breaking news

CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices

The US CISA warns of cyber attacks targeting Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warning of cyber attacks against Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices exploiting recently discovered zero-day CVE-2023-3519. The Agency states that threat actors targeted a NetScaler ADC appliance […]

The post CISA warns of attacks against Citrix NetScaler ADC and Gateway Devices appeared first on Security Affairs.

July 21, 2023
0 comment
Read More >>

Experts believe North Korea behind JumpCloud supply chain attack

SentinelOne researchers attribute the recent supply chain attacks on JumpCloud to North Korea-linked threat actors. JumpCloud is a cloud-based directory service platform designed to manage user identities, devices, and applications in a seamless and secure manner. It allows IT administrators to centralize and simplify their identity and access management tasks across various systems and applications. […]

The post Experts believe North Korea behind JumpCloud supply chain attack appeared first on Security Affairs.

July 21, 2023
0 comment
Read More >>

Nice Suzuki, sport: shame dealer left your data up for grabs

Cybernews research team discovered that two Suzuki-authorized dealer websites were leaking customers’ sensitive information. Suzuki or otherwise, buying a new vehicle is an intense experience with complicated credit, insurance, documentation, and contracts. Think of all the data that you leave in a dealership, including the fact that you now own a brand-new car – which […]

The post Nice Suzuki, sport: shame dealer left your data up for grabs appeared first on Security Affairs.

July 21, 2023
0 comment
Read More >>

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. The APT41 group, aka Winnti, Axiom, Barium, Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. Researchers at cybersecurity firm […]

The post Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group appeared first on Security Affairs.

July 21, 2023
0 comment
Read More >>

ALPHV/BlackCat and Clop gangs claim to have hacked cosmetics giant Estée Lauder

The American cosmetics giant company Estée Lauder was hacked by two distinct ransomware groups, the ALPHV/BlackCat and Clop gangs. Yesterday the cybersecurity expert @sonoclaudio first alerted me about a strange circumstance, two ransomware actors, ALPHV/BlackCat and Clop, claim to have hacked the cosmetics giant company Estée Lauder and added the company to their Tor leak […]

The post ALPHV/BlackCat and Clop gangs claim to have hacked cosmetics giant Estée Lauder appeared first on Security Affairs.

July 20, 2023
0 comment
Read More >>

P2PInfect, a Rusty P2P worm targets Redis Servers on Linux and Windows systems

Cybersecurity researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers. Palo Alto Networks Unit 42 researchers have discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers running on both Linux and Windows systems. The capability to target Redis servers running on both Linux and Windows operating systems makes P2PInfect more scalable and […]

The post P2PInfect, a Rusty P2P worm targets Redis Servers on Linux and Windows systems appeared first on Security Affairs.

July 20, 2023
0 comment
Read More >>

Adobe out-of-band update addresses an actively exploited ColdFusion zero-day

Adobe released an emergency update to address critical vulnerabilities in ColdFusion, including an actively exploited zero-day. Adobe released an out-of-band update to address critical and moderate vulnerabilities in ColdFusion, including a zero-day flaw that is actively exploited in attacks.  The vulnerabilities could lead to arbitrary code execution and security feature bypass. The impacted ColdFusion versions are 2023, 2021 […]

The post Adobe out-of-band update addresses an actively exploited ColdFusion zero-day appeared first on Security Affairs.

July 20, 2023
0 comment
Read More >>

Ukraine’s cyber police dismantled a massive bot farm spreading propaganda

The Cyber ​​Police Department of the National Police of Ukraine dismantled a massive bot farm and seized 150,000 SIM cards. A gang of more than 100 individuals used fake social network accounts to conduct disinformation and psychological operations in support of the Russian government and its narrative on the invasion of Ukraine. The gang used […]

The post Ukraine’s cyber police dismantled a massive bot farm spreading propaganda appeared first on Security Affairs.

July 19, 2023
0 comment
Read More >>

US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits

The U.S. government added surveillance technology vendors Cytrox and Intellexa to an economic blocklist for trafficking in cyber exploits. The Commerce Department’s Bureau of Industry and Security (BIS) added surveillance technology vendors Intellexa and Cytrox to the Entity List for trafficking in cyber exploits used to gain access to information systems. The Entity List maintained […]

The post US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits appeared first on Security Affairs.

July 19, 2023
0 comment
Read More >>

Citrix warns of actively exploited zero-day in ADC and Gateway

Citrix is warning customers of an actively exploited critical vulnerability in NetScaler Application Delivery Controller (ADC) and Gateway. Citrix is warning customers of a critical vulnerability, tracked as CVE-2023-3519 (CVSS score: 9.8), in NetScaler Application Delivery Controller (ADC) and Gateway that is being actively exploited in the wild. The vulnerability Tracked as CVE-2023-3519 (CVSS score: 9.8), the vulnerability is […]

The post Citrix warns of actively exploited zero-day in ADC and Gateway appeared first on Security Affairs.

July 19, 2023
0 comment
Read More >>