Internet Security

JumpCloud revealed it was hit by a sophisticated attack by a nation-state actor

July 18, 2023 add comment
Software firm JumpCloud announced it was the victim of a sophisticated cyber attack carried out by a nation-state actor. JumpCloud is a cloud-based directory service platform designed to manage... Read more »

Adobe warns customers of a critical ColdFusion RCE exploited in attacks

July 17, 2023 add comment
Adobe is warning customers of a critical ColdFusion pre-authentication RCE bug, tracked as CVE-2023-29300, which is actively exploited. Adobe warns customers of a critical ColdFusion pre-authentication remote code execution... Read more »

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

July 17, 2023 add comment
The admins of the darkweb Genesis Market announced the sale of their platform to a threat actor that will restart operations next month. In April, the FBI seized the Genesis... Read more »

Cisco fixed a critical flaw in SD-WAN vManage

July 17, 2023 add comment
Cisco warns of a critical unauthenticated REST API access vulnerability, tracked as CVE-2023-20214, impacting its SD-WAN vManage. Cisco addressed a critical unauthenticated REST API access vulnerability, tracked as CVE-2023-20214... Read more »

Pompompurin, the BreachForums owner, pleads guilty to hacking charges and possession of child pornography

July 17, 2023 add comment
The owner of the BreachForums Conor Brian Fitzpatrick, aka Pompompurin, pleads guilty to hacking charges. The owner of the BreachForums Conor Brian Fitzpatrick agrees to plead guilty to a... Read more »

WormGPT, the generative AI tool to launch sophisticated BEC attacks

July 16, 2023 add comment
The WormGPT case: How Generative artificial intelligence (AI) can improve the capabilities of cybercriminals and allows them to launch sophisticated attacks. Researchers from SlashNext warn of the dangers related... Read more »

Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition

July 15, 2023 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new... Read more »

Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial compromise

July 15, 2023 add comment
Ukraine’s Computer Emergency Response Team (CERT-UA) states that Russia-linked APT Gamaredon starts stealing data 30 minutes after the initial compromise. Ukraine’s Computer Emergency Response Team (CERT-UA) is warning that... Read more »

The source code of the BlackLotus UEFI Bootkit was leaked on GitHub

July 14, 2023 add comment
The source code for the BlackLotus UEFI bootkit has been published on GitHub and experts warn of the risks of proliferation of custom versions. Researchers from ESET discovered in... Read more »

US CISA warns of Rockwell Automation ControlLogix flaws

July 14, 2023 add comment
The U.S. CISA warns of two flaws impacting Rockwell Automation ControlLogix that can lead to remote code execution and DoS attacks. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)... Read more »
Subscribe to our Newsletter