Iranian Fars News Agency claims cyberattack on a company involved in the construction of Tel Aviv metro
Iran’s Fars News Agency reported that a massive cyberattack hit operating systems and servers of the Tel Aviv Metro. Iran’s...
News
Cyber Police of Ukraine arrested 9 men behind phishing attacks on Ukrainians attempting to capitalize on the ongoing conflict
The Cyber Police of Ukraine arrested nine members of a cybercriminal gang that has stolen 100 million hryvnias via phishing...
Threat actors compromised British Army ’s Twitter, YouTube accounts to promote crypto scams
Threat actors compromised the Twitter and YouTube accounts of the British Army to promote online crypto scams. The Twitter and...
HackerOne insider fired for trying to claim other people’s bounties
The vulnerability disclosure platform HackerOne has revealed that one of their staff members had improperly accessed security reports for personal...
AstraLocker ransomware operators shut down their operations
AstraLocker ransomware operators told BleepingComputer they’re shutting down their operations and are releasing decryptors. AstraLocker ransomware operators told BleepingComputer they’re...
Google fixes the fourth Chrome zero-day in 2022
Google addressed a high-severity zero-day Chrome vulnerability actively exploited in the wild, it is the fourth zero-day patched in 2022....
US-CERT Bulletin (SB22-185):Vulnerability Summary for the Week of June 27, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Data of a billion Chinese residents available for sale on the dark web
Threat actors claim to have breached a database belonging to Shanghai police and stole the data of a billion Chinese...
Popular Django web framework affected by a SQL Injection flaw. Upgrade it now!
The development team behind the Django Project has addressed a high-severity SQL Injection flaw in its framework. Django is a...
My Body, My Data Act would lock down reproductive and sexual health data
A new bill entered into both the House of Representatives and the Senate proposes the strongest Federal data privacy protections...
Unfaithful HackerOne employee steals bug reports to claim additional bounties
Bug bounty platform HackerOne disclosed that a former employee improperly accessed security reports submitted to claim additional bounties The vulnerability...
Threat Report Portugal: Q2 2022
The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2,...
CISA orders federal agencies to patch CVE-2022-26925 by July 22
US Critical Infrastructure Security Agency (CISA) adds CVE-2022-26925 Windows LSA flaw to its Known Exploited Vulnerabilities Catalog. In May the...
Tens of Jenkins plugins are affected by zero-day vulnerabilities
Jenkins security team disclosed tens of flaws affecting 29 plugins for the Jenkins automation server, most of them are yet...
Microsoft: Raspberry Robin worm already infected hundreds of networks
Microsoft announced that the Windows worm Raspberry Robin has already infected the networks of hundreds of organizations. Raspberry Robin is...
Security Affairs newsletter Round 372 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Half of actively exploited zero-day issues in H1 2022 are variants of previous flaws
Google Project Zero states that in H1 2022 at least half of zero-day issues exploited in attacks were related to...
The role of Social Media in modern society – Social Media Day 22 interview
This is a transcription of an interview I had at Iran International broadcaster, I discussed about the role of social...
Experts shared PoC exploit code for RCE in Zoho ManageEngine ADAudit Plus tool
Researchers shared technical details and proof-of-concept exploit code for the CVE-2022-28219 flaw in Zoho ManageEngine ADAudit Plus tool. Security researchers...
A ransomware attack forced publishing giant Macmillan to shuts down its systems
A cyber attack forced the American publishing giant Macmillan to shut down its IT systems. The publishing giant Macmillan has...
SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide
Researchers warn of a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021. Researchers...
A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers
Microsoft spotted a cloud threat actor tracked as 8220 that is now targeting Linux servers in a long-running cryptomining campaign....
ZuoRAT is a sophisticated malware that mainly targets SOHO routers
Researchers have analysed a campaign leveraging infected SOHO routers to target predominantly North American and European networks of interest. The...
Raccoon Stealer returns with a new bag of tricks
The popular malware Raccoon stealer, which suspended operations after a developer allegedly died in the Ukraine invasion, has returned. Raccoon...
