Security Affairs

"Notorious ransomware programmer Mikahil Pavlovich Matveev arrested in Russia."

 Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 30 November 2024, 1534 UTC.

Conent and Source:  Email subscription via https://feedly.com.  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

69K followers23 articles per week#security#tech
19

Yesterday

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia
Russia arrests ransomware affiliate Wazawaka
by Pierluigi Paganini / 7h
Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Russian authorities arrested a ransomware affiliate, Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin), and charged him for developing malware and his role in several hacking groups. The man was arrested in Kaliningrad, Russia, l
Phishing-as-a-Service Rockstar 2FA continues to be prevalent
9 TTPs
by Pierluigi Paganini / 23h
Rockstar 2FA phishing email techniques
Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Trustwave researchers are monitoring malicious activity associated with Phishing-as-a-Service (PaaS) platforms, their latest report focuses on a toolkit called Rockstar 2FA. Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authent

Nov 28, 2024

Zello urges users to reset passwords following a cyber attack
Zello urges password resets after breach
by Pierluigi Paganini / 1d
Zello urges customers with accounts created before November 2 to reset passwords following a potential security breach. Zello is warning customers who have an account created before November 2 to reset their passwords, a circumstance that suggests that the incident took place on November 2. Zello is a tech software company in Austin, Texas, U.S., known for the Zello app, which emulates push-to-ta
A cyberattack impacted operations at UK Wirral University Teaching Hospital
WUTH cyberattack disrupts hospital services
by Pierluigi Paganini / 1d
UK’s Wirral University Teaching Hospital suffered a cyberattack that caused delays in appointments and procedures. Wirral University Teaching Hospital NHS Foundation Trust (WUTH) is an NHS Foundation Trust. It provides healthcare for people of the Wirral Peninsula and the surrounding areas of North West England and North Wales. The trust is responsible for Arrowe Park Hospital, Clatterbridge Hosp
T-Mobile detected network intrusion attempts and blocked them
T-Mobile suffers major cyber attack
by Pierluigi Paganini / 2d
T-Mobile reported recent infiltration attempts but pointed out that threat actors had no access to its systems and no sensitive data was compromised. T-Mobile detected recent infiltration attempts but confirmed no unauthorized system access occurred, and no sensitive data was compromised. The carrier is investigating reports that are linking it to “ Salt Typhoon ” cyberattacks tied to Chinese sta

Nov 27, 2024

ProjectSend critical flaw actively exploited in the wild, experts warn
CVE-2024-11680
by Pierluigi Paganini / 2d
Researchers warn that a critical security flaw in ProjectSend open-source file-sharing application may be under active exploitation. VulnCheck researchers warn that ProjectSend vulnerability CVE-2024-11680 (CVSS score: 9.8) appears to have been exploited by attackers in the wild. The vulnerability is an improper authentication issue that impacts ProjectSend versions before r1720. Remote, unauthen
Bootkitty is the first UEFI Bootkit designed for Linux systems
5 TTPs
by Pierluigi Paganini / 2d
Bootkitty first UEFI bootkit for Linux
ESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. Cybersecurity researchers from ESET discovered the first UEFI bootkit designed to target Linux systems, called by its authors Bootkitty. The bootkit allows attackers to disable the kernel’s signature verification feature and to preload two as yet unknown ELF bin
VMware fixed five vulnerabilities in Aria Operations product
4 TTPs
by Pierluigi Paganini / 3d
Virtualization giant VMware addressed multiple vulnerabilities in its Aria Operations product that can led to privilege escalation and XSS attacks. VMware released security updates to address five vulnerabilities in its Aria Operations product. Aria Operations (formerly known as VMware vRealize Operations) is a comprehensive cloud management and operations platform developed by VMware. It is desi
Operation Serengeti: INTERPOL arrested 1,006 suspects in 19 African countries
Interpol arrests 1006 cybercriminals in Africa
by Pierluigi Paganini / 3d
and dismantled 134,089 malicious networks. A joint law enforcement operation by INTERPOL and AFRIPOL across 19 African countries, dubbed Operation Serengeti, led to the arrest of 1,006 suspects. The authorities dismantled 134,089 malicious infrastructures and networks. “Operation Serengeti (2 September – 31 October) targeted criminals behind ransomware, business email compromise (BEC), digital e

