Internet Security

Transport for London (TfL) is dealing with an ongoing cyberattack

September 2, 2024 add comment
Transport for London (TfL) is investigating an ongoing cyberattack, however, customer information was compromised. Transport for London (TfL) is investigating an ongoing cyberattack. However, the TfL stated that there... Read more »

Lockbit gang claims the attack on the Toronto District School Board (TDSB)

September 2, 2024 add comment
The Toronto District School Board (TDSB) confirmed that student information was compromised in the June Lockbit ransomware attack. The Toronto District School Board (TDSB) confirmed that students’ information was... Read more »

A new variant of Cicada ransomware targets VMware ESXi systems

September 2, 2024 add comment
A new ransomware-as-a-service (RaaS) operation called Cicada3301 has emerged in the threat landscape and already targeted tens of companies. Cicada3301 is a new ransomware-as-a-service (RaaS) operation that appeared in... Read more »

An air transport security system flaw allowed to bypass airport security screenings

September 1, 2024 add comment
A vulnerability in an air transport security system allowed unauthorized individuals to bypass airport security screenings. The Known Crewmember (KCM) and Cockpit Access Security System (CASS) programs are two... Read more »

Security Affairs newsletter Round 487 by Pierluigi Paganini – INTERNATIONAL EDITION

September 1, 2024 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 9

September 1, 2024 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Unveiling “sedexp”: A Stealthy Linux Malware Exploiting udev Rules Malware... Read more »

North Korea-linked APT Citrine Sleet exploit Chrome zero-day to deliver FudModule rootkit

August 31, 2024 add comment
North Korea-linked APT exploited the recently patched Google Chrome zero-day CVE-2024-7971 to deploy the FudModule rootkit. North Korea-linked group Citrine Sleet (aka AppleJeus, Labyrinth Chollima, UNC4736, Hidden Cobra) have exploited... Read more »

Fortra fixed two severe issues in FileCatalyst Workflow, including a critical flaw

August 30, 2024 add comment
Cybersecurity and automation company Fortra addressed two vulnerabilities in FileCatalyst Workflow software, including a critical-severity flaw. Cybersecurity and automation company Fortra released patches for two vulnerabilities in FileCatalyst Workflow.... Read more »

South Korea-linked group APT-C-60 exploited a WPS Office zero-day

August 30, 2024 add comment
South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group APT-C-60 exploited a zero-day, tracked as CVE⁠-⁠2024⁠-⁠7262,... Read more »

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

August 30, 2024 add comment
Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527  (CVSS score 10.0) in... Read more »
Subscribe to our Newsletter