Security News

Experts published PoC exploit code for Veeam Backup & Replication bug

Researchers released a PoC exploit code for a high-severity vulnerability in Veeam Backup & Replication (VBR) software. Veeam recently addressed a high-severity flaw, tracked as CVE-2023-27532, in Veeam Backup and Replication (VBR) software. An unauthenticated user with access to the Veeam backup service (TCP 9401 by default) can exploit the flaw to request cleartext credentials. A remote […]

The post Experts published PoC exploit code for Veeam Backup & Replication bug appeared first on Security Affairs.

March 24, 2023
0 comment
Read More >>

Nexus, an emerging Android banking Trojan targets 450 financial apps

Experts warn of an emerging Android banking trojan dubbed Nexus that was employed in attacks against 450 financial applications. Cybersecurity firm experts from Cleafy warn of an emerging Android banking trojan, named Nexus, that was employed by multiple groups in attacks against 450 financial applications. The Nexus ransomware was first analyzed in early March by researchers from the […]

The post Nexus, an emerging Android banking Trojan targets 450 financial apps appeared first on Security Affairs.

March 23, 2023
0 comment
Read More >>

Dole discloses data breach after February ransomware attack

Dole Food Company confirmed that threat actors behind the recent ransomware attack had access to employees’ data. Dole Food Company is an Irish agricultural multinational corporation, it is one of the world’s largest producers of fruit and vegetables, operating with 38,500 full-time and seasonal employees who supply some 300 products in 75 countries. Dole reported 2021 revenues of $6.5 […]

The post Dole discloses data breach after February ransomware attack appeared first on Security Affairs.

March 23, 2023
0 comment
Read More >>

Pwn2Own Vancouver 2023 Day 1: Windows 11 and Tesla hacked

On the first day of Pwn2Own Vancouver 2023, the organization awarded $375,000 (and a Tesla Model 3) for 12 zero-day flaws. The Pwn2Own Vancouver 2023 has begun, this hacking competition has 19 entries targeting nine different targets – including two Tesla attempts. On the first day of the event, the organization awarded $375,000 (and a […]

The post Pwn2Own Vancouver 2023 Day 1: Windows 11 and Tesla hacked appeared first on Security Affairs.

March 23, 2023
0 comment
Read More >>

Lionsgate streaming platform with 37m subscribers leaks user data

Entertainment industry giant Lionsgate leaked users’ IP addresses and information about what content they watch on its movie-streaming platform, according to research from Cybernews. Original post at https://cybernews.com/security/lionsgate-data-leak/ During their investigation, our researchers discovered that the video-streaming platform Lionsgate Play had leaked user data through an open ElasticSearch instance. The Cybernews research team discovered an […]

The post <strong>Lionsgate streaming platform with 37m subscribers leaks user data</strong> appeared first on Security Affairs.

March 23, 2023
0 comment
Read More >>

Rogue ChatGPT extension FakeGPT hijacked Facebook accounts

A tainted version of the legitimate ChatGPT extension for Chrome, designed to steal Facebook accounts, has thousands of downloads. Guardio’s security team uncovered a new variant of a malicious Chat-GPT Chrome Extension that was already downloaded by thousands a day. The version employed in a recent campaign is based on a legitimate open-source project, threat […]

The post Rogue ChatGPT extension FakeGPT hijacked Facebook accounts appeared first on Security Affairs.

March 23, 2023
0 comment
Read More >>

ENISA: Ransomware became a prominent threat against the transport sector in 2022

The European Union Agency for Cybersecurity (ENISA) published its first cyber threat landscape report for the transport sector. A new report published by the European Union Agency for Cybersecurity (ENISA) analyzes threats and incidents in the transport sector. The report covers incidents in aviation, maritime, railway, and road transport industries between January 2021 and October […]

The post ENISA: Ransomware became a prominent threat against the transport sector in 2022 appeared first on Security Affairs.

March 22, 2023
0 comment
Read More >>

BreachForums current Admin Baphomet shuts down BreachForums

Baphomet, the current administrator of BreachForums, announced that the popular hacking forum has been officially taken down. U.S. law enforcement arrested last week a US man that goes online with the moniker “Pompompurin,” the US citizen is accused to be the owner of the popular hacking forum BreachForums.  The news of the arrest was first reported by Bloomberg, […]

The post BreachForums current Admin Baphomet shuts down BreachForums appeared first on Security Affairs.

March 22, 2023
0 comment
Read More >>

Independent Living Systems data breach impacts more than 4M individuals

US health services company Independent Living Systems (ILS) discloses a data breach that impacted more than 4 million individuals. US health services company Independent Living Systems (ILS) disclosed a data breach that exposed personal and medical information for more than 4 million individuals. Independent Living Systems, offers a comprehensive range of turnkey payer services including clinical […]

The post Independent Living Systems data breach impacts more than 4M individuals appeared first on Security Affairs.

March 22, 2023
0 comment
Read More >>

New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict

Threat actors are targeting organizations located in Donetsk, Lugansk, and Crimea with a previously undetected framework dubbed CommonMagic. In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously undetected framework dubbed CommonMagic. Researchers believe that threat actors use spear […]

The post New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict appeared first on Security Affairs.

March 22, 2023
0 comment
Read More >>