Internet Security

CERT-UA warns of an ongoing SmokeLoader campaign

May 8, 2023 add comment
Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that... Read more »

SEC issued a record award of $279 million to a whistleblower

May 8, 2023 add comment
The Securities and Exchange Commission (SEC) announced the largest-ever award, approximately $279 million, to a whistleblower. The Securities and Exchange Commission (SEC) paid a record sum of approximately $279... Read more »

San Bernardino County Sheriff’s Department paid a $1.1M ransom

May 7, 2023 add comment
The San Bernardino County Sheriff’s Department confirmed that it has paid a $1.1-million ransom after the April ransomware attack. The San Bernardino County Sheriff’s Department opted to pay a... Read more »

Dragon Breath APT uses double-dip DLL sideloading strategy

May 7, 2023 add comment
An APT group tracked as Dragon Breath has been observed employing a new DLL sideloading technique. Sophos researchers observed an APT group, tracked as Dragon Breath (aka APT-Q-27 and Golden Eye),... Read more »

Security Affairs newsletter Round 418 by Pierluigi Paganini – International edition

May 6, 2023 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new... Read more »

Twitter confirmed that a security incident publicly exposed Circle tweets

May 6, 2023 add comment
A security problem caused the public sharing of private tweets sent to Twitter Circles to users outside of the Circle, the company admitted. Since August 2022, the Twitter Circle... Read more »

FBI seized other domains used by the shadow eBook library Z-Library

May 6, 2023 add comment
The FBI disrupted once again the illegal eBook library Z-Library the authorities seized several domains used by the service. The Federal Bureau of Investigation (FBI) seized multiple domains used... Read more »

WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks

May 6, 2023 add comment
A reflected cross-site scripting vulnerability is the Advanced Custom Fields plugin for WordPress exposed over 2 million sites to hacking. Assetnote researchers discovered a reflected cross-site scripting vulnerability, tracked... Read more »

Fortinet fixed two severe issues in FortiADC and FortiOS

May 5, 2023 add comment
Fortinet has addressed a couple of high-severity vulnerabilities impacting FortiADC, FortiOS, and FortiProxy. Fortinet addressed nine security vulnerabilities affecting multiple products, including two high-severity issues, tracked as CVE-2023-27999 and... Read more »

Pro-Russia group NoName took down multiple France sites, including the French Senate one

May 5, 2023 add comment
The French Senate’s website was taken offline by a DDoS attack launched by the pro-Russian hacker group NoName. The pro-Russia hacker group NoName is claiming responsibility for a DDoS... Read more »
Subscribe to our Newsletter