Nov 26, 2024

How DSPM Helps Businesses Meet Compliance Requirements
by Pierluigi Paganini / 3d
Data Security Posture Management (DSPM) helps monitor, secure, and ensure compliance for sensitive data, reducing risks across diverse environments. Complying with cybersecurity regulations can be a source of great pain for organizations, especially those that handle and store particularly valuable and vulnerable information. Organizations in sectors like healthcare, finance, legal, and governmen
Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America
IoC > 3 domains
by Pierluigi Paganini / 3d
7 TTPs
CVE-2024-9680
The Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America. Russian-based cybercrime group RomCom (aka UAT-5647 , Storm-0978 , Tropical Scorpius , UAC-0180, UNC2596 ) exploited two Firefox and Tor Browser zero-day vulnerabilities in recent attacks on users across Europe and North America. The first zero-day exploited by the
Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack
Blue Yonder hit by ransomware attack
by Pierluigi Paganini / 3d
Blue Yonder, a supply chain software provider, suffered a ransomware attack, impacting operations for clients like Starbucks and grocery stores. A ransomware attack on Blue Yonder disrupted operations for several customers, including Starbucks and U.K. grocery chain Sainsbury . “A ransomware attack has disrupted a third-party software system that Starbucks uses to track and manage its baristas’ s
The source code of Banshee Stealer leaked online
13 TTPs
by Pierluigi Paganini / 4d
Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. The code is now available on GitHub. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. BANSHEE Stealer supports basic evasion techniques, relies on the sysctl API to detect debugging and checks

Nov 25, 2024

U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog
by Pierluigi Paganini / 4d
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8) to its Known Exploited Vulnerabilities (KEV) catalog . Array Networks’ AG Series and vxAG (versio
Thai police arrested Chinese hackers involved in SMS blaster attacks
by Pierluigi Paganini / 4d
Thai authorities arrested fraud gangs in Bangkok for SMS blaster attacks, they used fake cell towers to send thousands of malicious SMS messages to nearby phones. Thai authorities arrested members of two Chinese cybercrime organizations, one of these groups carried out SMS blaster attacks. The crooks were driving through Bangkok’s streets while sending hundreds of thousands of malicious SMS text
Zyxel firewalls targeted in recent ransomware attacks
4 TTPs
by Pierluigi Paganini / 4d
Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls. Zyxel warns that a ransomware gang has been observed exploiting a recently patched command injection vulnerability, tracked as CVE-2024-42057, in its firewalls for initial compromise. Remote, unauthenticated attackers could exploit the flaw to execute OS commands on vulner
Malware campaign abused flawed Avast Anti-Rootkit driver
6 TTPs
by Pierluigi Paganini / 5d
Malware exploits security software vulnerabilities
Threat actors exploit an outdated Avast Anti-Rootkit driver to evade detection, disable security tools, and compromise the target systems. Trellix researchers uncovered a malware campaign that abused a vulnerable Avast Anti-Rootkit driver (aswArPot.sys) to gain deeper access to the target system, disable security solutions, and gain system control. This alarming tactic corrupts trusted kernel-mod
Russia-linked APT TAG-110 uses targets Europe and Asia
15 TTPs
by Pierluigi Paganini / 5d
Russia-aligned TAG-110 targets Asia Europe
Russia-linked threat actors TAG-110 employed custom malware HATVIBE and CHERRYSPY to target organizations in Asia and Europe. Insikt Group researchers uncovered an ongoing cyber-espionage campaign by Russia-linked threat actor TAG-110 that employed custom malware tools HATVIBE and CHERRYSPY . The campaign primarily targeted government entities, human rights groups, and educational institutions in

Nov 24, 2024

Russia-linked threat actors threaten the UK and its allies, minister to say
by Pierluigi Paganini / 5d
A senior UK minister will warn that Russia is preparing cyberattacks against the UK and its allies to undermine support for Ukraine. Russia may launch cyberattacks against the UK and its allies in retaliation for their support of Ukraine, Chancellor of the Duchy of Lancaster Pat McFadden is expected to state during a NATO meeting. Chancellor of the Duchy of Lancaster Pat McFadden is also responsi

End of feed

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deplo...
Read more

Cyber War News Today.

Image
"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2...
Read more