Internet Security

Balada Injector continues to infect thousands of WordPress sites

January 15, 2024 add comment
Balada Injector malware infected more than 7100 WordPress sites using a vulnerable version of the Popup Builder plugin. In September, Sucuri researchers reported that more than 17,000 WordPress websites... Read more »

Attackers target Apache Hadoop and Flink to deliver cryptominers

January 15, 2024 add comment
Researchers devised a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners. Cybersecurity researchers from cyber security firm Aqua have uncovered a new attack... Read more »

Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic

January 15, 2024 add comment
Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recently disclosed Bluetooth... Read more »

Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

January 14, 2024 add comment
Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of... Read more »

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

January 14, 2024 add comment
The National Police of Ukraine, with the support of Europol, arrested the alleged mastermind behind a sophisticated cryptojacking scheme. The National Police of Ukraine, with the support of Europol,... Read more »

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

January 13, 2024 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new... Read more »

Akira ransomware targets Finnish organizations

January 13, 2024 add comment
The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported... Read more »

GitLab fixed a critical zero-click account hijacking flaw

January 13, 2024 add comment
GitLab addressed two critical flaws impacting both the Community and Enterprise Edition, including a critical zero-click account hijacking vulnerability GitLab has released security updates to address two critical vulnerabilities... Read more »

Juniper Networks fixed a critical RCE bug in its firewalls and switches

January 12, 2024 add comment
Juniper Networks fixed a critical pre-auth remote code execution (RCE) flaw, tracked as CVE-2024-21591, in its SRX Series firewalls and EX Series switches. Juniper Networks released security updates to... Read more »

Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467

January 12, 2024 add comment
Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz. Researchers from cybersecurity firm VulnCheck have created a proof-of-concept (PoC) exploit code for the recently... Read more »
Subscribe to our Newsletter