breaking news

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Two Russian nationals have been charged with the hack of the cryptocurrency exchange Mt. Gox in 2011 and money laundering. Russian nationals Alexey Bilyuchenko (43) and Aleksandr Verner (29) have been charged with the hack of the cryptocurrency exchange Mt. Gox in 2011 and the operation of the illicit cryptocurrency exchange BTC-e. The duo has […]

The post Russians charged with hacking Mt. Gox exchange and operating BTC-e appeared first on Security Affairs.

June 10, 2023
0 comment
Read More >>

Japanese Pharmaceutical giant Eisai hit by a ransomware attack

This week, the Japanese pharmaceutical giant Eisai has taken its systems offline in response to a ransomware attack. Eisai is a Japanese pharmaceutical company with about 10,000 employees and more than $5 billion in revenue. The company this week was forced to take certain systems offline in response to a cyber attack In response to the ransomware […]

The post Japanese Pharmaceutical giant Eisai hit by a ransomware attack appeared first on Security Affairs.

June 9, 2023
0 comment
Read More >>

Clop ransomware gang was testing MOVEit Transfer bug since 2021

Researchers discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. Kroll security experts discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. Kroll investigated the exploitation attempts for the MOVEit Transfer vulnerability and discovered that Clop threat […]

The post Clop ransomware gang was testing MOVEit Transfer bug since 2021 appeared first on Security Affairs.

June 9, 2023
0 comment
Read More >>

Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue

Researchers published an exploit for an actively exploited Microsoft Windows vulnerability tracked as CVE-2023-29336. The Microsoft Windows vulnerability CVE-2023-29336 (CVSS score 7.8) is an elevation of privilege issue that resides in the Win32k component. Win32k.sys is a system driver file in the Windows operating system. The driver is responsible for providing the interface between user-mode applications and […]

The post Researchers published PoC exploit code for actively exploited Windows elevation of privilege issue appeared first on Security Affairs.

June 9, 2023
0 comment
Read More >>

Experts detail a new Kimsuky social engineering campaign

North Korea-linked APT Kimsuky has been linked to a social engineering campaign aimed at experts in North Korean affairs. SentinelLabs researchers uncovered a social engineering campaign by the North Korea-linked APT group Kimsuky that is targeting experts in North Korean affairs. The attacks are part of a broader campaign recently detailed in a joint advisory published by […]

The post Experts detail a new Kimsuky social engineering campaign appeared first on Security Affairs.

June 8, 2023
0 comment
Read More >>

German recruiter Pflegia leaks sensitive job seeker info

Pflegia, a German healthcare recruitment platform, has exposed hundreds of thousands of files with sensitive user data such as names, home addresses, and emails. Scouting for a new career can be stressful. Now imagine that, instead of a new role, you find that your resume data was exposed. That’s what job seekers using Pflegia’s services […]

The post German recruiter Pflegia leaks sensitive job seeker info appeared first on Security Affairs.

June 8, 2023
0 comment
Read More >>

Cisco fixes privilege escalation bug in Cisco Secure Client

Cisco addressed a high-severity flaw in Cisco Secure Client that can allow attackers to escalate privileges to the SYSTEM account. Cisco has fixed a high-severity vulnerability, tracked as CVE-2023-20178 (CVSS Score 7.8), found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) that can be exploited by low-privileged, authenticated, local attacker to escalate privileges to […]

The post Cisco fixes privilege escalation bug in Cisco Secure Client appeared first on Security Affairs.

June 8, 2023
0 comment
Read More >>

Barracuda ESG appliances impacted by CVE-2023-2868 must be immediately replaced

Barracuda warns customers to immediately replace Email Security Gateway (ESG) appliances impacted by the flaw CVE-2023-2868. At the end of May, the network security solutions provider Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were recently breached by threat actors exploiting a now-patched zero-day vulnerability. The vulnerability, tracked as CVE-2023-2868, resides in the […]

The post Barracuda ESG appliances impacted by CVE-2023-2868 must be immediately replaced appeared first on Security Affairs.

June 8, 2023
0 comment
Read More >>

VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks

Virtualization giant VMware addressed critical and high-severity vulnerabilities in VMware Aria Operations for Networks. Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. VMware Aria Operations for Networks (formerly vRealize Network Insight) is a network monitoring tool that helps organizations build […]

The post VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks appeared first on Security Affairs.

June 8, 2023
0 comment
Read More >>

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and […]

The post Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug appeared first on Security Affairs.

June 7, 2023
0 comment
Read More >>