The American cosmetics giant company Estée Lauder was hacked by two distinct ransomware groups, the ALPHV/BlackCat and Clop gangs. Yesterday the cybersecurity expert @sonoclaudio first alerted me about a... Read more »
Cybersecurity researchers discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers. Palo Alto Networks Unit 42 researchers have discovered a new peer-to-peer (P2P) worm called P2PInfect that targets Redis servers... Read more »
Adobe released an emergency update to address critical vulnerabilities in ColdFusion, including an actively exploited zero-day. Adobe released an out-of-band update to address critical and moderate vulnerabilities in ColdFusion,... Read more »
The Cyber Police Department of the National Police of Ukraine dismantled a massive bot farm and seized 150,000 SIM cards. A gang of more than 100 individuals used fake... Read more »
US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits
The U.S. government added surveillance technology vendors Cytrox and Intellexa to an economic blocklist for trafficking in cyber exploits. The Commerce Department’s Bureau of Industry and Security (BIS) added... Read more »
Citrix is warning customers of an actively exploited critical vulnerability in NetScaler Application Delivery Controller (ADC) and Gateway. Citrix is warning customers of a critical vulnerability, tracked as CVE-2023-3519 (CVSS score:... Read more »
Le Mans Endurance Management, operating the FIA World Endurance Championship’s website, exposed the data of hundreds of drivers by leaking their IDs and drivers’ licenses, the Cybernews research team... Read more »
The online malware scanning service VirusTotal leaked data associated with some registered customers, German newspapers reported. German newspapers Der Spiegel and Der Standard reported that the online malware scanning service VirusTotal leaked... Read more »
The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. The financially motivated group FIN8 (aka Syssphinx) was spotted using a revamped version... Read more »
Threat actors are actively exploiting a critical flaw, tracked as CVE-2023-28121, in the WooCommerce Payments WordPress plugin. Threat actors are actively exploiting a recently disclosed critical vulnerability, tracked as CVE-2023-28121 (CVSS... Read more »