Security News

Twitter now supports Encrypted Direct Messages, with some limitations

Twitter is rolling out support for encrypted direct messages (DMs), the security feature will be initially available for the verified users. Twitter is rolling out support for encrypted direct messages (DMs), the feature is initially limited to verified users or affiliates to a verified organization that are using the latest version of the app (iOS, Android, Web). The latest […]

The post Twitter now supports Encrypted Direct Messages, with some limitations appeared first on Security Affairs.

May 11, 2023
0 comment
Read More >>

A zero-click vulnerability in Windows allows stealing NTLM credentials

Researchers shared technical details about a flaw in Windows MSHTML platform, tracked as CVE-2023-29324, that could be abused to bypass security protections. Cybersecurity researchers have shared details about a now-patched security flaw, tracked as CVE-2023-29324 (CVSS score: 6.5), in Windows MSHTML platform. An attacker can exploit the vulnerability by crafting a malicious URL that would evade zone checks. “An attacker can […]

The post A zero-click vulnerability in Windows allows stealing NTLM credentials appeared first on Security Affairs.

May 11, 2023
0 comment
Read More >>

Cybersecurity firm Dragos shared details about a failed extortion attempt it suffered

Industrial cybersecurity firm Dragos revealed that a ransomware group attempted to breach its infrastructure and extort it. Industrial cybersecurity firm Dragos revealed that on May 8, 2023, a known ransomware group attempted and failed to breach the company systems. The cybercriminals compromised the personal email address of a new sales employee prior to his/her start […]

The post Cybersecurity firm Dragos shared details about a failed extortion attempt it suffered appeared first on Security Affairs.

May 10, 2023
0 comment
Read More >>

US disrupts Russia-linked Snake implant’s network

The US government announced to have disrupted the peer-to-peer (P2P) network of computers compromised by the Snake malware. The Snake implant is one of the most sophisticated implants used by Russia-linked threat actors for cyberespionage purposes. The malware has been designed and used by Center 16 of Russia’s Federal Security Service (FSB) in cyber espionage […]

The post US disrupts Russia-linked Snake implant’s network appeared first on Security Affairs.

May 10, 2023
0 comment
Read More >>

Microsoft Patch Tuesday for May 2023 fixed 2 actively exploited zero-day flaws

Microsoft Patch Tuesday Security updates for May 2023 address a total of 40 vulnerabilities, including two zero-day actively exploited in attacks. Microsoft’s May 2023 security updates address 40 vulnerabilities, including two zero-day flaws actively exploited in attacks. The flaws affect Microsoft Windows and Windows Components; Office and Office Components; Microsoft Edge (Chromium-based); SharePoint Server; Visual […]

The post Microsoft Patch Tuesday for May 2023 fixed 2 actively exploited zero-day flaws appeared first on Security Affairs.

May 10, 2023
0 comment
Read More >>

The global food distribution giant Sysco discloses a data breach

Sysco, the global food distribution giant, disclosed a data breach, the compromised data includes customer and employee data. Sysco Corporation is an American multinational corporation involved in marketing and distributing food products, smallwares, kitchen equipment and tabletop items. BleepingComputer, who has seen an internal memo sent to employees on May 3, first reported that threat actors may have […]

The post The global food distribution giant Sysco discloses a data breach appeared first on Security Affairs.

May 10, 2023
0 comment
Read More >>

A Linux NetFilter kernel flaw allows escalating privileges to ‘root’

A Linux NetFilter kernel flaw, tracked as CVE-2023-32233, can be exploited by unprivileged local users to escalate their privileges to root. Netfilter is a framework provided by the Linux kernel that allows various networking-related operations to be implemented in the form of customized handlers. Netfilter offers various functions and operations for packet filtering, network address translation, and port translation, which provide the functionality required […]

The post A Linux NetFilter kernel flaw allows escalating privileges to ‘root’ appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet

A DDoS botnet dubbed AndoryuBot has been observed exploiting an RCE, tracked as CVE-2023-25717, in Ruckus access points. FortiGuard Labs researchers have recently observed a spike in attacks attempting to exploit the Ruckus Wireless Admin remote code execution vulnerability tracked as CVE-2023-25717. The activity is associated with a known DDoS botnet tracked as AndoryuBot that […]

The post Fortinet warns of a spike of the activity linked to AndoryuBot DDoS botnet appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

FBI seized 13 domains linked to DDoS-for-hire platforms

The U.S. DoJ announced the seizure of 13 new domains associated with DDoS-for-hire platforms as part of Operation PowerOFF. The U.S. Justice Department announced the seizure of 13 domains linked to DDoS-for-hire services as part of a coordinated international law enforcement effort known as Operation PowerOFF. DDoS-for-hire or ‘booter’ services allows registered users to launch order DDoS […]

The post FBI seized 13 domains linked to DDoS-for-hire platforms appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

New CACTUS ransomware appeared in the threat landscape

Researchers warn of a new ransomware family called CACTUS that exploits known vulnerabilities in VPN appliances to gain initial access to victims’ networks. Researchers from cybersecurity firm Kroll have analyzed on a new ransomware family called CACTUS that has been spotted exploiting known flaws in VPN appliances to achieve initial access to targeted networks. The […]

The post New CACTUS ransomware appeared in the threat landscape appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>