Internet Security

Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks

August 2, 2023 add comment
Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519. Security researchers from the non-profit organization Shadowserver Foundation reported that hundreds... Read more »

Zero-day in Salesforce email services exploited in targeted Facebook phishing campaign

August 2, 2023 add comment
Experts spotted a spear-phishing Facebook campaign exploiting a zero-day vulnerability in Salesforce email services. Researchers from Guardio Labs uncovered a sophisticated phishing campaign exploiting a zero-day vulnerability in Salesforce... Read more »

Burger King forgets to put a password on their systems, again

August 2, 2023 add comment
The fast food giant Burger King put their systems and data at risk by exposing sensitive credentials to the public for a second time. Original post @https://cybernews.com/security/burger-king-data-leak/ Burger King... Read more »

CISA adds second Ivanti EPMM flaw to its Known Exploited Vulnerabilities catalog

August 2, 2023 add comment
US CISA added a second actively exploited Ivanti ‘s Endpoint Manager Mobile (EPMM) vulnerability to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the... Read more »

NodeStealer 2.0 takes over Facebook Business accounts and targets crypto wallets

August 1, 2023 add comment
Researchers spotted a Python variant of the NodeStealer that was designed to take over Facebook business accounts and cryptocurrency wallets. Palo Alto Network Unit 42 discovered a previously unreported phishing campaign... Read more »

US govt is hunting a Chinese malware that can interfere with its military operations

August 1, 2023 add comment
The US government believes that China has deployed malware in key US power and communications networks that can be activated in case of a conflict. American intelligence officials believe... Read more »

WikiLoader malware-as-a-service targets Italian organizations

August 1, 2023 add comment
Threat actors are targeting Italian organizations with a phishing campaign aimed at delivering a new malware called WikiLoader. WikiLoader is a new piece of malware that is employed in... Read more »

Be aware of exposure of sensitive data on Wi-Fi settings for Canon inkjet printers

August 1, 2023 add comment
Canon warns that sensitive data on the Wi-Fi connection settings stored in the memories of inkjet printers may not be deleted during initialization. Canon warns that sensitive information on... Read more »

Experts discovered a previously undocumented initial access vector used by P2PInfect worm

July 31, 2023 add comment
Cado Security observed a new variant of the P2PInfect worm targets Redis servers with a previously undocumented initial access vector. In July, Palo Alto Networks Unit 42 researchers discovered... Read more »

Experts link AVRecon bot to the malware proxy service SocksEscort

July 31, 2023 add comment
The AVRecon botnet relies on compromised small office/home office (SOHO) routers since at least May 2021. In early July, researchers from Lumen Black Lotus Labs discovered the AVRecon botnet... Read more »
Subscribe to our Newsletter