Internet Security

Technical analysis of China-linked Earth Preta APT’s infection chain

March 27, 2023 add comment
China-linked Earth Preta cyberespionage group has been observed adopting new techniques to bypass security solutions. Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda) is actively... Read more »

Malicious Python Package uses Unicode support to evade detection 

March 27, 2023 add comment
Researchers discovered a malicious package on PyPI that uses Unicode to evade detection while stealing sensitive data. Supply chain security firm Phylum discovered a malicious Python package on the... Read more »

OpenAI: A Redis bug caused a recent ChatGPT data exposure incident

March 26, 2023 add comment
OpenAI revealed that a Redis bug was the root cause of the recent exposure of users’ personal information and chat titles in ChatGPT service. On Friday, OpenAI revealed that... Read more »

Security Affairs newsletter Round 412 by Pierluigi Paganini – International edition

March 26, 2023 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want... Read more »

Microsoft shares guidance for investigating attacks exploiting CVE-2023-23397

March 26, 2023 add comment
Microsoft is warning of cyber attacks exploiting a recently patched Outlook vulnerability tracked as CVE-2023-23397 (CVSS score: 9.8). Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability... Read more »

Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority

March 26, 2023 add comment
Puerto Rico Aqueduct and Sewer Authority (PRASA) is investigating a cyber attack with the help of the FBI and US CISA. The Puerto Rico Aqueduct and Sewer Authority (PRASA)... Read more »

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites

March 25, 2023 add comment
The U.K. National Crime Agency (NCA) revealed that it has set up a number of fake DDoS-for-hire sites to infiltrate the online criminal underground. The UK National Crime Agency... Read more »

Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days

March 25, 2023 add comment
On the third day of the Pwn2Own Vancouver 2023 hacking contest, the organization awarded $185,000 for 10 zero-day exploits. Pwn2Own Vancouver 2023 is ended, contestants disclosed 27 unique zero-days... Read more »

CISA announced the Pre-Ransomware Notifications initiative

March 24, 2023 add comment
The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs. The US Cybersecurity and Infrastructure Security Agency... Read more »

China-linked hackers target telecommunication providers in the Middle East

March 24, 2023 add comment
Researchers reported that China-linked hackers targeted telecommunication providers in the Middle East in the first quarter of 2023. In the first quarter of 2023, SentinelLabs researchers spotted the initial... Read more »
Subscribe to our Newsletter