Pierluigi Paganini – Page 244 – MCYSEKA-Maritime Cyber Security Knowledge Archive

RTM Locker, a new RaaS gains notorieties in the threat landscape

Cybersecurity firm Trellix analyzed the activity of an emerging cybercriminal group called ‘Read The Manual’ RTM Locker. Researchers from cybersecurity firm Trellix have detailed the tactics, techniques, and procedures of an emerging cybercriminal gang called ‘Read The Manual RTM Locker. The group provides a ransomware-as-a-service (RaaS) and provides its malicious code to a network of […]

The post RTM Locker, a new RaaS gains notorieties in the threat landscape appeared first on Security Affairs.

April 14, 2023

0 comment

Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products

Chinese video surveillance giant Hikvision addressed a critical vulnerability in its Hybrid SAN and cluster storage products. Chinese video surveillance giant Hikvision addressed an access control vulnerability, tracked as CVE-2023-28808, affecting its Hybrid SAN and cluster storage products. An attacker with network access to the device can exploit the issue to obtain admin permission. The […]

The post Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products appeared first on Security Affairs.

April 14, 2023

0 comment

The Russia-linked APT29 is behind recent attacks targeting NATO and EU

Poland intelligence linked the Russian APT29 group to a series of attacks targeting NATO and European Union countries. Poland’s Military Counterintelligence Service and its Computer Emergency Response Team linked a recent string of attacks targeting NATO and European Union countries to the Russia-linked APT29 group (aka SVR group, Cozy Bear, Nobelium, and The Dukes). APT29 along with APT28 cyber espionage group […]

The post The Russia-linked APT29 is behind recent attacks targeting NATO and EU appeared first on Security Affairs.

April 13, 2023

0 comment

Fortinet fixed a critical vulnerability in its Data Analytics product

Fortinet addressed a critical vulnerability that can lead to remote, unauthenticated access to Redis and MongoDB instances. Fortinet has addressed a critical vulnerability, tracked as CVE-2022-41331 (CVSS score of 9.3), in its Fortinet FortiPresence data analytics solution. FortiPresence is a comprehensive data analytics solution designed for analyzing user traffic and deriving usage patterns. Successful exploitation can […]

The post Fortinet fixed a critical vulnerability in its Data Analytics product appeared first on Security Affairs.

April 13, 2023

0 comment

How to Combat Insider Threats

Knowing that insider threats are a risk is one thing. Knowing how to fight them off is entirely another. Dealing with issues of insider cyber risk can be different and nuanced. It’s hard to admit that someone from within the company could ‘not be who they say they are’, and it takes a group effort […]

The post How to Combat Insider Threats appeared first on Security Affairs.

April 13, 2023

0 comment

Hyundai suffered a data breach that impacted customers in France and Italy

Hyundai disclosed a data breach that impacted Italian and French car owners and clients who booked a test drive. Hyundai has suffered a data breach that impacted Italian and French car owners and customers who booked a test drive. Threat actors had access to the email addresses, physical addresses, telephone numbers, and vehicle chassis numbers […]

The post Hyundai suffered a data breach that impacted customers in France and Italy appeared first on Security Affairs.

April 13, 2023

0 comment

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. The victims include journalists, political opposition figures, and an NGO worker […]

The post QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit appeared first on Security Affairs.

April 12, 2023

0 comment

SAP April 2023 security updates fix critical vulnerabilities

SAP fixed two critical bugs that affect the Diagnostics Agent and the BusinessObjects Business Intelligence Platform. SAP April 2023 security updates include a total of 24 notes, 19 of which are new vulnerabilities. The most critical vulnerabilities are: The complete list of the notes is reported in the latest security bulletin: SAP administrators are urged to […]

The post SAP April 2023 security updates fix critical vulnerabilities appeared first on Security Affairs.

April 12, 2023

0 comment

OpenAI launched a bug bounty program

AI company OpenAI launched a bug bounty program and announced payouts of up to $20,000 for security flaws in its ChatGPT chatbot service. OpenAI launched a bug bounty program and it is offering up to $20,000 to bug hunters that will report vulnerabilities in its ChatGPT chatbot service. The company explained that ChatGPT is in […]

The post OpenAI launched a bug bounty program appeared first on Security Affairs.

April 12, 2023

0 comment

Cybercrime group exploits Windows zero-day in ransomware attacks

Microsoft has addressed a zero-day in the Windows Common Log File System (CLFS) actively exploited in ransomware attacks. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2023-28252, in the Windows Common Log File System (CLFS), which is actively exploited in ransomware attacks. Microsoft fixed the issue with the release of Patch Tuesday security updates for […]

The post Cybercrime group exploits Windows zero-day in ransomware attacks appeared first on Security Affairs.

April 12, 2023

0 comment

1 … 242 243 244 245 246 … 284