Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever
Threat actors hacked the popular NFT platform, Premint NFT and stole 314 NFTs. The popular NFT platform, Premint NFT, was...
News
Google is going to remove App Permissions List from the Play Store
Google is going to remove the app permissions list from the official Play Store for both the mobile app and...
Security Affairs newsletter Round 374 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
APT groups target journalists and media organizations since 2021
Researchers from Proofpoint warn that various APT groups are targeting journalists and media organizations since 2021. Proofpoint researchers warn that...
Critical flaw in Netwrix Auditor application allows arbitrary code execution
A vulnerability in the Netwrix Auditor software can be exploited to execute arbitrary code on affected devices. Bishop Fox discovered...
CISA urges to fix multiple critical flaws in Juniper Networks products
CISA urges admins to apply recently released fixes in Juniper Networks products, including Junos Space, Contrail Networking and NorthStar Controller....
Threat actors exploit a flaw in Digium Phone Software to target VoIP servers
Threat actors are targeting VoIP servers by exploiting a vulnerability in Digium’s software to install a web shell, Palo Alto...
Tainted password-cracking software for industrial systems used to spread P2P Sality bot
Dragos researchers uncovered a small-scale campaign targeting industrial engineers and operators with Sality malware. During a routine vulnerability assessment, Dragos...
Top 5 Infrastructure as Code Security Challenges
Learn how to counteract the top five challenges of IaC and discover how these obstacles pose a threat to security...
Experts warn of attacks on sites using flawed Kaswara Modern WPBakery Page Builder Addons
Researchers spotted a massive campaign that scanned close to 1.6 million WordPress sites for vulnerable Kaswara Modern WPBakery Page Builder...
Holy Ghost ransomware operation is linked to North Korea
Microsoft researchers linked the Holy Ghost ransomware (H0lyGh0st) operation to North Korea-linked threat actors. The Microsoft Threat Intelligence Center (MSTIC)...
RedAlert, LILITH, and 0mega, 3 new ransomware in the wildÂ
Cyble researchers warn of three new ransomware operations named Lilith, RedAlert and 0mega targeting organizations worldwide. Researchers from threat intelligence...
WhatsApp warns users: Fake versions of WhatsApp are trying to steal your personal info
WhatsApp boss Will Cathcart is warning users of the popular messaging app to be on their guard after the WhatsApp...
Mantis botnet powered the largest HTTPS DDoS attack in June
The largest HTTPS DDoS attack recently mitigated by Cloudflare was launched by the Mantis botnet. In June 2022, DDoS mitigation...
The new Retbleed speculative execution attack impacts both Intel and AMD chips
Researchers warn of a new vulnerability, dubbed Retbleed, that impacts multiple older AMD and Intel microprocessors. ETH Zurich researchers Johannes Wikner...
Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak
Former CIA programmer, Joshua Schulte, was convicted in a US federal court of the 2017 leak of a massive leak...
Microsoft published exploit code for a macOS App sandbox escape flaw
Microsoft published the exploit code for a vulnerability in macOS that can allow an attacker to escape the sandbox. Microsoft publicly disclosed...
VMware fixed a flaw in vCenter Server discovered eight months ago
VMware addressed a high-severity privilege escalation flaw, tracked as CVE-2021-22048, in vCenter Server IWA mechanism. VMware addressed a high-severity privilege...
Worldwide 2021 Email Phishing Statistics & Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace security based on email threats detected in 2021....
Worldwide 2021 Email Phishing Statistics & Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace security based on email threats detected in 2021....
Qakbot operations continue to evolve to avoid detection
Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection....
Three UEFI Firmware flaws found in tens of Lenovo Notebook models
IT giant Lenovo released security fixes to address three vulnerabilities that impact the UEFI firmware shipped with over 70 product...
Insecure password leads to Mangatoon data breach
The hugely popular Manga comics platform Mangatoon has fallen victim to a data breach. No fewer than 23 million user...
PyPI starts rolling out required 2FA for important projects
The Python Package Index (PyPI) says it has begun rolling out a two-factor authentication (2FA) requirement which enforces maintainers of...
