Threat actors are actively exploiting a zero-day in WPGateway WordPress plugin
Threat actors are actively exploiting a zero-day vulnerability in the WPGateway premium plugin to target WordPress websites. The Wordfence Threat...
hacking
Microsoft September 2022 Patch Tuesday fixed actively exploited zero-day
Microsoft released September 2022 Patch Tuesday security updates to address 64 flaws, including an actively exploited Windows zero-day. Microsoft September...
Cyber espionage campaign targets Asian countries since 2021
A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. Threat actors are targeting...
Trend Micro addresses actively exploited Apex One zero-day
Trend Micro addressed multiple vulnerabilities in its Apex One endpoint security product, including actively exploited zero-day flaws. Trend Micro announced...
Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks
Iran-linked threat actors target individuals specializing in Middle Eastern affairs, nuclear security and genome research. In mid-2022, Proofpoint researchers uncovered...
Montenegro and its allies are working to recover from the massive cyber attack
A massive cyberattack hit Montenegro, officials believe that it was launched by pro-Russian hackers and the security services of Moscow....
Pro-Palestinian group GhostSec hacked Berghof PLCs in Israel
The hacktivist collective GhostSec claimed to have compromised 55 Berghof PLCs used by Israeli organizations. Pro-Palestinian Hacking Group GhostSec claimed to have...
Apple fixed the eighth actively exploited zero-day this year
Apple has addressed the eighth zero-day vulnerability that is actively exploited in attacks against iPhones and Macs since January. Apple...
Google announced the completion of the acquisition of Mandiant for $5.4 billion
Google completed the acquisition of the threat intelligence firm Mandiant, the IT giant will pay $5.4 billion. Google announced the...
PersistenceSniper – Powershell Script That Can Be Used By Blue Teams, Incident Responders And System Administrators To Hunt Persistences Implanted In Windows Machines
PersistenceSniper is a Powershell script that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences...
Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems
Cisco confirmed the May attack and that the data leaked by the Yanluowang ransomware group was stolen from its systems....
Some firmware bugs in HP business devices are yet to be fixed
Six high-severity firmware bugs affecting several HP Enterprise devices are yet to be patched, some of them since July 2021....
Albania was hit by a new cyberattack and blames Iran
Albania blamed Iran for a new cyberattack that hit computer systems used by the state police on Friday. Albania blamed...
Security Affairs newsletter Round 383
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Iran-linked APT42 is behind over 30 espionage attacks
Iran-linked APT42 (formerly UNC788) is suspected to be the actor behind over 30 cyber espionage attacks against activists and dissidents....
Nim-RunPE – A Nim Implementation Of Reflective PE-Loading From Memory
A Nim implementation of reflective PE-Loading from memory. The base for this code was taken from RunPE-In-Memory - which I...
IHG suffered a cyberattack that severely impacted its booking process
InterContinental Hotels Group PLC (IHG) discloses a security breach, parts of its IT infrastructure has been subject to unauthorised activity...
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. Secureworks...
GraphCrawler – GraphQL Automated Security Testing Toolkit
Graph Crawler is the most powerful automated testing toolkit for any GraphQL endpoint.NEW: Can search for endpoints for you using...
Scammers live-streamed on YouTube a fake Apple crypto event
Scammers live-streamed on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens...
US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack
The U.S. Treasury Department sanctioned Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the...
$30 Million worth of cryptocurrency stolen by Lazarus from Axie Infinity was recovered
US authorities recovered more than $30 million worth of cryptocurrency stolen by the North Korea-linked Lazarus APT from Axie Infinity....
Gohide – Tunnel Port To Port Traffic Over An Obfuscated Channel With AES-GCM Encryption
Tunnel port to port traffic via an obfuscated channel with AES-GCM encryption.Obfuscation ModesSession Cookie HTTP GET (http-client)Set-Cookie Session Cookie HTTP/2...
Experts warn of attacks exploiting zero-day in WordPress BackupBuddy plugin
Threat actors are exploiting a zero-day vulnerability in a WordPress plugin called BackupBuddy, Wordfence researchers warned. On September 6, 2022, the...
