News
Entertainment
Science & Technology
Sport
Business & Money
Life
Culture & Art
Hobbies
8 | Follower
Security Affairs
30.04.2024
The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024.
The FCC fined the largest U.S. wireless carriers $200 million for sharing customers' real-time location data without consent.
A Belarusian group of activist group claims to have infiltrated the network of the country’s main KGB agency.
Google announced they have prevented 2.28 million policy-violating apps from being published in the official Google Play.
Financial Business and Consumer Solutions (FBCS) suffered a data breach that exposed information 2 million individuals.
29.04.2024
Los Angeles County Department of Health Services reported a data breach that exposed thousands of patients' personal and health information.
ICICI Bank, a major private bank in India, mistakenly exposed the sensitive data of thousands of new credit cards to unintended recipients.
Multiple flaws in Brocade SANnav storage area network (SAN) management application can allow to compromise impacted appliances.
Identity and access management services provider Okta warned of a spike in credential stuffing attacks aimed at online services.
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
28.04.2024
Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs.
A hacking campaign targeted Ukraine exploiting a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike.
27.04.2024
A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites
ThreatFabric researchers identified a new Android malware called Brokewell, which implements a wide range of device takeover capabilities.
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals in the United States.
26.04.2024
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply.....
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer Samourai.
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability.
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities catalog.
25.04.2024
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics layer engine.
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks.
24.04.2024
An attack on Leicester City Council resulted in certain street lights remaining illuminated all day and severely impacted its operations
Treasury Department's Office of Foreign Assets Control sanctioned four Iranian nationals for their role in cyberattacks against the US.
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities.
23.04.2024
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the commercial spyware business
Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw.
A cyber attack has been disrupting operations at Synlab Italia, a leading provider of medical diagnosis services, since April 18.
Researcher demonstrated how to exploit vulnerabilities in the Windows DOS-to-NT path conversion process to achieve rootkit-like capabilities.
A financially motivated group named GhostR claims the theft of a sensitive database from World-Check and threatens to publish it.
22.04.2024
Japan's CERT warns of a vulnerability in the Forminator WordPress plugin that allows unrestricted file uploads to the server.
Threat actors target government entities in the Middle East with a new backdoor dubbed CR4T as part of an operation tracked as DuneQuixote.
Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments.
21.04.2024
A French hospital was forced to return to pen and paper and postpone medical treatments after a cyber attack.
Threat actors exploited a critical zero-day vulnerability in the CrushFTP enterprise in targeted attacks, Crowdstrike experts warn.
20.04.2024
The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days.
China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher Wray.