Security News

North Korea-linked Kimsuky APT uses new recon tool ReconShark

North Korea-linked APT group Kimsuky has been observed using a new reconnaissance tool dubbed ReconShark in a recent campaign. SentinelOne researchers observed an ongoing campaign from North Korea-linked Kimsuky Group that is using a new malware called ReconShark. The reconnaissance tool is delivered through spear-phishing emails, OneDrive links leading to document weaponized downloads, and the execution of malicious […]

The post North Korea-linked Kimsuky APT uses new recon tool ReconShark appeared first on Security Affairs.

May 5, 2023
0 comment
Read More >>

Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE

Cisco is warning customers of a critical remote code execution vulnerability affecting its EoL SPA112 2-Port Phone Adapters. Cisco is warning of a critical remote code execution (RCE) vulnerability, tracked as CVE-2023-20126 (CVSS score of 9.8), impacting SPA112 2-Port phone adapters. The company product has reached end-of-life (EoL). The vulnerability resides in the web-based management […]

The post Cisco EoL SPA112 2-Port Phone Adapters are affected by critical RCE appeared first on Security Affairs.

May 4, 2023
0 comment
Read More >>

Experts devised a new exploit for the PaperCut flaw that can bypass all current detection

VulnCheck researchers devised a new exploit for a recently disclosed critical flaw in PaperCut servers that bypasses all current detections. Cybersecurity researchers from VulnCheck have developed a new exploit for the recently disclosed critical flaw in PaperCut servers, tracked as CVE-2023-27350 (CVSS score: 9.8), that bypasses all current detections. The CVE-2023-27350 flaw is a PaperCut MF/NG Improper Access […]

The post Experts devised a new exploit for the PaperCut flaw that can bypass all current detection appeared first on Security Affairs.

May 4, 2023
0 comment
Read More >>

Facebook warns of a new information-stealing malware dubbed NodeStealer

Facebook discovered a new information-stealing malware, dubbed ‘NodeStealer,’ that is being distributed on Meta. NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook. The malware was first spotted in late January 2023 while targeting the browsers of Windows systems. It […]

The post Facebook warns of a new information-stealing malware dubbed NodeStealer appeared first on Security Affairs.

May 4, 2023
0 comment
Read More >>

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

CERT-UA is warning of destructive cyberattacks conducted by the Russia-linked Sandworm APT group against the Ukraine public sector. Russia-linked APT group Sandworm is behind destructive cyberattacks against Ukrainian state networks, the Ukrainian Government Computer Emergency Response Team (CERT-UA) warns. The Sandworm group (aka BlackEnergy, UAC-0082, Iron Viking, Voodoo Bear, and TeleBots) has been active since 2000, it operates under the control […]

The post Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector appeared first on Security Affairs.

May 4, 2023
0 comment
Read More >>

City of Dallas shut down IT services after ransomware attack

The City of Dallas, Texas, was hit by a ransomware attack that forced it to shut down some of its IT systems. The IT systems at the City of Dallas, Texas, have been targeted by a ransomware attack. To prevent the threat from spreading within the network, the City has shut down the impacted IT […]

The post City of Dallas shut down IT services after ransomware attack appeared first on Security Affairs.

May 4, 2023
0 comment
Read More >>

Authorities dismantled the card-checking platform Try2Check

Authorities dismantled the Try2Check platform, a Card-Checking platform that generated tens of millions of dollars in revenue. The U.S. DoJ charged the Russian citizen Denis Gennadievich Kulkov with running the Card-Checking services. The platform has been active since 2005, according to the DoJ, it generated tens of millions of dollars in revenue. The service allowed […]

The post Authorities dismantled the card-checking platform Try2Check appeared first on Security Affairs.

May 4, 2023
0 comment
Read More >>

Passwordless sign-in with passkeys is now available for Google accounts

Google announced the introduction of the passwordless secure sign-in with Passkeys for Google Accounts on all platforms. Google is rolling out the passwordless secure sign-in with Passkeys for Google Accounts on all platforms. Passwords are essential to protect services and data online, but when obtained by threat actors they can pose a risk to the […]

The post Passwordless sign-in with passkeys is now available for Google accounts appeared first on Security Affairs.

May 3, 2023
0 comment
Read More >>

Hackers are taking advantage of the interest in generative AI to install Malware

Threat actors are using the promise of generative AI like ChatGPT to deliver malware, Facebook parent Meta warned. Threat actors are taking advantage of the huge interest in generative AI like ChatGPT to trick victims into installing malware, Meta warns. The hackers attempt to trick victims into installing malicious apps and browser extensions on their […]

The post Hackers are taking advantage of the interest in generative AI to install Malware appeared first on Security Affairs.

May 3, 2023
0 comment
Read More >>

Researchers found DoS flaws in popular BGP implementation

Vulnerabilities in a software implementation of the Border Gateway Protocol (BGP) that could be weaponized to trigger a DoS condition on BGP peers. Forescout Vedere Labs researchers discovered multiple vulnerabilities in the software implementation of the Border Gateway Protocol (BGP). The issues reside in the BGP message parsing in version 8.4 of FRRouting implementation, a […]

The post Researchers found DoS flaws in popular BGP implementation appeared first on Security Affairs.

May 3, 2023
0 comment
Read More >>