Security Affairs

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

The U.K. National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. The U.K. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals. The UK agency reported ongoing spear-phishing […]

The post UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups appeared first on Security Affairs.

January 27, 2023
0 comment
Read More >>

An unfaithful employee leaked Yandex source code repositories

A source code repository allegedly stolen by a former employee of the Russian tech giant Yandex has been leaked online. A Yandex source code repository allegedly stolen by a former employee of the Russian IT giant has been leaked on a popular cybercrime forum. The announcement published on BreachForums includes a magnet link to the alleged […]

The post An unfaithful employee leaked Yandex source code repositories appeared first on Security Affairs.

January 26, 2023
0 comment
Read More >>

Hive Ransomware Tor leak site apparently seized by law enforcement

The leak site of the Hive ransomware gang was seized due to an international operation conducted by law enforcement in ten countries. The Tor leak site used by Hive ransomware operators has been seized as part of an international operation conducted by law enforcement in 10 countries. “The Federal Bureau of Investigation seized this site […]

The post Hive Ransomware Tor leak site apparently seized by law enforcement appeared first on Security Affairs.

January 26, 2023
0 comment
Read More >>

Zacks Investment Research data breach impacted hundreds of thousands of customers

Zacks Investment Research (Zacks) disclosed a data breach, the security may have exposed the data of 820K customers. Zacks Investment Research (Zacks) disclosed a data breach, the security incident may have affected the personal information of its 820,000 customers. “On December 28, 2022, Zacks learned that an unknown third-party had gained unauthorized access to certain […]

The post Zacks Investment Research data breach impacted hundreds of thousands of customers appeared first on Security Affairs.

January 26, 2023
0 comment
Read More >>

Google Chrome 109 update addresses six security vulnerabilities

Google addressed six security vulnerabilities in its web browser Chrome, none of them actively exploited in the wild. Google released Chrome version 109.0.5414.119 for Mac and Linux and 109.0.5414.119/.120 for Windows to address a total of six vulnerabilities. Four of the addressed flaws were reported by external researchers that were awarded for more than $26,500 for their […]

The post Google Chrome 109 update addresses six security vulnerabilities appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

North Korea-linked TA444 group turns to credential harvesting activity

North Korea-linked TA444 group is behind a credential harvesting campaign targeting a number of industry verticals. Proofpoint researchers reported that North Korea-linked TA444 APT group (aka APT38, BlueNoroff, Copernicium, and Stardust Chollima) is behind a credential harvesting campaign targeting a number of industry verticals. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, […]

The post North Korea-linked TA444 group turns to credential harvesting activity appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

French rugby club Stade Français leaks source code

Prestigious club Stade Français potentially endangered its fans for over a year after leaking its website’s source code. Stade Français is a professional rugby union club based in Paris. Founded in 1883 and competing in France’s premier rugby league, Top 14, it has established itself as one of the most successful teams in the country, […]

The post French rugby club Stade Français leaks source code appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

DragonSpark threat actor avoids detection using Golang source code Interpretation

Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. SentinelOne researchers spotted a Chinese-speaking actor, tracked as DragonSpark, that is targeting organizations in East Asia. The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. “The threat […]

The post DragonSpark threat actor avoids detection using Golang source code Interpretation appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

VMware warns of critical code execution bugs in vRealize Log Insight

A critical vulnerability in VMware vRealize Log Insight appliance can allow an unauthenticated attacker to take full control of a target system. VMware addressed multiple vulnerabilities, tracked as CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, and CVE-2022-31711, in its vRealize Log Insight appliance. VRealize Log Insight is a log collection and analytics virtual appliance that enables administrators to collect, view, […]

The post VMware warns of critical code execution bugs in vRealize Log Insight appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

Pakistan hit by nationwide power outage, is it the result of a cyber attack?

Pakistan suffered a nationwide blackout, local authorities are investigating the cause and suspect it was the result of a cyberattack. On Monday, a nationwide blackout in Pakistan left millions of people in the darkness, and the authorities are investigating if it was caused by a cyberattack. The power outage impacted all the major cities in […]

The post Pakistan hit by nationwide power outage, is it the result of a cyber attack? appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>