Information Security News

The number of devices infected by the MyloBot botnet is rapidly increasing

Researchers warn that the MyloBot botnet is rapidly spreading and it is infecting thousands of systems worldwide. The MyloBot botnet has been active since 2017 and was first detailed by cybersecurity firm Deep Instinct in 2018. MyloBot is a highly evasive Windows botnet that supports advanced anti-analysis techniques. The first sample of the bot analyzed by the […]

The post The number of devices infected by the MyloBot botnet is rapidly increasing appeared first on Security Affairs.

February 23, 2023
0 comment
Read More >>

Experts found a large new class of bugs ‘class’ in Apple devices

Tech giant Apple discloses three new vulnerabilities affecting its iOS, iPadOS, and macOS operating systems. Apple updated its advisories by adding three new vulnerabilities, tracked as CVE-2023-23520, CVE-2023-23530 and CVE-2023-23531, that affect iOS, iPadOS, and macOS. An attacker can trigger the CVE-2023-23530 flaw to execute arbitrary code out of its sandbox or with certain elevated privileges. The vulnerability resides in the Foundation […]

The post Experts found a large new class of bugs ‘class’ in Apple devices appeared first on Security Affairs.

February 22, 2023
0 comment
Read More >>

CISA adds IBM Aspera Faspex and Mitel MiVoice to Known Exploited Vulnerabilities Catalog

US CISA added actively exploited flaws in IBM Aspera Faspex and Mitel MiVoice to its Known Exploited Vulnerabilities Catalog. US CISA added the following actively exploited flaws to its Known Exploited Vulnerabilities Catalog: CVE-2022-47986 (CVSS score: 9.8) – IBM Aspera Faspex Code Execution Vulnerability – A remote attacker can trigger the vulnerability to execute arbitrary code on […]

The post CISA adds IBM Aspera Faspex and Mitel MiVoice to Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

February 22, 2023
0 comment
Read More >>

VMware addressed a critical bug in Carbon Black App Control

VMware released security updates to address a critical vulnerability, tracked as CVE-2023-20858, in the Carbon Black App Control product. VMware addressed a critical injection vulnerability, tracked as (CVSSv3 score 9.1), Carbon Black App Control. VMware Carbon Black App Control allows organizations to ensure that only trusted and approved software is allowed to execute on their critical […]

The post VMware addressed a critical bug in Carbon Black App Control appeared first on Security Affairs.

February 22, 2023
0 comment
Read More >>

PoC exploit code for critical Fortinet FortiNAC bug released online

Researchers released a proof-of-concept exploit code for the critical CVE-2022-39952 vulnerability in the Fortinet FortiNAC network access control solution. Researchers at Horizon3 cybersecurity firm have released a proof-of-concept exploit for a critical-severity vulnerability, tracked as CVE-2022-39952, in Fortinet’s FortiNAC network access control solution. Last week, Fortinet has released security updates to address two critical vulnerabilities in FortiNAC […]

The post PoC exploit code for critical Fortinet FortiNAC bug released online appeared first on Security Affairs.

February 22, 2023
0 comment
Read More >>

HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost

Recently emerged HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost. The HardBit ransomware group first appeared on the threat landscape in October 2022, but unlike other ransomware operations, it doesn’t use a double extortion model at this time. The gang threatens victims of further attacks if their ransom […]

The post HardBit ransomware gang adjusts their demands so the insurance company would cover the ransom cost appeared first on Security Affairs.

February 21, 2023
0 comment
Read More >>

Resecurity warns about cyber-attacks on data center service providers

Resecurity warns about the increase of malicious cyber activity targeting data center service providers globally. According to the detailed report recently released by the California-based cybersecurity company, during September 2021, Resecurity notified several data center organizations about malicious cyber activity targeting them and their customers. Such organizations act as a critical part of the enterprise […]

The post Resecurity warns about cyber-attacks on data center service providers appeared first on Security Affairs.

February 21, 2023
0 comment
Read More >>

Stealc, a new advanced infostealer appears in the threat landscape

Researchers spotted a new information stealer, called Stealc, which supports a wide set of stealing capabilities. In January 2023, researchers at SEKOIA.IO discovered a new information stealer, dubbed Stealc, which was advertised in the dark web forums. The malware was developed by a threat actor that uses the moniker Plymouth who claims the info-stealer supports a […]

The post Stealc, a new advanced infostealer appears in the threat landscape appeared first on Security Affairs.

February 21, 2023
0 comment
Read More >>

A sophisticated threat actor hit cryptocurrency exchange Coinbase

The Coinbase cryptocurrency exchange was the victim of a sophisticated cyberattack, experts believe is was targeted by Twilio hackers. A sophisticated threat actor launched a smishing campaign against the employees of the cryptocurrency exchange Coinbase. According to the company, on February 5, 2023, some of its employees received text messages requesting them to urgently log […]

The post A sophisticated threat actor hit cryptocurrency exchange Coinbase appeared first on Security Affairs.

February 21, 2023
0 comment
Read More >>

Samsung announces Message Guard feature to neutralize zero-click attacks

Samsung introduces a new protection feature called Message Guard to protect users from zero-click malware attacks. Samsung announced the implementation of a new security feature called Message Guard that aims at protecting users from malicious code that can be installed via zero-click attacks. Zero-click exploits allow attackers to compromise the target device without any user interaction, for example, a […]

The post Samsung announces Message Guard feature to neutralize zero-click attacks appeared first on Security Affairs.

February 20, 2023
0 comment
Read More >>