Hacking News

KeePass 2.X Master Password Dumper allows retrieving the KeePass master password

A researcher published a PoC tool to retrieve the master password from KeePass by exploiting the CVE-2023-32784 vulnerability. Security researcher Vdohney released a PoC tool called KeePass 2.X Master Password Dumper that allows retrieving the master password for KeePass. The tool exploits the unpatched KeePass vulnerability, tracked CVE-2023-32784, to retrieve the master password from the memory […]

The post KeePass 2.X Master Password Dumper allows retrieving the KeePass master password appeared first on Security Affairs.

May 18, 2023
0 comment
Read More >>

Admin of the darknet carding platform Skynet Market pleads guilty

A US national has pleaded guilty to operating the carding site Skynet Market and selling financial information belonging to tens of thousands of US victims. The U.S. national Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, pleaded guilty to operating a carding site on the dark web called Skynet Market and selling financial […]

The post Admin of the darknet carding platform Skynet Market pleads guilty appeared first on Security Affairs.

May 18, 2023
0 comment
Read More >>

Critical fixed critical flaws in Cisco Small Business Switches

Cisco fixed nine flaws in its Small Business Series Switches that could be exploited to execute arbitrary code or cause a DoS condition. Cisco has released security updates to address nine security vulnerabilities in the web-based user interface of certain Small Business Series Switches that could be exploited by an unauthenticated, remote attacker to execute […]

The post Critical fixed critical flaws in Cisco Small Business Switches appeared first on Security Affairs.

May 18, 2023
0 comment
Read More >>

Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE)

The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) announced that Ukraine, Ireland, Japan and Iceland joined the organization. The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) is a multinational organization established to enhance cyber defence capabilities and promote cooperation among NATO member countries and partner nations. “On its 15th anniversary, the NATO Cooperative Cyber […]

The post Ukraine, Ireland, Japan and Iceland join NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) appeared first on Security Affairs.

May 18, 2023
0 comment
Read More >>

Monitoring the dark web to identify threats to energy sector organizations

Searchlight Cyber researchers warn of threat actors that are offering on the dark web access to energy sector organizations. Dark web intelligence firm Searchlight Cyber published a report that analyzes how threat actors in the dark web prepare their malicious operations against energy organizations. The threat actors use the hidden part of the web to […]

The post Monitoring the dark web to identify threats to energy sector organizations appeared first on Security Affairs.

May 18, 2023
0 comment
Read More >>

US Gov offers a $10M reward for a Russian ransomware actor

The US government is offering a $10M reward for Russian national Mikhail Pavlovich Matveev (30) charged for his role in ransomware attacks The US Justice Department charged Russian national Mikhail Pavlovich Matveev (30), aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar, for his alleged role in multiple ransomware attacks. The DoJ unsealed two indictments charging the man […]

The post US Gov offers a $10M reward for a Russian ransomware actor appeared first on Security Affairs.

May 17, 2023
0 comment
Read More >>

University admission platform Leverage EDU exposed student passports

The popular university admission platform Leverage EDU leaked almost 240,000 sensitive files, including students’ passports, financial documents, certificates, and exam results. The Cybernews research team discovered that Leverage EDU leaked extremely sensitive data due to the misconfiguration of their systems. As no authentication was required, anybody could access all of the student’s personal information needed […]

The post University admission platform Leverage EDU exposed student passports appeared first on Security Affairs.

May 17, 2023
0 comment
Read More >>

Lacroix Group shut down three facilities after a ‘targeted cyberattack’

French electronics manufacturer Lacroix Group shut down three plants after a cyber attack, experts believe it was the victim of a ransomware attack. The French electronics manufacturer Lacroix Group shut down three facilities in France, Germany, and Tunisia in response to a cyber attack. The group designs and manufactures electronic equipment for its customers in […]

The post Lacroix Group shut down three facilities after a ‘targeted cyberattack’ appeared first on Security Affairs.

May 17, 2023
0 comment
Read More >>

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

China-linked APT group Mustang Panda employed a custom firmware implant targeting TP-Link routers in targeted attacks since January 2023. Since January 2023, Check Point Research monitored a series of targeted attacks aimed at European foreign affairs entities that have been linked to the China-linked cyberespionage group Mustang Panda (aka Camaro Dragon, RedDelta or “Bronze President). MustangPanda […]

The post China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant appeared first on Security Affairs.

May 16, 2023
0 comment
Read More >>

CISA adds Ruckus bug and another six flaws to its Known Exploited Vulnerabilities catalog

US Cybersecurity and Infrastructure Security Agency (CISA) added seven new flaws to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog: CVE-2023-25717 – Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the […]

The post CISA adds Ruckus bug and another six flaws to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

May 16, 2023
0 comment
Read More >>