Security Affairs

Hacker stole credit cards from the website of Canada’s largest alcohol retailer LCBO

The Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed Magecart attack. Canadian Liquor Control Board of Ontario (LCBO), the largest beverage alcohol retailer in the country, disclosed a Magecart attack on January 10, 2023. Threat actors compromised the Canadian Liquor Control Board of Ontario’s website and injected […]

The post Hacker stole credit cards from the website of Canada’s largest alcohol retailer LCBO appeared first on Security Affairs.

January 15, 2023
0 comment
Read More >>

Security Affairs newsletter Round 402 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Most internet-exposed Cacti servers exposed to hacking French CNIL fined Tiktok $5.4 Million for violating cookie […]

The post Security Affairs newsletter Round 402 by Pierluigi Paganini appeared first on Security Affairs.

January 15, 2023
0 comment
Read More >>

Most internet-exposed Cacti servers exposed to hacking

Most internet-exposed Cacti servers are vulnerable to the critical vulnerability CVE-2022-46169 which is actively exploited in the wild. Cacti is an open-source platform that provides a robust and extensible operational monitoring and fault management framework for users. Researchers from Censys discovered that the majority of internet-exposed Cacti servers are vulnerable to the critical flaw CVE-2022-46169 […]

The post Most internet-exposed Cacti servers exposed to hacking appeared first on Security Affairs.

January 15, 2023
0 comment
Read More >>

French CNIL fined Tiktok $5.4 Million for violating cookie laws

French data protection watchdog fined short-form video hosting service TikTok €5 million for breaking cookie consent rules. The Commission nationale de l’informatique et des libertés (CNIL) has fined short-form video hosting service TikTok €5 million (about $5.4 million) for violating cookie consent rules. French data protection watchdog claims that users are not able to refuse cookies, as easily […]

The post French CNIL fined Tiktok $5.4 Million for violating cookie laws appeared first on Security Affairs.

January 14, 2023
0 comment
Read More >>

NortonLifeLock: threat actors breached Norton Password Manager accounts

Gen Digital, formerly Symantec Corporation and NortonLifeLock, warns that hackers breached Norton Password Manager accounts. Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton Password Manager accounts in credential-stuffing attacks. The company detected an unusually large volume of failed logins to customer accounts on December 12, 2022, and […]

The post NortonLifeLock: threat actors breached Norton Password Manager accounts appeared first on Security Affairs.

January 14, 2023
0 comment
Read More >>

LockBit ransomware operation behind the Royal Mail cyberattack

The cyberattack on Royal Mail, Britain’s postal service, is a ransomware attack that was linked to the LockBit ransomware operation. Royal Mail, the British multinational postal service and courier company, this week announced that a “cyber incident” has a severe impact on its operation. The incident only impacted Royal Mail’s international export services, the company said it is temporarily […]

The post LockBit ransomware operation behind the Royal Mail cyberattack appeared first on Security Affairs.

January 13, 2023
0 comment
Read More >>

Threat actors target govt networks exploiting Fortinet SSL-VPN CVE-2022-42475 bug

Recently patched Fortinet FortiOS SSL-VPN zero-day exploited in attacks against government organizations and government-related targets. Fortinet researchers reported that threat actors exploited the recently patched FortiOS SSL-VPN vulnerability (CVE-2022-42475) in attacks against government organizations and government-related targets. In December, the security vendor urged its customers to update their installs to address an actively exploited FortiOS SSL-VPN […]

The post Threat actors target govt networks exploiting Fortinet SSL-VPN CVE-2022-42475 bug appeared first on Security Affairs.

January 13, 2023
0 comment
Read More >>

Critical bug in Cisco EoL Small Business Routers will receive no patch

Cisco warns of a critical flaw in small business RV016, RV042, RV042G, and RV082 routers, which have reached end of life (EoL). Cisco is warning of a critical vulnerability, tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042, RV042G, and RV082 routers. The IT giant announced that these devices will receive no security […]

The post Critical bug in Cisco EoL Small Business Routers will receive no patch appeared first on Security Affairs.

January 13, 2023
0 comment
Read More >>

Threat actors actively exploit Control Web Panel RCE following PoC release

Threat actors are actively exploiting a recently patched critical remote code execution (RCE) vulnerability in Control Web Panel (CWP). Threat actors are actively exploiting a recently patched critical vulnerability, tracked as CVE-2022-44877 (CVSS score: 9.8), in Control Web Panel (CWP). The exploitation attempts began on January 6, 2023, after a proof-of-concept (PoC) exploit code was published […]

The post Threat actors actively exploit Control Web Panel RCE following PoC release appeared first on Security Affairs.

January 12, 2023
0 comment
Read More >>

Threat actors claim access to Telegram servers through insiders

Researchers reported that a threat actor claims to provide access to internal servers at Telegram for $20,000. SafetyDetectives reported that a member of a dark web marketplace is claiming to provide access to internal servers at Telegram for $20,000. The seller claims that the access is permanent because is provided by insiders that are staff […]

The post Threat actors claim access to Telegram servers through insiders appeared first on Security Affairs.

January 12, 2023
0 comment
Read More >>