FTC warns legal action against businesses who fail to mitigate Log4J attacks
The US Federal Trade Commission (FTC) has warned legal action against companies who fail to secure their infrastructure against Log4Shell...
News
Careful! Uber flaw allows anyone to send an email from uber.com
On New Year’s Eve, Seif Elsallamy (@0x21SAFE on Twitter), a bug bounty hunter and security researcher, pointed out a phish-worthy security...
$10m of funds goes missing in what appears to be a cryptocurrency rug-pull
There’s a lot of concern in the cryptocurrency realm at the moment. A yield farming platform “utilizing arbitrage to gain...
Threat actors continue to exploit Log4j flaws in their attacks, Microsoft Warns
Threat actors continue to attempt to exploit Apache Log4J vulnerabilities in their campaigns to deploy malware on target systems, Microsoft...
Researchers used electromagnetic signals to classify malware infecting IoT devices
Cybersecurity researchers demonstrate how to use electromagnetic field emanations from IoT devices to detect malware. A team of academics (Duy-Phuc...
US-CERT Bulletin (SB22-003):Vulnerability Summary for the Week of December 27, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
UScellular discloses the second data breach in a year
UScellular, one of the largest wireless carriers in the US, has disclosed a data breach after the hack suffered in...
Customer support scammers take aim at NFT enthusiasts
Adidas has been making waves in the NFT space with a collection of footwear/bored ape crossover sales. WEN? EARLY ACCESS...
Attackers abused cloud video platform to inject an e-skimmer into 100 Real Estate sites
Threat actors compromised more than 100 real estate websites belonging to the same parent company by implanting an e-skimmer. Threat...
Purple Fox rootkit now bundled with Telegram installer
The Purple Fox rootkit is being spread as an installer for the popular Telegram instant messaging app for Windows, according...
Purple Fox backdoor spreads through fake Telegram App installer
Threat actors are spreading the Purple Fox backdoor using tainted installers of the Telegram messaging application. Threat actors are using...
Hospitality Chain McMenamins discloses data breach after ransomware attack
Hospitality chain McMenamins disclosed a data breach after a recent ransomware attack. Hospitality chain McMenamins discloses a data breach after...
Broward Health suffered a data breach that impacted +1.3 million people
The Broward Health public health system disclosed a massive data breach that has impacted more than 1.3 million individuals. The...
‘doorLock’ – A persistent denial of service flaw affecting iOS 15.2 – iOS 14.7
Expert found a new persistent DoS vulnerability, dubbed ‘doorLock,’ affecting the Apple HomeKit in iOS 14.7 through 15.2. Security researchers...
Israeli Media Outlets hacked on the anniversary of Soleimani killing
Threat actors hacked the website of Jerusalem Post and the Twitter account of Maariv outlet on Soleimani killing anniversary. Threat actors have taken...
SEGA Europe left AWS S3 bucket unsecured exposing data and infrastructure to attack
SEGA Europe inadvertently left users’ personal information publicly accessible on Amazon Web Services (AWS) S3 bucket. SEGA Europe inadvertently left users’ personal...
The worst cyber attacks of 2021
Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses...
What angered us most about cybersecurity in 2021: Lock and Code S03E01
We are just three days into 2022, which means what better time for a 2021 retrospective? But rather than looking...
Microsoft rolled out emergency fix for Y2k22 bug in Exchange servers
Microsoft released an emergency patch to fix the Y2k22 bug that is breaking email delivery on on-premise Microsoft Exchange servers....
Exclusive: NASA Director Twitter account hacked by Powerful Greek Army
The Twitter account of NASA Director Parimal Kopardekar (@nasapk) was hacked by the Powerful Greek Army group. The Twitter account...
Lapsus$ ransomware gang hits Impresa, Portugal’s largest media conglomerate
The Lapsus$ ransomware hit Impresa, the largest media conglomerate in Portugal and the owner of SIC and Expresso. The Lapsus$...
North Korea-linked threat actors stole $1.7 billion from cryptocurrency exchanges
North Korea-linked threat actors are behind some of the largest cyberattacks against cryptocurrency exchanges. North Korea-linked APT groups are suspected...
Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021
According to a report published by Invezz, the number of crypto security breaches increased by up 850% in the last...
Security Affairs newsletter Round 347
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
