3CX Supply chain attack allowed targeting cryptocurrency companies

Threat actors behind the 3CX supply chain attack have targeted a limited number of cryptocurrency companies with a second-state implant. As of Mar 22, 2023, SentinelOne observed a spike... Read more »

UK outsourcing services provider Capita suffered a cyber incident

UK outsourcing services provider Capita confirmed that the outage suffered on Friday was caused by a cyberattack. Capita, the UK outsourcing giant, confirmed that its staff was locked out... Read more »

Western Digital took its services offline due to a security breach

Western Digital disclosed a security breach, according to the company an unauthorized party gained access to multiple systems. Western Digital has shut down several of its services after discovering... Read more »

Microsoft fixed Azure AD bug that led to Bing.com results manipulation and account takeover

Microsoft addressed a misconfiguration flaw in the Azure Active Directory (AAD) identity and access management service. Microsoft has addressed a misconfiguration issue impacting the Azure Active Directory (AAD) identity... Read more »

Moobot botnet spreads by targeting Cacti and RealTek flaws

The Moobot botnet is actively exploiting critical vulnerabilities in Cacti, and Realtek in attacks in the wild. FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti (CVE-2022-46169) and... Read more »

Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want... Read more »

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Files leaked by Russian IT contractor NTC Vulkan show that Russia-linked Sandworm APT requested it to develop offensive tools. Documents leaked from Russian IT contractor NTC Vulkan show it... Read more »

LockBit leaks data stolen from the South Korean National Tax Service

The LockBit ransomware gang announced the publishing of data stolen from the South Korean National Tax Service. On March 29, 2023, The Lock Bit ransomware gang announced the hack... Read more »

Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns

Italy’s data protection agency is temporarily blocking the popular chatbot ChatGPT due to a possible violation of the European data privacy regulation. The Italian Data Protection Authority, Garante Privacy, has temporarily... Read more »

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

CISA has added nine flaws to its Known Exploited Vulnerabilities catalog, including bugs exploited by commercial spyware on mobile devices. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added... Read more »
Subscribe to our Newsletter