breaking news

A cyberattack disrupted Lyca Mobile services

International mobile virtual network operator Lyca Mobile announced it has been the victim of a cyber attack that disrupted its network. Lyca Mobile is a mobile virtual network operator (MVNO) that provides prepaid mobile phone services to customers in several countries worldwide. A mobile virtual network operator doesn’t own its own physical wireless network infrastructure […]

The post A cyberattack disrupted Lyca Mobile services appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

Chipmaker Qualcomm warns of three actively exploited zero-days

Chipmaker Qualcomm addressed 17 vulnerabilities in various components and warns of three other actively exploited zero-day flaws. Chipmaker Qualcomm released security updates to address 17 vulnerabilities in several components. Three out of 17 flaws are rated Critical, 13 are rated High, and one is rated Medium in severity. The company is also warning that three […]

The post Chipmaker Qualcomm warns of three actively exploited zero-days appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

DRM Report Q2 2023 – Ransomware threat landscape

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. In an era where digitalization has woven its web into the very fabric of our lives, the dark underbelly of the digital realm continues to pose an ever-growing threat. Ransomware, a menace […]

The post DRM Report Q2 2023 – Ransomware threat landscape appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Threat actors exploited an open redirection vulnerability in the job search platform Indeed to carry out phishing attacks. Researchers from the cybersecurity firm Menlo Security reported that threat actors exploited an open redirection vulnerability in the job search platform Indeed in phishing attacks. The phishing attacks were aimed at senior executives across various industries, primarily […]

The post Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

San Francisco’s transport agency Metropolitan Transportation Commission (MTC) exposes drivers’ plate numbers and addresses

A misconfiguration in the Metropolitan Transportation Commission (MTC) systems caused a leak of over 26K files, exposing clients’ home addresses and the plate numbers of their vehicles. The Metropolitan Transportation Commission (MTC) is a governmental agency responsible for regional transportation planning and financing in the San Francisco Bay Area. The latest research by Cybernews shows […]

The post San Francisco’s transport agency Metropolitan Transportation Commission (MTC) exposes drivers’ plate numbers and addresses appeared first on Security Affairs.

October 3, 2023
0 comment
Read More >>

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. The BunnyLoader malware loader is written in C/C++ and is sold on various forums for $250 for […]

The post BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums appeared first on Security Affairs.

October 3, 2023
0 comment
Read More >>

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Researchers have identified the exfiltration infrastructure of a LockBit affiliate while investigating a LockBit extortion incident that occurred in Q3 2023. Executive Summary NOTE: This version of the report has been redacted for TLP:WHITE disclosure. Introduction Digging into ransomware infections always provides valuable insights. This time, we investigated peculiar details of a recent Lockbit-based intrusion […]

The post Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more) appeared first on Security Affairs.

October 3, 2023
0 comment
Read More >>

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Researchers from cybersecurity firm TG Soft are warning Italian entities and companies of LockBit 3.0 Black and BlackCat/AlphV attacks. In the last few weeks, two cybercriminal groups that have also targeted Italian entities and businesses, are back in the news; they are LockBit 3.0 Black and BlackCat/AlphV, which had already been reported by the media in the first decade of […]

The post Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV appeared first on Security Affairs.

October 3, 2023
0 comment
Read More >>

European Telecommunications Standards Institute (ETSI) suffered a data breach

The European Telecommunications Standards Institute (ETSI) disclosed a data breach, threat actors had access to a database of its users. Threat actors stole a database containing the list of users of the portal of the European Telecommunications Standards Institute (ETSI). The European Telecommunications Standards Institute is an independent, not-for-profit organization based in Europe. The organization […]

The post European Telecommunications Standards Institute (ETSI) suffered a data breach appeared first on Security Affairs.

October 3, 2023
0 comment
Read More >>

WS_FTP flaw CVE-2023-40044 actively exploited in the wild

Experts warn of threat actors actively exploiting CVE-2023-40044 flaw in recently disclosed flaw in Progress Software’s WS_FTP products. Progress Software recently warned customers to address a critical severity vulnerability, tracked as CVE-2023-40044 (CVSS score 10), in its WS_FTP Server software which is used by thousands of IT teams worldwide. The vulnerability was discovered by researchers at the […]

The post WS_FTP flaw CVE-2023-40044 actively exploited in the wild appeared first on Security Affairs.

October 2, 2023
0 comment
Read More >>