IT Information Security

Sandworm APT group hit Ukrainian news agency with five data wipers

The Ukrainian (CERT-UA) discovered five different wipers deployed on the network of the country’s national news agency, Ukrinform. On January 17, 2023, the Telegram channel “CyberArmyofRussia_Reborn” reported the compromise of the systems at the Ukrainian National Information Agency “Ukrinform”. The Ukrainian Computer Emergency Response Team (CERT-UA) immediately investigated the claims and as of January 27, […]

The post Sandworm APT group hit Ukrainian news agency with five data wipers appeared first on Security Affairs.

January 30, 2023
0 comment
Read More >>

UNC2565 threat actors continue to improve the GOOTLOADER malware

The threat actors behind the GOOTLOADER malware continues to improve their code by adding new components and implementing new obfuscation techniques. Mandiant researchers reported that the UNC2565 group behind the GOOTLOADER malware (aka Gootkit) continues to improve their code by adding new components and implementing new obfuscation techniques. Gootkit runs on an access-a-as-a-service model, it is used […]

The post UNC2565 threat actors continue to improve the GOOTLOADER malware appeared first on Security Affairs.

January 30, 2023
0 comment
Read More >>

Alleged member of ShinyHunters group extradited to the US, could face 116 years in jail

An alleged member of the ShinyHunters cybercrime gang has been extradited from Morocco to the United States. Sebastien Raoult, a French national who is suspected of being a member of ShinyHunters cybercrime gang known as “Seyzo Kaizen,” has been extradited from Morocco to the United States. The 22-year-old man was arrested in Morocco at Rabat […]

The post Alleged member of ShinyHunters group extradited to the US, could face 116 years in jail appeared first on Security Affairs.

January 29, 2023
0 comment
Read More >>

Pro-Russia group Killnet targets Germany due to its support to Ukraine

Pro-Russia group Killnet launched last week DDoS attacks against the websites of German airports, administration bodies, and banks. The Pro-Russia group Killnet is behind the DDoS attacks that last week hit the websites of German airports, administration bodies, and banks. The attacks are the hacktivists’ response to the German government’s decision to send Leopard 2 tanks to […]

The post Pro-Russia group Killnet targets Germany due to its support to Ukraine appeared first on Security Affairs.

January 29, 2023
0 comment
Read More >>

Security Affairs newsletter Round 404 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper […]

The post Security Affairs newsletter Round 404 by Pierluigi Paganini appeared first on Security Affairs.

January 29, 2023
0 comment
Read More >>

Watch out! Experts plans to release VMware vRealize Log RCE exploit next week

Horizon3’s Attack Team made the headlines again announcing the releasse of a PoC exploit code for remote code execution in VMware vRealize Log. Researchers from the Horizon3’s Attack Team announced the release of PoC exploit code for remote code execution in VMware vRealize Log. The PoC exploit code will trigger a series of flaws in […]

The post Watch out! Experts plans to release VMware vRealize Log RCE exploit next week appeared first on Security Affairs.

January 29, 2023
0 comment
Read More >>

Copycat Criminals mimicking Lockbit gang in northern Europe

Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. Executive Summary Incident Insights Recently, there has been a significant increase in ransomware attacks targeting companies in northern Europe. These attacks are being carried out using the LockBit locker, which is known to be in use […]

The post Copycat Criminals mimicking Lockbit gang in northern Europe appeared first on Security Affairs.

January 29, 2023
0 comment
Read More >>

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The experts believe that the Russia-linked APT group Sandwork (aka BlackEnergy and TeleBots) is behind the wiper attacks. The Sandworm group has been […]

The post Sandworm APT targets Ukraine with new SwiftSlicer wiper appeared first on Security Affairs.

January 28, 2023
0 comment
Read More >>

ISC fixed high-severity flaws in DNS software suite BIND

The latest BIND updates patch multiple remotely exploitable vulnerabilities that could lead to denial-of-service (DoS). BIND is a suite of software for interacting with the Domain Name System (DNS) maintained by the Internet Systems Consortium (ISC). The ISC released security patches to address multiple high-severity denial-of-service DoS vulnerabilities in the DNS software suite. Threat actors can exploit […]

The post ISC fixed high-severity flaws in DNS software suite BIND appeared first on Security Affairs.

January 28, 2023
0 comment
Read More >>

Patch management is crucial to protect Exchange servers, Microsoft warns

Microsoft warns customers to patch their Exchange servers because attackers always look to exploit unpatched installs. Microsoft published a post to urge its customers to protect their Exchange servers because threat actors actively attempt to exploit vulnerabilities in unpatched installs. The IT giant recommends installing the latest available Cumulative Update (CU) and Security Update (SU) […]

The post Patch management is crucial to protect Exchange servers, Microsoft warns appeared first on Security Affairs.

January 28, 2023
0 comment
Read More >>