breaking news

A Linux NetFilter kernel flaw allows escalating privileges to ‘root’

A Linux NetFilter kernel flaw, tracked as CVE-2023-32233, can be exploited by unprivileged local users to escalate their privileges to root. Netfilter is a framework provided by the Linux kernel that allows various networking-related operations to be implemented in the form of customized handlers. Netfilter offers various functions and operations for packet filtering, network address translation, and port translation, which provide the functionality required […]

The post A Linux NetFilter kernel flaw allows escalating privileges to ‘root’ appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet

A DDoS botnet dubbed AndoryuBot has been observed exploiting an RCE, tracked as CVE-2023-25717, in Ruckus access points. FortiGuard Labs researchers have recently observed a spike in attacks attempting to exploit the Ruckus Wireless Admin remote code execution vulnerability tracked as CVE-2023-25717. The activity is associated with a known DDoS botnet tracked as AndoryuBot that […]

The post Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

FBI seized 13 domains linked to DDoS-for-hire platforms

The U.S. DoJ announced the seizure of 13 new domains associated with DDoS-for-hire platforms as part of Operation PowerOFF. The U.S. Justice Department announced the seizure of 13 domains linked to DDoS-for-hire services as part of a coordinated international law enforcement effort known as Operation PowerOFF. DDoS-for-hire or ‘booter’ services allows registered users to launch order DDoS […]

The post FBI seized 13 domains linked to DDoS-for-hire platforms appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

New CACTUS ransomware appeared in the threat landscape

Researchers warn of a new ransomware family called CACTUS that exploits known vulnerabilities in VPN appliances to gain initial access to victims’ networks. Researchers from cybersecurity firm Kroll have analyzed on a new ransomware family called CACTUS that has been spotted exploiting known flaws in VPN appliances to achieve initial access to targeted networks. The […]

The post New CACTUS ransomware appeared in the threat landscape appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

Iran-linked APT groups started exploiting Papercut flaw

Microsoft warns of Iran-linked APT groups that are targeting vulnerable PaperCut MF/NG print management servers. Microsoft warns that Iran-linked APT groups have been observed exploiting the CVE-2023-27350 flaw in attacks against PaperCut MF/NG print management servers. The CVE-2023-27350 flaw is a PaperCut MF/NG Improper Access Control Vulnerability. PaperCut MF/NG contains an improper access control vulnerability within the […]

The post Iran-linked APT groups started exploiting Papercut flaw appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

Money Message gang leaked private code signing keys from MSI data breach

The ransomware gang behind the attack on Taiwanese PC maker MSI leaked the company’s private code signing keys on their darkweb leak site. In early April, the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards […]

The post Money Message gang leaked private code signing keys from MSI data breach appeared first on Security Affairs.

May 8, 2023
0 comment
Read More >>

NextGen Healthcare suffered a data breach that impacted +1 Million individuals

NextGen Healthcare suffered a data breach, the security incident exposed the personal information of approximately 1 million individuals. Healthcare solutions provider NextGen Healthcare suffered a data breach that exposed the personal information of informing approximately one million individuals. NextGen Healthcare, Inc. is an American software and services company that develops and sells electronic health record (EHR) software and practice management systems to […]

The post NextGen Healthcare suffered a data breach that impacted +1 Million individuals appeared first on Security Affairs.

May 8, 2023
0 comment
Read More >>