Security Affairs

Hive Ransomware Tor leak site apparently seized by law enforcement

The leak site of the Hive ransomware gang was seized due to an international operation conducted by law enforcement in ten countries. The Tor leak site used by Hive ransomware operators has been seized as part of an international operation conducted by law enforcement in 10 countries. “The Federal Bureau of Investigation seized this site […]

The post Hive Ransomware Tor leak site apparently seized by law enforcement appeared first on Security Affairs.

January 26, 2023
0 comment
Read More >>

Zacks Investment Research data breach impacted hundreds of thousands of customers

Zacks Investment Research (Zacks) disclosed a data breach, the security may have exposed the data of 820K customers. Zacks Investment Research (Zacks) disclosed a data breach, the security incident may have affected the personal information of its 820,000 customers. “On December 28, 2022, Zacks learned that an unknown third-party had gained unauthorized access to certain […]

The post Zacks Investment Research data breach impacted hundreds of thousands of customers appeared first on Security Affairs.

January 26, 2023
0 comment
Read More >>

Google Chrome 109 update addresses six security vulnerabilities

Google addressed six security vulnerabilities in its web browser Chrome, none of them actively exploited in the wild. Google released Chrome version 109.0.5414.119 for Mac and Linux and 109.0.5414.119/.120 for Windows to address a total of six vulnerabilities. Four of the addressed flaws were reported by external researchers that were awarded for more than $26,500 for their […]

The post Google Chrome 109 update addresses six security vulnerabilities appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

North Korea-linked TA444 group turns to credential harvesting activity

North Korea-linked TA444 group is behind a credential harvesting campaign targeting a number of industry verticals. Proofpoint researchers reported that North Korea-linked TA444 APT group (aka APT38, BlueNoroff, Copernicium, and Stardust Chollima) is behind a credential harvesting campaign targeting a number of industry verticals. APT38 appears to be a North Korea-linked group separate from the infamous Lazarus group, […]

The post North Korea-linked TA444 group turns to credential harvesting activity appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

French rugby club Stade Français leaks source code

Prestigious club Stade Français potentially endangered its fans for over a year after leaking its website’s source code. Stade Français is a professional rugby union club based in Paris. Founded in 1883 and competing in France’s premier rugby league, Top 14, it has established itself as one of the most successful teams in the country, […]

The post French rugby club Stade Français leaks source code appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

DragonSpark threat actor avoids detection using Golang source code Interpretation

Chinese threat actor tracked as DragonSpark targets organizations in East Asia with a Golang malware to evade detection. SentinelOne researchers spotted a Chinese-speaking actor, tracked as DragonSpark, that is targeting organizations in East Asia. The attackers employed an open source tool SparkRAT along with Golang malware that implements an uncommon technique to evade detection. “The threat […]

The post DragonSpark threat actor avoids detection using Golang source code Interpretation appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

VMware warns of critical code execution bugs in vRealize Log Insight

A critical vulnerability in VMware vRealize Log Insight appliance can allow an unauthenticated attacker to take full control of a target system. VMware addressed multiple vulnerabilities, tracked as CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, and CVE-2022-31711, in its vRealize Log Insight appliance. VRealize Log Insight is a log collection and analytics virtual appliance that enables administrators to collect, view, […]

The post VMware warns of critical code execution bugs in vRealize Log Insight appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

Pakistan hit by nationwide power outage, is it the result of a cyber attack?

Pakistan suffered a nationwide blackout, local authorities are investigating the cause and suspect it was the result of a cyberattack. On Monday, a nationwide blackout in Pakistan left millions of people in the darkness, and the authorities are investigating if it was caused by a cyberattack. The power outage impacted all the major cities in […]

The post Pakistan hit by nationwide power outage, is it the result of a cyber attack? appeared first on Security Affairs.

January 25, 2023
0 comment
Read More >>

GoTo revealed that threat actors stole customers’ backups and encryption key for some of them

GoTo is notifying customers that its development environment was breached in November 2022, attackers stole customers’ backups and encryption key. GoTo, formerly LogMeIn Inc, is a flexible-work provider of software as a service (SaaS) and cloud-based remote work tools for collaboration and IT management, The company is warning customers that threat actors breached its development environment in November 2022 and stole encrypted […]

The post GoTo revealed that threat actors stole customers’ backups and encryption key for some of them appeared first on Security Affairs.

January 24, 2023
0 comment
Read More >>

FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist

The U.S. FBI attributes the $100 million cyber heist against Harmony Horizon Bridge to North Korea-linked Lazarus APT. The U.S. Federal Bureau of Investigation (FBI) this week confirmed that in June 2022 the North Korea-linked Lazarus APT group and APT38 stole $100 million worth of cryptocurrency assets from the Blockchain company Harmony Horizon Bridge. “The FBI continues […]

The post FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist appeared first on Security Affairs.

January 24, 2023
0 comment
Read More >>