Internet Security

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

August 20, 2024 add comment
Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a... Read more »

CISA adds Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog

August 19, 2024 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Jenkins Command Line Interface (CLI) bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added... Read more »

Researchers uncovered new infrastructure linked to the cybercrime group FIN7

August 19, 2024 add comment
Team Cymru, Silent Push and Stark Industries Solutions researchers uncovered a new infrastructure linked to the cybercrime group FIN7. Researchers from Team Cymru identified two clusters potentially linked to... Read more »

Experts warn of exploit attempt for Ivanti vTM bug

August 19, 2024 add comment
Researchers at the Shadowserver Foundation observed an exploit attempt based on the public PoC for Ivanti vTM bug CVE-2024-7593. Researchers at the Shadowserver Foundation observed an exploit attempt based... Read more »

Microsoft Zero-Day CVE-2024-38193 was exploited by North Korea-linked Lazarus APT

August 19, 2024 add comment
Microsoft addressed a zero-day vulnerability actively exploited by the North-Korea-linked Lazarus APT group. Microsoft has addressed a zero-day vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), which has been exploited by the... Read more »

The Mad Liberator ransomware group uses social-engineering techniques

August 19, 2024 add comment
New cybercrime group Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to conceal data exfiltrating. The Sophos X-Ops Incident Response team warned that a... Read more »

From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs

August 18, 2024 add comment
Boffins demonstrated the vulnerability of fingerprint recognition systems to dictionary attacks using ‘MasterPrints, ‘which are fingerprints that can match multiple other prints. A team of researchers from US universities... Read more »

Security Affairs newsletter Round 485 by Pierluigi Paganini – INTERNATIONAL EDITION

August 18, 2024 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of... Read more »

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 7

August 18, 2024 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Deciphering the Brain Cipher Ransomware   Ideal typosquat ‘solana-py’ steals your... Read more »

Large-scale extortion campaign targets publicly accessible environment variable files (.env)

August 18, 2024 add comment
A large-scale extortion campaign compromised multiple organizations by exploiting publicly accessible environment variable files (.env). Palo Alto Unit 42 researchers uncovered a large-scale extortion campaign that successfully compromised and... Read more »
Subscribe to our Newsletter