Security News

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Google’s Threat Analysis Group (TAG) warns of a North Korea-linked cyberespionage group tracked as ARCHIPELAGO. Google’s Threat Analysis Group (TAG) is warning of the North Korea-linked ARCHIPELAGO group that is targeting government and military personnel, think tanks, policy makers, academics, and researchers in South Korea, the US and elsewhere. Google experts are tracking ARCHIPELAGO since […]

The post Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group appeared first on Security Affairs.

April 6, 2023
0 comment
Read More >>

Nexx bugs allow to open garage doors, and take control of alarms and plugs

A series of vulnerabilities in multiple smart devices manufactured by Nexx can be exploited to remotely open garage doors, and take control of alarms and plugs. In late 2022, the researcher Sam Sabetan discovered a series of critical vulnerabilities in several smart devices manufactured by Nexx, including Smart Garage Door Openers, Alarms, and Plugs. A […]

The post Nexx bugs allow to open garage doors, and take control of alarms and plugs appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

Tax preparation and e-file service eFile.com compromised to serve malware

The eFile.com online service, which is authorized by the US Internal Revenue Service (IRS), was spotted serving malicious malware to visitors. eFile.com, the personal online tax preparation and e-file service authorized by the US Internal Revenue Service (IRS), was spotted serving malware to visitors. The service helps taxpayers to file tax returns, experts reported that […]

The post Tax preparation and e-file service eFile.com compromised to serve malware appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

HP would take up to 90 days to fix a critical bug in some business-grade printers

HP would take up to 90 days to address a critical flaw, tracked as CVE-2023-1707, that resides in the firmware of some business-grade printers. HP is aware of a critical vulnerability, tracked as CVE-2023-1707 (CVSS v3.1 score 9.1), that affects tens of HP Enterprise LaserJet and HP LaserJet Managed Printers models. The exploitation of the […]

The post HP would take up to 90 days to fix a critical bug in some business-grade printers appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

Law enforcement seized the Genesis Market cybercrime marketplace

Law enforcement seized the Genesis Market black marketplace, a platform focused on the sale of stolen credentials, as part of Operation Cookie Monster. The FBI seized the Genesis Market, a black marketplace for stolen credentials that was launched in 2017. Genesis Market was an invite-only marketplace, but it was not complex to find invite codes online. […]

The post Law enforcement seized the Genesis Market cybercrime marketplace appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

STYX Marketplace emerged in Dark Web focused on Financial Fraud

Resecurity has recently identified the STYX Marketplace, a new cybercriminal e-commerce platform with a specialized focus on financial fraud and money laundering. The STYX marketplace was launched at the beginning of 2023. This platform is specifically designed to facilitate financial crime, providing cybercriminals with a range of services, including stolen financial data, credit card information, […]

The post STYX Marketplace emerged in Dark Web focused on Financial Fraud appeared first on Security Affairs.

April 5, 2023
0 comment
Read More >>

ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs

An ALPHV/BlackCat ransomware affiliate was spotted exploiting vulnerabilities in the Veritas Backup solution. An affiliate of the ALPHV/BlackCat ransomware gang, tracked as UNC4466, was observed exploiting three vulnerabilities in the Veritas Backup solution to gain initial access to the target network. Unlike other ALPHV affiliates, UNC4466 doesn’t rely on stolen credentials for initial access to victim environments. Mandiant […]

The post ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs appeared first on Security Affairs.

April 4, 2023
0 comment
Read More >>

Rorschach ransomware has the fastest file-encrypting routine to date

A new ransomware strain named Rorschach ransomware supports the fastest file-encrypting routine observed to date. Check Point Research (CPR) and Check Point Incident Response Team (CPIRT) researchers detected a previously unknown ransomware strain, dubbed Rorschach ransomware, that was employed in attack against a US-based company. The experts pointed out that the Rorschach ransomware appears to be unique. […]

The post Rorschach ransomware has the fastest file-encrypting routine to date appeared first on Security Affairs.

April 4, 2023
0 comment
Read More >>

CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog

US CISA has added a Zimbra flaw, which was exploited in attacks targeting NATO countries, to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926, to its Known Exploited Vulnerabilities Catalog. The CVE-2022-27926 flaw affects Zimbra Collaboration version 9.0.0, which is used to host publicly-facing […]

The post CISA adds Zimbra bug exploited in attacks against NATO countries to its Known Exploited Vulnerabilities catalog appeared first on Security Affairs.

April 4, 2023
0 comment
Read More >>