breaking news

VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root

VMware fixed two severe flaws, tracked as CVE-2023-20864 and CVE-2023-20865, impacting the VMware Aria Operations for Logs product. The virtualization giant VMware released security updates to address two critical vulnerabilities, tracked as CVE-2023-20864 and CVE-2023-20865, impacting the VMware Aria Operations for Logs product (formerly vRealize Log Insight). The vulnerability CVE-2023-20864 (CVSSv3 base score of 9.8) […]

The post VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root appeared first on Security Affairs.

April 21, 2023
0 comment
Read More >>

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

North Korea-linked APT group Lazarus employed new Linux malware in attacks that are part of Operation Dream Job. North Korea-linked APT group Lazarus is behind a new campaign tracked as Operation DreamJob (aka DeathNote or NukeSped) that employed Linux malware. The threat actors were observed using social engineering techniques to compromise its targets, with fake job offers […]

The post Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack appeared first on Security Affairs.

April 21, 2023
0 comment
Read More >>

Experts disclosed two critical flaws in Alibaba cloud database services

Researchers disclosed two critical flaws in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL. Researchers from cloud security firm Wiz discovered two critical flaws, collectively dubbed BrokenSesame, in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL. ApsaraDB RDS is a managed database hosting service, meanwhile, AnalyticDB for PostgreSQL is a managed […]

The post Experts disclosed two critical flaws in Alibaba cloud database services appeared first on Security Affairs.

April 20, 2023
0 comment
Read More >>

Google TAG warns of Russia-linked APT groups targeting Ukraine

The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine to gather intelligence and aimed at spreading disinformation, states Google’s Threat Analysis Group (TAG). In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing […]

The post Google TAG warns of Russia-linked APT groups targeting Ukraine appeared first on Security Affairs.

April 20, 2023
0 comment
Read More >>

Trigona Ransomware targets Microsoft SQL servers

Threat actors are hacking poorly secured and Interned-exposed Microsoft SQL servers to deploy the Trigona ransomware. Threat actors are hacking into poorly secured and public-facing Microsoft SQL servers to deploy Trigona ransomware. Trigona is a malware strain that was discovered in October 2022, and Palo Alto Unit 42 researchers reported similarities between Trigona and the […]

The post Trigona Ransomware targets Microsoft SQL servers appeared first on Security Affairs.

April 20, 2023
0 comment
Read More >>

Russian national sentenced to time served for committing money laundering for the Ryuk ransomware operation

Russian national Denis Mihaqlovic Dubnikov has been sentenced to time served for committing money laundering for the Ryuk ransomware operation. Russian national Denis Dubnikov (30) has been sentenced to time served for committing money laundering for the Ryuk ransomware group. The man was also ordered to pay $2,000 in restitution.   On February 7, 2023, Dubnikov pleaded […]

The post Russian national sentenced to time served for committing money laundering for the Ryuk ransomware operation appeared first on Security Affairs.

April 19, 2023
0 comment
Read More >>

Google fixed the second actively exploited Chrome zero-day of 2023

Google rolled out emergency security patches to address another actively exploited high-severity zero-day flaw in the Chrome browser. Google rolled out emergency fixes to address another actively exploited high-severity zero-day flaw, tracked as CVE-2023-2136, in its Chrome web browser. The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by […]

The post Google fixed the second actively exploited Chrome zero-day of 2023 appeared first on Security Affairs.

April 19, 2023
0 comment
Read More >>

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

UK and US agencies are warning of Russia-linked APT28 group exploiting vulnerabilities in Cisco networking equipment. Russia-linked APT28 group accesses unpatched Cisco routers to deploy malware exploiting the not patched CVE-2017-6742 vulnerability (CVSS score: 8.8), states a joint report published by the UK National Cyber Security Centre (NCSC), the US National Security Agency (NSA), US Cybersecurity and Infrastructure […]

The post US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws appeared first on Security Affairs.

April 19, 2023
0 comment
Read More >>

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

An Iran-linked APT group tracked as Mint Sandstorm is behind a string of attacks aimed at US critical infrastructure between late 2021 to mid-2022. Microsoft has linked the Iranian Mint Sandstorm APT (previously tracked by Microsoft as PHOSPHORUS) to a series of attacks aimed at US critical infrastructure between late 2021 to mid-2022. The IT giant reported Mint […]

The post Iran-linked Mint Sandstorm APT targeted US critical infrastructure appeared first on Security Affairs.

April 19, 2023
0 comment
Read More >>

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. In 2022, the Citizen Lab analyzed the NSO Group activity after finding […]

The post PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022 appeared first on Security Affairs.

April 19, 2023
0 comment
Read More >>