Security News

Iran-linked APT groups started exploiting Papercut flaw

Microsoft warns of Iran-linked APT groups that are targeting vulnerable PaperCut MF/NG print management servers. Microsoft warns that Iran-linked APT groups have been observed exploiting the CVE-2023-27350 flaw in attacks against PaperCut MF/NG print management servers. The CVE-2023-27350 flaw is a PaperCut MF/NG Improper Access Control Vulnerability. PaperCut MF/NG contains an improper access control vulnerability within the […]

The post Iran-linked APT groups started exploiting Papercut flaw appeared first on Security Affairs.

May 9, 2023
0 comment
Read More >>

Money Message gang leaked private code signing keys from MSI data breach

The ransomware gang behind the attack on Taiwanese PC maker MSI leaked the company’s private code signing keys on their darkweb leak site. In early April, the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). Micro-Star International AKA MSI designs, manufactures, and sells motherboards and graphics cards […]

The post Money Message gang leaked private code signing keys from MSI data breach appeared first on Security Affairs.

May 8, 2023
0 comment
Read More >>

NextGen Healthcare suffered a data breach that impacted +1 Million individuals

NextGen Healthcare suffered a data breach, the security incident exposed the personal information of approximately 1 million individuals. Healthcare solutions provider NextGen Healthcare suffered a data breach that exposed the personal information of informing approximately one million individuals. NextGen Healthcare, Inc. is an American software and services company that develops and sells electronic health record (EHR) software and practice management systems to […]

The post NextGen Healthcare suffered a data breach that impacted +1 Million individuals appeared first on Security Affairs.

May 8, 2023
0 comment
Read More >>

Western Digital notifies customers of data breach after March cyberattack

Western Digital is notifying its customers of a data breach that exposed their sensitive personal information, the incident took place in March. In March 2022, Western Digital was hit by a ransomware attack and in response to the incident, it shut down several of its services. The company disclosed that an unauthorized party gained access […]

The post Western Digital notifies customers of data breach after March cyberattack appeared first on Security Affairs.

May 8, 2023
0 comment
Read More >>

CERT-UA warns of an ongoing SmokeLoader campaign

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. Threat actors are using emails sent from compromised accounts with the subject “bill/payment” with […]

The post CERT-UA warns of an ongoing SmokeLoader campaign appeared first on Security Affairs.

May 8, 2023
0 comment
Read More >>

SEC issued a record award of $279 million to a whistleblower

The Securities and Exchange Commission (SEC) announced the largest-ever award, approximately $279 million, to a whistleblower. The Securities and Exchange Commission (SEC) paid a record sum of approximately $279 million to a whistleblower. The award was paid to a whistleblower whose information and assistance led to the successful enforcement of SEC and related actions. The […]

The post SEC issued a record award of $279 million to a whistleblower appeared first on Security Affairs.

May 8, 2023
0 comment
Read More >>

San Bernardino County Sheriff’s Department paid a $1.1M ransom

The San Bernardino County Sheriff’s Department confirmed that it has paid a $1.1-million ransom after the April ransomware attack. The San Bernardino County Sheriff’s Department opted to pay a $1.1-million ransom after a ransomware attack infected its systems in early April. The ransomware attack forced the Police department to temporarily shut down some of its […]

The post San Bernardino County Sheriff’s Department paid a $1.1M ransom appeared first on Security Affairs.

May 7, 2023
0 comment
Read More >>

Dragon Breath APT uses double-dip DLL sideloading strategy

An APT group tracked as Dragon Breath has been observed employing a new DLL sideloading technique. Sophos researchers observed an APT group, tracked as Dragon Breath (aka APT-Q-27 and Golden Eye), that is using a new DLL sideloading technique that adds complexity and layers to the execution of the classic DLL sideloading. The attack consists of a clean […]

The post Dragon Breath APT uses double-dip DLL sideloading strategy appeared first on Security Affairs.

May 7, 2023
0 comment
Read More >>

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by […]

The post Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition appeared first on Security Affairs.

May 7, 2023
0 comment
Read More >>

Twitter confirmed that a security incident publicly exposed Circle tweets

A security problem caused the public sharing of private tweets sent to Twitter Circles to users outside of the Circle, the company admitted. Since August 2022, the Twitter Circle feature allows users to send tweets to a restricted circle of users, these messages are not visible to Twitter users outside the Circle. As reported by […]

The post Twitter confirmed that a security incident publicly exposed Circle tweets appeared first on Security Affairs.

May 6, 2023
0 comment
Read More >>