breaking news

Apple fixed the 17th zero-day flaw exploited in attacks

Apple released emergency security updates to address a new actively exploited zero-day vulnerability impacting iPhone and iPad devices. Apple released emergency security updates to address a new zero-day vulnerability, tracked as CVE-2023-42824, that is exploited in attacks targeting iPhone and iPad devices. The vulnerability is a privilege escalation issue that resides in the Kernel, it was addressed […]

The post Apple fixed the 17th zero-day flaw exploited in attacks appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks

Atlassian fixed a critical zero-day flaw in its Confluence Data Center and Server software, which has been exploited in the wild. Software giant Atlassian released emergency security updates to address a critical zero-day vulnerability, tracked as CVE-2023-22515 (CVSS score 10), in its Confluence Data Center and Server software. The flaw CVE-2023-22515 is a privilege escalation vulnerability […]

The post Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

A cyberattack disrupted Lyca Mobile services

International mobile virtual network operator Lyca Mobile announced it has been the victim of a cyber attack that disrupted its network. Lyca Mobile is a mobile virtual network operator (MVNO) that provides prepaid mobile phone services to customers in several countries worldwide. A mobile virtual network operator doesn’t own its own physical wireless network infrastructure […]

The post A cyberattack disrupted Lyca Mobile services appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

Chipmaker Qualcomm warns of three actively exploited zero-days

Chipmaker Qualcomm addressed 17 vulnerabilities in various components and warns of three other actively exploited zero-day flaws. Chipmaker Qualcomm released security updates to address 17 vulnerabilities in several components. Three out of 17 flaws are rated Critical, 13 are rated High, and one is rated Medium in severity. The company is also warning that three […]

The post Chipmaker Qualcomm warns of three actively exploited zero-days appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

DRM Report Q2 2023 – Ransomware threat landscape

The DRM Report Q2 2023 report provides a detailed insight into the ransomware threat landscape during the period between May and August 2023. In an era where digitalization has woven its web into the very fabric of our lives, the dark underbelly of the digital realm continues to pose an ever-growing threat. Ransomware, a menace […]

The post DRM Report Q2 2023 – Ransomware threat landscape appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Threat actors exploited an open redirection vulnerability in the job search platform Indeed to carry out phishing attacks. Researchers from the cybersecurity firm Menlo Security reported that threat actors exploited an open redirection vulnerability in the job search platform Indeed in phishing attacks. The phishing attacks were aimed at senior executives across various industries, primarily […]

The post Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform appeared first on Security Affairs.

October 4, 2023
0 comment
Read More >>

San Francisco’s transport agency Metropolitan Transportation Commission (MTC) exposes drivers’ plate numbers and addresses

A misconfiguration in the Metropolitan Transportation Commission (MTC) systems caused a leak of over 26K files, exposing clients’ home addresses and the plate numbers of their vehicles. The Metropolitan Transportation Commission (MTC) is a governmental agency responsible for regional transportation planning and financing in the San Francisco Bay Area. The latest research by Cybernews shows […]

The post San Francisco’s transport agency Metropolitan Transportation Commission (MTC) exposes drivers’ plate numbers and addresses appeared first on Security Affairs.

October 3, 2023
0 comment
Read More >>

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. The BunnyLoader malware loader is written in C/C++ and is sold on various forums for $250 for […]

The post BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums appeared first on Security Affairs.

October 3, 2023
0 comment
Read More >>

Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more)

Researchers have identified the exfiltration infrastructure of a LockBit affiliate while investigating a LockBit extortion incident that occurred in Q3 2023. Executive Summary NOTE: This version of the report has been redacted for TLP:WHITE disclosure. Introduction Digging into ransomware infections always provides valuable insights. This time, we investigated peculiar details of a recent Lockbit-based intrusion […]

The post Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more) appeared first on Security Affairs.

October 3, 2023
0 comment
Read More >>

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

Researchers from cybersecurity firm TG Soft are warning Italian entities and companies of LockBit 3.0 Black and BlackCat/AlphV attacks. In the last few weeks, two cybercriminal groups that have also targeted Italian entities and businesses, are back in the news; they are LockBit 3.0 Black and BlackCat/AlphV, which had already been reported by the media in the first decade of […]

The post Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV appeared first on Security Affairs.

October 3, 2023
0 comment
Read More >>