Information Security News

Social engineering, deception becomes increasingly sophisticated

Social engineering techniques are becoming increasingly sophisticated and are exploiting multiple emerging means, such as deep fakes. The increasing use of videoconferencing platforms and the various forms of remote work also adopted in the post-emergency covid make interpersonal collaborations increasingly virtual. This scenario must undoubtedly force organizations to prepare adequately to be able to recognize […]

The post <strong>Social engineering, deception becomes increasingly sophisticated</strong> appeared first on Security Affairs.

February 20, 2023
0 comment
Read More >>

Lockbit ransomware gang hit the Portuguese municipal water utility Aguas do Porto

The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company. The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company, and is threatening to leak the stolen data. Aguas do Porto is a municipal water utility company that manages the full […]

The post Lockbit ransomware gang hit the Portuguese municipal water utility Aguas do Porto appeared first on Security Affairs.

February 20, 2023
0 comment
Read More >>

ENISA and CERT-EU warns Chinese APTs targeting EU organizations

A joint report published by ENISA and CERT-EU warns of Chinese APTs targeting businesses and government organizations in the European Union. The European Union Agency for Cybersecurity (ENISA) and CERT-EU warn of multiple China-linked threat actors targeting businesses and government organizations in the EU. The joint report focus on cyber activities conducted by multiple Chinese […]

The post ENISA and CERT-EU warns Chinese APTs targeting EU organizations appeared first on Security Affairs.

February 19, 2023
0 comment
Read More >>

Hackers disclose Atlassian data after the theft of an employee’s credentials

Atlassian discloses a data leak that was caused by the theft of employee credentials which was used to steal data from a third-party vendor. A group of hackers called SiegedSec recently published on its Telegram channel a JSON file containing data belonging to thousands of Atlassian employees and floor plans for two of the company’s […]

The post Hackers disclose Atlassian data after the theft of an employee’s credentials appeared first on Security Affairs.

February 19, 2023
0 comment
Read More >>

Security Affairs newsletter Round 407 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers GoDaddy […]

The post Security Affairs newsletter Round 407 by Pierluigi Paganini appeared first on Security Affairs.

February 19, 2023
0 comment
Read More >>

Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers

Twitter has announced that the platform will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers. To date, Twitter has offered three methods of 2FA: text message, authentication app, and security key. However, the company has announced that it will limit the use of SMS-based two-factor authentication (2FA) only to its Blue subscribers. The […]

The post Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers appeared first on Security Affairs.

February 19, 2023
0 comment
Read More >>

GoDaddy discloses a new data breach

GoDaddy discloses a security breach, threat actors have stolen source code and installed malware on its servers in a long-runing attack. Web hosting company GoDaddy announced that attackers have stolen source code and installed malware on its servers. The threat actors have breached its cPanel shared hosting environment, the company states that it is not […]

The post GoDaddy discloses a new data breach appeared first on Security Affairs.

February 18, 2023
0 comment
Read More >>

Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb

Cybersecurity vendor Fortinet has addressed two critical vulnerabilities impacting its FortiNAC and FortiWeb products. Cybersecurity firm Fortinet has released security updates to address two critical vulnerabilities in FortiNAC and FortiWeb solutions. The two vulnerabilities, tracked as CVE-2022-39952 and CVE-2021-42756, are respectively an external control of file name or path in Fortinet FortiNAC and a collection […]

The post Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb appeared first on Security Affairs.

February 17, 2023
0 comment
Read More >>

German airport websites hit by DDos attacks once again

Experts are investigating the failures of several German airports after some media attributed them to a possible hacking campaign. On Thursday, the websites of several German airports were unreachable, experts launched an investigation speculating a possible cyberattack on a large scale against the critical infrastructure. Ralph Beisel. chief executive of the ADV airport association, confirmed […]

The post German airport websites hit by DDos attacks once again appeared first on Security Affairs.

February 17, 2023
0 comment
Read More >>

Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine

Cisco addressed a critical vulnerability in the ClamAV open source antivirus engine that can lead to remote code execution on vulnerable devices. Cisco fixed a critical flaw, tracked as CVE-2023-20032 (CVSS score: 9.8), in the ClamAV open source antivirus engine. The vulnerability resides in the residing in the HFS+ file parser component, an attacker can trigger […]

The post Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine appeared first on Security Affairs.

February 17, 2023
0 comment
Read More >>