hacking

Vulnerabilities

Issued by: Security Affairs

Apple released emergency security updates to address a new zero-day vulnerability, tracked as CVE-2023-42824, that is exploited in attacks targeting iPhone and iPad devices. The vulnerability is a privilege escalation issue that resides in the Kernel, it was addressed with improved checks. “A local attacker may be able to elevate their privileges. Apple is aware…

Malware & Threats

Issued by: Security Affairs

Securonix researchers recently uncovered a phishing campaign using a Pilot-in-Command (PIC) Drone manual document as a lure to deliver a toolkit dubbed Merlin. The campaign, codenamed STARK#VORTEX by Securonix, targets Ukrainian military entities and CERT-UA attributed it to a threat actor tracked as UAC-0154. The MerlinAgent is an open-source C2 toolkit written in Go, it…

Malware & Threats

Issued by: Security Affairs

Hackers are actively exploiting PaperCut MF/NG print management software flaws (tracked as CVE-2023-27350 and CVE-2023-27351) in attacks in the wild. The threat actors were observed installing the Atera remote management software to take over vulnerable servers. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the…

News

Issued by: Security Affairs

The Defence Cyber Marvel 2 (DCM2) is the largest training exercise organised by the Army Cyber Association to allow personnel from across the Armed Forces to build their skills within the cyber and electromagnetic domain. This year, 750 cyber specialists have participated in the military cyberwarfare exercise. 34 teams from 11 countries, including India, Italy,…

Malware & Threats

Issued by: Security Affairs

The City of Oakland disclosed last week a ransomware attack, the security breach began on February 8, 2023. In an abundance of caution, the City of Oakland has taken impacted systems offline, while they work to secure the impacted infrastructure. The Information Technology Department notified local authorities and launched an investigation into the incident to…

Malware & Threats

Issued by: Security Affairs

SentinelLabs researchers have observed the first Linux variant of the Clop ransomware. The researchers noticed that the encryption algorithm implemented in the ELF executable is flawed and can allow victims to decrypt locked files without paying a ransom. The researchers observed the first ELF variant of the Clop ransomware targeting Linux systems on December 26,…

Malware & Threats

Issued by: Security Week

A wealthy Russian businessman and associates made tens of millions of dollars by cheating the stock market in an elaborate scheme that involved hacking into U.S. computer networks to steal insider information about companies such as Microsoft and Tesla, a prosecutor told jurors on Monday. Vladislav Klyushin, the owner a Moscow-based information technology company with…

Malware & Threats

Issued by: Security Week

The defendants, Andi Jacques, Monika Shauntel Jenkins, Louis Noel Michel, Jeff Jordan Propht-Francisque, Dickenson Elan, Michael Jean Poix, Vladimyr Cherelus, and Louisaint Jolteus, allegedly worked together to perform computer intrusions and fraud. An indictment unsealed this week alleges that, between 2015 and 2019, the defendants along with others, including a now-deceased conspirator referred to as…

Malware & Threats

Issued by: Malwarebytes

The hugely popular Manga comics platform Mangatoon has fallen victim to a data breach. No fewer than 23 million user accounts could be at risk, thanks to a poorly secured database. Worse still, Mangatoon doesn’t seem to be responding to messages from the breacher, or people notifying it that the breach has taken place. A…