Information Security News

CISA adds ZK Java Web Framework bug to Known Exploited Vulnerabilities Catalog

US CISA added an actively exploited vulnerability in the ZK Java Web Framework to its Known Exploited Vulnerabilities Catalog. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability, tracked as CVE-2022-36537 (CVSS score: 7.5), in the ZK Java Web open-source framework to its Known Exploited Vulnerabilities Catalog. An attacker can exploit the flaw to retrieve […]

The post CISA adds ZK Java Web Framework bug to Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

February 28, 2023
0 comment
Read More >>

Resecurity identified the investment scam network ‘Digital Smoke’

Resecurity identified one of the largest investment fraud networks, tracked as Digital Smoke, by size and volume of operations. Resecurity identified one of the largest investment fraud networks by size and volume of operations created to defraud Internet users from Australia, Canada, China, Colombia, the European Union, India, Singapore, Malaysia, United Arab Emirates, Saudi Arabia, […]

The post Resecurity identified the investment scam network ‘Digital Smoke’ appeared first on Security Affairs.

February 28, 2023
0 comment
Read More >>

LastPass: hackers breached the computer of a DevOps engineer in a second attack

Threat actors hacked the home computer of a DevOp engineer, they installed a keylogger as part of a sophisticated cyber attack. Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. Then the attackers […]

The post LastPass: hackers breached the computer of a DevOps engineer in a second attack appeared first on Security Affairs.

February 28, 2023
0 comment
Read More >>

Threat actors leak Activision employee data on hacking forum

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. A threat actor leaked on the Breached hacking forum the data allegedly stolen from the gaming giant Activision in December 2022. The threat actors claim to have obtained 19,444 unique records from an Activision Azure database […]

The post Threat actors leak Activision employee data on hacking forum appeared first on Security Affairs.

February 27, 2023
0 comment
Read More >>

PlugX Trojan disguised as a legitimate Windows open-source tool in recent attacks

Researchers detailed a new wave of attacks distributing the PlugX RAT disguised as a legitimate Windows debugger tool. Trend Micro uncovered a new wave of attacks aimed at distributing the PlugX remote access trojan masqueraded as an open-source Windows debugger tool called x32dbg. The legitimate tool allows to examine kernel-mode and user-mode code, crash dumps, or CPU […]

The post PlugX Trojan disguised as a legitimate Windows open-source tool in recent attacks appeared first on Security Affairs.

February 27, 2023
0 comment
Read More >>

Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker

The Dutch police arrested three individuals as a result of an investigation into computer trespass, data theft, extortion, extortion, and money laundering. The Dutch police announced the arrest of three men as the result of an extensive investigation into computer trespass, data theft, extortion, extortion, and money laundering The suspects were arrested by the Amsterdam […]

The post Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker appeared first on Security Affairs.

February 27, 2023
0 comment
Read More >>

PureCrypter used to deliver AgentTesla to govt organizations

An unknown threat actor is targeting government organizations with the PureCrypter downloader, Menlo Security firm reported.  Menlo Labs researchers uncovered an unknown threat actor is using the PureCrypter downloader in attacks aimed at government entities. The campaign relies on the domain of a compromised non-profit organization as a C2 server to deliver a second-stage payload. […]

The post PureCrypter used to deliver AgentTesla to govt organizations appeared first on Security Affairs.

February 27, 2023
0 comment
Read More >>

ChromeLoader campaign uses VHD files disguised as cracked games and pirated software

Threat actors behind the ChromeLoader malware campaign are using VHD files disguised as popular games, experts warn. Researchers from Ahnlab Security Emergency Response Center (ASEC) recently uncovered a malware campaign distributing the ChromeLoader using VHD files. ChromeLoader is a malicious Chrome browser extension, it is classified as a pervasive browser hijacker that modifies browser settings to redirect user traffic. […]

The post ChromeLoader campaign uses VHD files disguised as cracked games and pirated software appeared first on Security Affairs.

February 27, 2023
0 comment
Read More >>

Ransomware attack on food giant Dole Food Company blocked North America production

The producers of fruit and vegetables Dole Food Company disclosed a ransomware attack that impacted its operations. Dole Food Company is an Irish agricultural multinational corporation, it is one of the world’s largest producers of fruit and vegetables, operating with 38,500 full-time and seasonal employees who supply some 300 products in 75 countries. Dole reported 2021 revenues of $6.5 billion. The […]

The post Ransomware attack on food giant Dole Food Company blocked North America production appeared first on Security Affairs.

February 26, 2023
0 comment
Read More >>

Pro-Ukraine hackers CH01 defaced tens of Russian websites on the invasion anniversary

The group of hacktivists CH01 defaced at least 32 Russian websites to mark a protest over the one-year anniversary of the Russian invasion A group of hacktivists that goes online with the moniker CH01 defaced at least 32 Russian websites to mark a protest over the one-year anniversary of the Russian invasion. The news was […]

The post Pro-Ukraine hackers CH01 defaced tens of Russian websites on the invasion anniversary appeared first on Security Affairs.

February 26, 2023
0 comment
Read More >>