Internet Security

Experts warn of mass exploitation of Ivanti Connect Secure VPN flaws

January 16, 2024 add comment
Experts warn that recently disclosed Ivanti Connect Secure VPN and Policy Secure vulnerabilities are massively exploited in the wild. Last week, software firm Ivanti reported that threat actors are... Read more »

Experts warn of a vulnerability affecting Bosch BCC100 Thermostat

January 16, 2024 add comment
Researchers warn of high-severity vulnerability affecting Bosch BCC100 thermostats. Researchers from Bitdefender discovered a high-severity vulnerability affecting Bosch BCC100 thermostats. The researchers discovered a vulnerability, tracked as CVE-2023-49722 (CVSS... Read more »

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

January 15, 2024 add comment
Researchers from Bishop Fox found over 178,000 SonicWall next-generation firewalls (NGFW) publicly exploitable. SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two unauthenticated denial-of-service vulnerabilities,... Read more »

Phemedrone info stealer campaign exploits Windows smartScreen bypass

January 15, 2024 add comment
Threat actors exploit a recent Windows SmartScreen bypass flaw CVE-2023-36025 to deliver the Phemedrone info stealer. Trend Micro researchers uncovered a malware campaign exploiting the vulnerability CVE-2023-36025 (CVSS score 8.8) to... Read more »

Balada Injector continues to infect thousands of WordPress sites

January 15, 2024 add comment
Balada Injector malware infected more than 7100 WordPress sites using a vulnerable version of the Popup Builder plugin. In September, Sucuri researchers reported that more than 17,000 WordPress websites... Read more »

Attackers target Apache Hadoop and Flink to deliver cryptominers

January 15, 2024 add comment
Researchers devised a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners. Cybersecurity researchers from cyber security firm Aqua have uncovered a new attack... Read more »

Apple fixed a bug in Magic Keyboard that allows to monitor Bluetooth traffic

January 15, 2024 add comment
Apple addressed a recently disclosed Bluetooth keyboard injection vulnerability with the release of Magic Keyboard firmware. Apple released Magic Keyboard Firmware Update 2.0.6 to address a recently disclosed Bluetooth... Read more »

Attacks against Denmark ‘s energy sector were not carried out by Russia-linked APT

January 14, 2024 add comment
Forescout experts questioned the attribution of cyber attacks that targeted the energy sector in Denmark in 2023 to the Russia-linked Sandworm. Forescout experts shared findings from their analysis of... Read more »

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

January 14, 2024 add comment
The National Police of Ukraine, with the support of Europol, arrested the alleged mastermind behind a sophisticated cryptojacking scheme. The National Police of Ukraine, with the support of Europol,... Read more »

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

January 13, 2024 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new... Read more »
Subscribe to our Newsletter