breaking news

Myrocket HR platform’s data leak turns into privacy nightmare for employees

HR management platform myrocket.co has exposed the personal information of hundreds of thousands of employees and millions of job candidates. Original post at CyberNews On December 12, 2022, the Cybernews research team discovered a publicly accessible database with 260GB of sensitive personal data belonging to myrocket.co, offering ‘end-to-end’ recruitment solutions and HR services for companies […]

The post Myrocket HR platform’s data leak turns into privacy nightmare for employees appeared first on Security Affairs.

January 18, 2023
0 comment
Read More >>

Experts found SSRF flaws in four different Microsoft Azure services

SSRF vulnerabilities in four Microsoft Azure services could be exploited to gain unauthorized access to cloud resources. Researchers at the security firm Orca discovered that four different Microsoft Azure services were vulnerable to server-side request forgery (SSRF) attacks. Threat actors could have exploited the flaws to gain unauthorized access to cloud resources. Vulnerable services included […]

The post Experts found SSRF flaws in four different Microsoft Azure services appeared first on Security Affairs.

January 18, 2023
0 comment
Read More >>

1,000 ships impacted by a ransomware attack on maritime software supplier DNV

A ransomware attack against the maritime software supplier DNV impacted approximately 1,000 vessels. About 1,000 vessels have been impacted by a ransomware attack against DNV, one of the major maritime software suppliers.  DNV GL provides solutions and services throughout the life cycle of any vessel, from design and engineering to risk assessment and ship management. […]

The post 1,000 ships impacted by a ransomware attack on maritime software supplier DNV appeared first on Security Affairs.

January 17, 2023
0 comment
Read More >>

How to abuse GitHub Codespaces to deliver malicious content

Researchers demonstrated how to abuse a feature in GitHub Codespaces to deliver malware to victim systems. Trend Micro researchers reported that it is possible to abuse a legitimate feature in the development environment GitHub Codespaces to deliver malware to victim systems. Users can customize their project for GitHub Codespaces by committing configuration files to their repository, which […]

The post How to abuse GitHub Codespaces to deliver malicious content appeared first on Security Affairs.

January 17, 2023
0 comment
Read More >>

Patch your Zoho ManageEngine instance immediately! PoC Exploit for CVE-2022-47966 will be released soon

A PoC exploit code for the unauthenticated remote code execution vulnerability CVE-2022-47966 in Zoho ManageEngine will be released soon. The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple Zoho products with SAML SSO enabled in the ManageEngine setup. The issue also impacts products that had the feature enabled in the past. The […]

The post Patch your Zoho ManageEngine instance immediately! PoC Exploit for CVE-2022-47966 will be released soon appeared first on Security Affairs.

January 17, 2023
0 comment
Read More >>

Deciphering and Decoding the Horizon — @LionelNation #AmericaLost #ImpeachBiden #Lionel2K #LionelMedia #LionelNation #TruthWarrior #MaryPatriotNews [Video]

#LionelNation #Subscribe BreakingNewsSubscribe to LionelMedia for my exclusive private videos and analysis/commentary that deal with subjects verboten on censored social media. https://bit.ly/3kveTehWe need and appreciate your faith devotion and support. Please utilize the donation/contribution links as listed. And if you’ve a special question or comment we shall read such accordingly if you so desire. And we thank you. Truly.PayPal: https://bit.ly/3GKU8EW Cash App: https://bit.ly/3xqcU0b Patreon: https://bit.ly/3MbbE69 Venmo: @LionelNationBitcoin: 36RgnUMJ4ARaAfkmwjC97DxcYawb3QKiak Dogecoin: DLxwsuYXrHcS66qKXHxZScv94RzeiSxTwc Ethereum: 0x0BEA4ed75384872fF418934Fc155FdC6d59C263d Litecoin: MFhmPMTg7hcnT8SAoWb7dFLWeZWWhhn7Zz SUPPORT OUR SPONSORSMy Patriot Supply Special Lionel Offer: ACT QUICKLY and SAVE $250 on a Three-Month Emergency Food Kit. It’s their LOWEST price in THREE YEARS . Here’s the link. → http://www.preparewithlionel.com/MyPillow: Use the Promo Code LIONEL and Receive a Free Gifthttps://www.mypillow.com/lionelOr Call 800-645-4965EMP Attacks are real! Eliminate the threat now!https://www.empshield.com?coupon=lionelnationTake safety and security into your own hands click the link above ^^Subscribe to the LionelNation Exclusive Videos: https://bit.ly/3kveTeh Physical Mailing Address: c/o The Lebron Firm 745 Fifth Avenue – 5th FL New York, New York 10151

January 17, 2023
0 comment
Read More >>

Fortinet observed three rogue PyPI packages spreading malware

Researchers discovered three malicious packages that have been uploaded to the Python Package Index (PyPI) repository by Lolip0p group. FortiGuard Labs researchers discovered three malicious PyPI packages (called ‘colorslib’, ‘httpslib’, and “libhttps”) on the PyPI repository that were uploaded by the same actor, Lolip0p. The packages were discovered on January 10, 2023, the packages “colorslib” and […]

The post Fortinet observed three rogue PyPI packages spreading malware appeared first on Security Affairs.

January 17, 2023
0 comment
Read More >>

Managing Asset Risks During Healthcare M&As

How healthcare delivery organizations (HDOs) can manage the IT asset risks during a healthcare M&A process. Mergers and Acquisitions (M&A), you’ve probably heard the term before. An M&A is often associated with the “business world”; with industries such as finance, retail, technology, and more. But M&As are also common in the healthcare industry, and the […]

The post <strong>Managing Asset Risks During Healthcare M&As</strong> appeared first on Security Affairs.

January 17, 2023
0 comment
Read More >>

Avast researchers released a free BianLian ransomware decryptor for some variants of the malware

Antivirus firm Avast released a free decryptor for the BianLian ransomware family that allows victims to recover locked files. Security firm Avast has released a free decryptor for the BianLian ransomware to allow victims of the malware to recover locked files. The BianLian ransomware emerged in August 2022, the malware was employed in attacks against organizations in […]

The post Avast researchers released a free BianLian ransomware decryptor for some variants of the malware appeared first on Security Affairs.

January 16, 2023
0 comment
Read More >>

Experts spotted a backdoor that borrows code from CIA’s Hive malware

Netlab 360 observed unidentified threat actors using a new backdoor based on the US CIA’s Project Hive malware suite. Researchers from Qihoo Netlab 360 reported that unidentified threat actors using a new backdoor based on the US CIA’s Project Hive malware suite. “Hive provides a covert communications platform for a whole range of CIA malware to send exfiltrated […]

The post Experts spotted a backdoor that borrows code from CIA’s Hive malware appeared first on Security Affairs.

January 16, 2023
0 comment
Read More >>