Hacking News

Barracuda ESG appliances impacted by CVE-2023-2868 must be immediately replaced

Barracuda warns customers to immediately replace Email Security Gateway (ESG) appliances impacted by the flaw CVE-2023-2868. At the end of May, the network security solutions provider Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were recently breached by threat actors exploiting a now-patched zero-day vulnerability. The vulnerability, tracked as CVE-2023-2868, resides in the […]

The post Barracuda ESG appliances impacted by CVE-2023-2868 must be immediately replaced appeared first on Security Affairs.

June 8, 2023
0 comment
Read More >>

VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks

Virtualization giant VMware addressed critical and high-severity vulnerabilities in VMware Aria Operations for Networks. Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. VMware Aria Operations for Networks (formerly vRealize Network Insight) is a network monitoring tool that helps organizations build […]

The post VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks appeared first on Security Affairs.

June 8, 2023
0 comment
Read More >>

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and […]

The post Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug appeared first on Security Affairs.

June 7, 2023
0 comment
Read More >>

June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware

June 2023 security update for Android released by Google fixes about fifty flaws, including an Arm Mali GPU bug exploited by surveillance firms in their spyware. The June 2023 Android Security Bulletin provides details about the fix for more than fifty vulnerabilities affecting Android devices. Security updates released this month also addressed a vulnerability, tracked […]

The post June 2023 Security Update for Android fixed Arm Mali GPU bug used by spyware appeared first on Security Affairs.

June 7, 2023
0 comment
Read More >>

New PowerDrop malware targets U.S. aerospace defense industry

A previously unknown threat actor has been observed targeting the U.S. aerospace defense sector with a new PowerShell malware dubbed PowerDrop. Researchers from the Adlumin Threat Research discovered a new malicious PowerShell script, dubbed PowerDrop, that was employed in attacks aimed at organizations in the U.S. aerospace sector. The PowerShell-based malware uses advanced techniques to […]

The post New PowerDrop malware targets U.S. aerospace defense industry appeared first on Security Affairs.

June 7, 2023
0 comment
Read More >>

+60,000 Android apps spotted hiding adware for past six months

Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly detection technology incorporated into Bitdefender Mobile […]

The post +60,000 Android apps spotted hiding adware for past six months appeared first on Security Affairs.

June 7, 2023
0 comment
Read More >>

NASA website flaw jeopardizes astrobiology fans

A flaw in NASA website dedicated to astrobiology could have tricked users into visiting malicious websites by disguising a dangerous URL with NASA’s name. Space travel is undoubtedly dangerous. And, apparently, so is visiting NASA ’s legitimate websites. The Cybernews research team independently discovered an open redirect vulnerability plaguing NASA’s Astrobiology website. After finding the […]

The post NASA website flaw jeopardizes astrobiology fans appeared first on Security Affairs.

June 6, 2023
0 comment
Read More >>

Hackers stole around $35 million in Atomic Wallet security breach

Threat actors have stolen more than $35 million from the decentralized cryptocurrency wallet platform Atomic Wallet. Atomic Wallet is a multi-currency cryptocurrency wallet that allows users to securely store, manage, and exchange various digital assets in a single application. It is designed to provide a user-friendly interface and a comprehensive set of features for managing […]

The post Hackers stole around $35 million in Atomic Wallet security breach appeared first on Security Affairs.

June 6, 2023
0 comment
Read More >>

Google fixed the third Chrome zero-day of 2023

Google released security updates to address a high-severity zero-day flaw in the Chrome web browser that it actively exploited in the wild. Google released security updates to address a high-severity vulnerability, tracked as CVE-2023-3079, in its Chrome web browser. The vulnerability is a type confusion issue that resides in the V8 JavaScript engine. The IT […]

The post Google fixed the third Chrome zero-day of 2023 appeared first on Security Affairs.

June 6, 2023
0 comment
Read More >>

Cyclops Ransomware group offers a multiplatform Info Stealer

Researchers from security firm Uptycs reported that threat actors linked to the Cyclops ransomware are offering a Go-based information stealer. The Cyclops group has developed multi-platform ransomware that can infect Windows, Linux, and macOS systems. In an unprecedented move, the group is also offering a separate information-stealer malware that can be used to steal sensitive data from infected […]

The post Cyclops Ransomware group offers a multiplatform Info Stealer appeared first on Security Affairs.

June 6, 2023
0 comment
Read More >>