Pierluigi Paganini

Latitude Data breach is worse than initially estimated. 14 million individuals impacted

Australian loan giant Latitude Financial Services (Latitude) revealed that a data breach its has suffered impacted 14 million customers. The data breach suffered by Latitude Financial Services (Latitude) is much more serious than initially estimated. The company initially determined that the number of impacted individuals was 328,000, but now confirmed that the real number of […]

The post Latitude Data breach is worse than initially estimated. 14 million individuals impacted appeared first on Security Affairs.

March 28, 2023
0 comment
Read More >>

Europol warns of criminal use of ChatGPT

Europol warns of cybercriminal organizations can take advantage of systems based on artificial intelligence like ChatGPT. EU police body Europol warned about the potential abuse of systems based on artificial intelligence, such as the popular chatbot ChatGPT, for cybercriminal activities. Cybercriminal groups can use chatbot like ChatGPT in social engineering attacks, disinformation campaigns, and other […]

The post Europol warns of criminal use of ChatGPT appeared first on Security Affairs.

March 28, 2023
0 comment
Read More >>

Telecom giant Lumen suffered a ransomware attack and disclose a second incident

Telecommunications giant Lumen Technologies discovered two cybersecurity incidents, including a ransomware attack. In a filing to the Securities and Exchange Commission, on March 27, 2023, Lumen announced two cybersecurity incidents. One of the incidents is a ransomware attack that impacted a limited number of its servers that support a segmented hosting service. The company did […]

The post Telecom giant Lumen suffered a ransomware attack and disclose a second incident appeared first on Security Affairs.

March 28, 2023
0 comment
Read More >>

Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices

Apple released updates to backport security patches that address actively exploited CVE-2023-23529 WebKit zero-day for older iPhones and iPads. Apple released security updates to backport patches that address an actively exploited zero-day flaw (CVE-2023-23529) for older iPhones and iPads. The CVE-2023-23529 flaw is a type confusion issue in WebKit that was addressed by the IT giant with […]

The post Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices appeared first on Security Affairs.

March 28, 2023
0 comment
Read More >>

New MacStealer macOS malware appears in the cybercrime underground

A new MacStealer macOS malware allows operators to steal iCloud Keychain data and passwords from infected systems. Uptycs researchers team discovered a new macOS information stealer, called MacStealer, which allows operators to steal iCloud Keychain data and passwords from infected systems. The macOS malware can steal documents, credit card data, cookies from a victim’s browser […]

The post New MacStealer macOS malware appears in the cybercrime underground appeared first on Security Affairs.

March 27, 2023
0 comment
Read More >>

Updates from the MaaS: new threats delivered through NullMixer

A technical analysis of NullMixer malware operation revealed Italy and France are the favorite European countries from the attackers’ perspective. Executive Summary Introduction During March 2023, we obtained information and data regarding an ongoing malware operation hitting more than 8.000 targets within a few weeks, with a particular emphasis on North American, Italian, and French […]

The post Updates from the MaaS: new threats delivered through NullMixer appeared first on Security Affairs.

March 27, 2023
0 comment
Read More >>

Technical analysis of China-linked Earth Preta APT’s infection chain

China-linked Earth Preta cyberespionage group has been observed adopting new techniques to bypass security solutions. Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. Earth Preta, also known as “RedDelta” or “Bronze President,” has been active since at least […]

The post Technical analysis of China-linked Earth Preta APT’s infection chain appeared first on Security Affairs.

March 27, 2023
0 comment
Read More >>

Malicious Python Package uses Unicode support to evade detection 

Researchers discovered a malicious package on PyPI that uses Unicode to evade detection while stealing sensitive data. Supply chain security firm Phylum discovered a malicious Python package on the Python Package Index (PyPI) repository that uses Unicode to evade detection and deliver information-stealing malware. The package, named onyxproxy, was uploaded to the PyPI repository on March […]

The post Malicious Python Package uses Unicode support to evade detection  appeared first on Security Affairs.

March 27, 2023
0 comment
Read More >>

OpenAI: A Redis bug caused a recent ChatGPT data exposure incident

OpenAI revealed that a Redis bug was the root cause of the recent exposure of users’ personal information and chat titles in ChatGPT service. On Friday, OpenAI revealed that the recent exposure of users’ personal information and chat titles in its chatbot service was caused by a bug in the Redis open-source library. On March […]

The post OpenAI: A Redis bug caused a recent ChatGPT data exposure incident appeared first on Security Affairs.

March 27, 2023
0 comment
Read More >>

Microsoft shares guidance for investigating attacks exploiting CVE-2023-23397

Microsoft is warning of cyber attacks exploiting a recently patched Outlook vulnerability tracked as CVE-2023-23397 (CVSS score: 9.8). Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability tracked as CVE-2023-23397. The flaw is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass. A remote, unauthenticated attacker can exploit the flaw to […]

The post Microsoft shares guidance for investigating attacks exploiting CVE-2023-23397 appeared first on Security Affairs.

March 26, 2023
0 comment
Read More >>