CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog
CISA added more security flaws to its Known Exploited Vulnerabilities Catalog, including Windows and iOS flaws. The U.S. Cybersecurity and Infrastructure...
News
SparklingGoblin APT adds a new Linux variant of SideWalk implant to its arsenal
China-linked SparklingGoblin APT was spotted using a Linux variant of a backdoor known as SideWalk against a Hong Kong university....
Twitter former head of security told the Senate of severe security failings by the company
Twitter whistleblower, and former head of security, Peiter Zatko, told the US Congress that the platform ignored his security concerns. Peiter...
Threat actors are actively exploiting a zero-day in WPGateway WordPress plugin
Threat actors are actively exploiting a zero-day vulnerability in the WPGateway premium plugin to target WordPress websites. The Wordfence Threat...
Microsoft September 2022 Patch Tuesday fixed actively exploited zero-day
Microsoft released September 2022 Patch Tuesday security updates to address 64 flaws, including an actively exploited Windows zero-day. Microsoft September...
Pros and Cons of 5G
As private 5G networks continue to roll-out, CISOs and security leaders need to fully aware of the security implications to...
Cyber espionage campaign targets Asian countries since 2021
A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting...
Trend Micro addresses actively exploited Apex One zero-day
Trend Micro addressed multiple vulnerabilities in its Apex One endpoint security product, including actively exploited zero-day flaws. Trend Micro announced...
Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks
Iran-linked threat actors target individuals specializing in Middle Eastern affairs, nuclear security and genome research. In mid-2022, Proofpoint researchers uncovered...
Montenegro and its allies are working to recover from the massive cyber attack
A massive cyberattack hit Montenegro, officials believe that it was launched by pro-Russian hackers and the security services of Moscow....
Pro-Palestinian group GhostSec hacked Berghof PLCs in Israel
The hacktivist collective GhostSec claimed to have compromised 55 Berghof PLCs used by Israeli organizations. Pro-Palestinian Hacking Group GhostSec claimed to have...
Security Breaks: TeamTNT’s DockerHub Credentials Leak
One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of...
US-CERT Bulletin (SB22-255):Vulnerability Summary for the Week of September 5, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Apple fixed the eighth actively exploited zero-day this year
Apple has addressed the eighth zero-day vulnerability that is actively exploited in attacks against iPhones and Macs since January. Apple...
Google announced the completion of the acquisition of Mandiant for $5.4 billion
Google completed the acquisition of the threat intelligence firm Mandiant, the IT giant will pay $5.4 billion. Google announced the...
Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems
Cisco confirmed the May attack and that the data leaked by the Yanluowang ransomware group was stolen from its systems....
Some firmware bugs in HP business devices are yet to be fixed
Six high-severity firmware bugs affecting several HP Enterprise devices are yet to be patched, some of them since July 2021....
Albania was hit by a new cyberattack and blames Iran
Albania blamed Iran for a new cyberattack that hit computer systems used by the state police on Friday. Albania blamed...
Security Affairs newsletter Round 383
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Iran-linked APT42 is behind over 30 espionage attacks
Iran-linked APT42 (formerly UNC788) is suspected to be the actor behind over 30 cyber espionage attacks against activists and dissidents....
IHG suffered a cyberattack that severely impacted its booking process
InterContinental Hotels Group PLC (IHG) discloses a security breach, parts of its IT infrastructure has been subject to unauthorised activity...
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. Secureworks...
Scammers live-streamed on YouTube a fake Apple crypto event
Scammers live-streamed on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens...
US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack
The U.S. Treasury Department sanctioned Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the...
