breached Rockstar...
TeamTNT is back and targets servers to run Bitcoin encryption solvers
AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September. In the first week...
Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes
Researchers discovered two critical vulnerabilities (CVE–2022–36158 and CVE–2022–36159) in Flexlan devices that provide WiFi on airplanes. Researchers from Necrum Security...
Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
Multiple Netgear router models are impacted by an arbitrary code execution via FunJSQ, which is a third-party module for online...
Uber says there is no evidence that users’ private information was compromised
Uber hack update: There is no evidence that users’ private information was compromised in the data breach. Uber provided an...
Security Affairs newsletter Round 384
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
