breaking news

Paramount Global disclosed a data breach

Multinational mass media conglomerate Paramount Global suffered a data breach after an unauthorized party accessed files from certain of its systems. Multinational mass media conglomerate Paramount Global disclosed a data breach. According to the data breach notification letter sent to the impacted individuals, an unauthorized party accessed files from certain systems of the company between […]

The post Paramount Global disclosed a data breach appeared first on Security Affairs.

August 31, 2023
0 comment
Read More >>

National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

The National Safety Council leaked thousands of emails and passwords of their members, including companies such as NASA and Tesla. The National Safety Council has leaked nearly 10,000 emails and passwords of their members, exposing 2000 companies, including governmental organizations and big corporations. The National Safety Council (NSC) is a non-profit organization in the United […]

The post National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization appeared first on Security Affairs.

August 31, 2023
0 comment
Read More >>

Abusing Windows Container Isolation Framework to avoid detection by security products

Researchers demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. Researcher Daniel Avinoam at the recent DEF CON hacking conference demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. The expert explained that Windows OS separates the file system from each container to the host […]

The post Abusing Windows Container Isolation Framework to avoid detection by security products appeared first on Security Affairs.

August 31, 2023
0 comment
Read More >>

Chinese GREF APT distributes spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores

China-linked APT group GREF is behind a malware campaign distributing spyware via trojanized Signal and Telegram apps on Google Play ESET researchers uncovered a cyberespionage campaign carried out by the China-linked APT group known as GREF that is distributing spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores. The malware […]

The post Chinese GREF APT distributes spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores appeared first on Security Affairs.

August 30, 2023
0 comment
Read More >>

Threat actors started exploiting Juniper flaws shortly after PoC release

Threat actors started using the exploit chain in attacks on Juniper EX switches and SRX firewalls shortly after the release of the PoC code. This week, watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. An unauthenticated attacker can chain the vulnerabilities to gain remote code execution in Juniper […]

The post Threat actors started exploiting Juniper flaws shortly after PoC release appeared first on Security Affairs.

August 30, 2023
0 comment
Read More >>

Critical RCE flaw impacts VMware Aria Operations Networks

VMware fixed two security flaws in Aria Operations for Networks that could be exploited to bypass authentication and gain remote code execution. VMware has released security updates to address two vulnerabilities in Aria Operations for Networks, respectively tracked as CVE-2023-34039 (CVSS score: 9.8) and CVE-2023-20890 (CVSS score: 7.2). The vulnerability CVE-2023-34039 is an authentication bypass […]

The post Critical RCE flaw impacts VMware Aria Operations Networks appeared first on Security Affairs.

August 30, 2023
0 comment
Read More >>

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

FBI coordinated an international law enforcement operation, named Operation ‘Duck Hunt’, that dismantled the Qakbot botnet. The FBI announced that the Qakbot botnet has been dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’ Qakbot, also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active […]

The post FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet appeared first on Security Affairs.

August 30, 2023
0 comment
Read More >>

UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. In June, Mandiant researchers linked the threat actor UNC4841 to the attacks that exploited the recently patched Barracuda ESG zero-day vulnerability to China. “Through the investigation, Mandiant identified a suspected China-nexus actor, currently tracked as UNC4841, targeting a subset of Barracuda ESG […]

The post UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw appeared first on Security Affairs.

August 29, 2023
0 comment
Read More >>

Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months

Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) has been infiltrated for months. Threat actors have infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for as much as nine months. The intruders China-linked hackers may have gained access to sensitive data, according to three government and private sector […]

The post Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months appeared first on Security Affairs.

August 29, 2023
0 comment
Read More >>