Information Security News – Page 163 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Massive Ad fraud scheme VASTFLUX targeted over 11 million devices

Researchers dismantled a sophisticated ad fraud scheme, dubbed VASTFLUX, that targeted more than 11 million devices. HUMAN’s Satori Threat Intelligence and Research Team dismantled a sophisticated ad fraud operation dubbed VASTFLUX. The name VASTFLUX comes from the evasion technique “fast flux” and VAST, the Digital Video Ad Serving Template that was abused by threat actors in this fraudulent scheme. The researchers […]

The post Massive Ad fraud scheme VASTFLUX targeted over 11 million devices appeared first on Security Affairs.

January 23, 2023

0 comment

Video game firm Riot Games hacked, now it faces problems to release content

Video game developer and publisher Riot Games announced that it will delay the release of game patches after a security incident. Riot Games is an American video game developer, publisher and esports tournament organizer known for the creation of the popular games League of Legends and Valorant. Last week threat actors hacked the company’s systems in its development environment, Riot Games […]

The post Video game firm Riot Games hacked, now it faces problems to release content appeared first on Security Affairs.

January 23, 2023

0 comment

Expert found critical flaws in OpenText Enterprise Content Management System

The OpenText enterprise content management (ECM) system is affected by multiple vulnerabilities, including a critical RCE. Armin Stock (Atos), researcher at cybersecurity firm Sec Consult, discovered multiple vulnerabilities in the OpenText enterprise content management (ECM) product. OpenText Extended ECM is an enterprise CMS platform that manages the information lifecycle by integrating with leading enterprise applications, […]

The post Expert found critical flaws in OpenText Enterprise Content Management System appeared first on Security Affairs.

January 22, 2023

0 comment

Roaming Mantis uses new DNS changer in its Wroba mobile malware

Roaming Mantis threat actors were observed using a new variant of their mobile malware Wroba to hijack DNS settings of Wi-Fi routers. Researchers from Kaspersky observed Roaming Mantis threat actors using an updated variant of their mobile malware Wroba to compromise Wi-Fi routers and hijack DNS settings. Roaming Mantis surfaced in March 2018 when hacked routers in Japan to […]

The post Roaming Mantis uses new DNS changer in its Wroba mobile malware appeared first on Security Affairs.

January 22, 2023

0 comment

Security Affairs newsletter Round 403 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. The Irish DPC fined WhatsApp €5.5M for violating GDPR Around 19,500 end-of-life Cisco routers are exposed […]

The post Security Affairs newsletter Round 403 by Pierluigi Paganini appeared first on Security Affairs.

January 22, 2023

0 comment

T-Mobile suffered a new data breach, 37 million accounts have been compromised

Bad news for T-Mobile, the company disclosed a new data breach that resulted in the theft of data belonging to 37 customer accounts. T-Mobile suffered a new data breach, threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts. The telecommunications company discovered the intrusion on January 5, 2023, the attackers obtained […]

The post T-Mobile suffered a new data breach, 37 million accounts have been compromised appeared first on Security Affairs.

January 21, 2023

0 comment

PayPal notifies 34942 users of data breach over credential stuffing attack

PayPal is sending out data breach notifications to thousands of users because their accounts were compromised through credential stuffing attacks. PayPal announced that 34942 customers’ accounts have been compromised between December 6 and December 8. The company added that the unauthorized accessed were the result of credential stuffing attacks and that its systems were not […]

The post PayPal notifies 34942 users of data breach over credential stuffing attack appeared first on Security Affairs.

January 20, 2023

0 comment

Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October

An alleged Chinese threat actor was observed exploiting the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN. Researchers from Mandiant reported that suspected Chinese threat actors exploited the recently patched CVE-2022-42475 vulnerability in FortiOS SSL-VPN as a zero-day. According to the security firm, the vulnerability was exploited in attacks against a series of targets, including a […]

The post Chinese hackers used recently patched FortiOS SSL-VPN flaw as a zero-day in October appeared first on Security Affairs.

January 20, 2023

0 comment

Experts released PoC exploit for critical Zoho ManageEngine RCE flaw

Researchers released Proof-of-concept exploit code for remote code execution flaw CVE-2022-47966 impacting multiple Zoho ManageEngine products. The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple Zoho products with SAML SSO enabled in the ManageEngine setup. The issue also impacts products that had the feature enabled in the past. The root cause of […]

The post Experts released PoC exploit for critical Zoho ManageEngine RCE flaw appeared first on Security Affairs.

January 19, 2023

0 comment

Critical Microsoft Azure RCE flaw impacted multiple services

Researchers found a new critical remote code execution (RCE) flaw impacting multiple services related to Microsoft Azure. Researchers from Ermetic found a remote code execution flaw, dubbed EmojiDeploy, that impacts Microsoft Azure services and other cloud services including Function Apps, App Service and Logic Apps. The issue is achieved through CSRF (Cross-site request forgery) on the ubiquitous […]

The post Critical Microsoft Azure RCE flaw impacted multiple services appeared first on Security Affairs.

January 19, 2023

0 comment

1 … 161 162 163 164 165 … 170

M	T	W	T	F	S	S
	1	2	3	4	5	6
7	8	9	10	11	12	13
14	15	16	17	18	19	20
21	22	23	24	25	26	27
28	29	30	31