Hacking News

Apple addressed actively exploited zero-day flaws in iOS, macOS, and Safari

Apple rolled out security updates to address actively exploited zero-day flaws in iOS, iPadOS, macOS, watchOS, and Safari. Apple addressed a set of vulnerabilities in iOS, iPadOS, macOS, watchOS, and the Safari browser that were actively exploited in the wild. The IT giant addressed the zero-day vulnerabilities, tracked as CVE-2023-32434 and CVE-2023-32435, exploited as part […]

The post Apple addressed actively exploited zero-day flaws in iOS, macOS, and Safari appeared first on Security Affairs.

June 22, 2023
0 comment
Read More >>

Analyzing the TriangleDB implant used in Operation Triangulation

Kaspersky provided more details about Operation Triangulation, including the exploitation chain and the implant used by the threat actors. Kaspersky researchers dug into Operation Triangulation and discovered more details about the exploit chain employed to deliver the spyware to iOS devices. In early June, the researchers from the Russian firm Kaspersky uncovered a previously unknown […]

The post Analyzing the TriangleDB implant used in Operation Triangulation appeared first on Security Affairs.

June 22, 2023
0 comment
Read More >>

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. A joint investigation conducted by Ukraine’s Computer Emergency Response Team (CERT-UA) and Recorded Future revealed that the Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has been active since at least 2007 […]

The post Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities appeared first on Security Affairs.

June 21, 2023
0 comment
Read More >>

New Condi DDoS botnet targets TP-Link Wi-Fi routers

Researchers discovered a new strain of malware called Condi that targets TP-Link Archer AX21 (AX1800) Wi-Fi routers. Fortinet FortiGuard Labs Researchers discovered a new strain of malware called Condi that was observed exploiting a vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers. “FortiGuard Labs encountered recent samples of a DDoS-as-a-service botnet calling itself Condi. It attempted to spread by exploiting TP-Link […]

The post New Condi DDoS botnet targets TP-Link Wi-Fi routers appeared first on Security Affairs.

June 21, 2023
0 comment
Read More >>

Critical RCE flaw CVE-2023-20887 in VMware vRealize exploited in the wild

VMware is warning customers that critical remote code execution vulnerability CVE-2023-20887 is being actively exploited in attacks. VMware is warning customers that a critical remote code execution vulnerability in Aria Operations for Networks (Formerly vRealize Network Insight), tracked as CVE-2023-20887, is being actively exploited in the wild. “VMware has confirmed that exploitation of CVE-2023-20887 has […]

The post Critical RCE flaw CVE-2023-20887 in VMware vRealize exploited in the wild appeared first on Security Affairs.

June 21, 2023
0 comment
Read More >>

3CX data exposed, third-party to blame

A third-party vendor of 3CX, a popular Voice over Internet Protocol (VoIP) comms provider, left an open server and exposed sensitive 3CX data. The issue went under the company’s radar, even though it was recently targeted by North Korean hackers. While victims of cyberattacks should not be ridiculed, there’s a reason that sayings like “fool […]

The post 3CX data exposed, third-party to blame appeared first on Security Affairs.

June 21, 2023
0 comment
Read More >>

New Tsunami botnet targets Linux SSH servers

Researchers warn of an ongoing Tsunami DDoS botnet campaign targeting inadequately protected Linux SSH servers. Researchers from AhnLab Security Emergency response Center (ASEC) have uncovered an ongoing hacking campaign, aimed at poorly protected Linux SSH servers, to install the Tsunami DDoS botnet (aka Kaiten). The threat actors behind these attacks were also observed installing other […]

The post New Tsunami botnet targets Linux SSH servers appeared first on Security Affairs.

June 20, 2023
0 comment
Read More >>

Zyxel addressed critical flaw CVE-2023-27992 in NAS Devices

Zyxel released security updates to address a critical vulnerability affecting its network-attached storage (NAS) devices. Zyxel released security updates to address a critical security flaw, tracked as CVE-2023-27992 (CVSS score: 9.8), affecting its network-attached storage (NAS) devices. The vulnerability is a pre-authentication command injection issue that impacts the Zyxel NAS326 firmware versions prior to V5.21(AAZF.14)C0, NAS540 firmware […]

The post Zyxel addressed critical flaw CVE-2023-27992 in NAS Devices appeared first on Security Affairs.

June 20, 2023
0 comment
Read More >>

Tackling Data Sovereignty with DDR

Data-centric distributed resilience (DDR) offers a compelling approach to addressing data sovereignty in cybersecurity. As much of our modern life relies upon the cloud, the question of data protection is front of mind for many organizations. Those who fail to take a proactive approach to secure their data often learn the hard way how vulnerable […]

The post Tackling Data Sovereignty with DDR appeared first on Security Affairs.

June 20, 2023
0 comment
Read More >>

ASUS addressed critical flaws in some router models

ASUS addressed critical vulnerabilities in multiple router models, urging customers to immediately install firmware updates. ASUS is warning customers to update some router models to the latest firmware to address critical vulnerabilities. The impacted models are GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, […]

The post ASUS addressed critical flaws in some router models appeared first on Security Affairs.

June 20, 2023
0 comment
Read More >>