Security Affairs Read, think, share ā¦ Security is everyone’s responsibility
- GitCaught campaign relies on Github and Filezilla to deliver multiple malwareby Pierluigi Paganini on May 20, 2024 at 2:20 pm
Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Futureās Insikt Group discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors from the Commonwealth of Independent States (CIS). The attackers, tracked as GitCaught, used a GitHub profile to impersonate legitimate software applications, including 1Password, Bartender 5, and
- Two students uncovered a flaw that allows to use laundry machines for freeby Pierluigi Paganini on May 20, 2024 at 10:16 am
Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and air vending solutions for multifamily housing, academic institutions, hospitality, and other commercial sectors. They manage and operate many internet-connected laundry machines and systems, offering services such
- Grandoreiro Banking Trojan is back and targets banks worldwideby Pierluigi Paganini on May 20, 2024 at 6:17 am
A new GrandoreiroĀ banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new GrandoreiroĀ banking trojan campaign that has been ongoing since March 2024. Operators behind the Grandoreiro banking trojan have resumed operations following a law enforcement takedown in January. The recent campaign is
- Healthcare firm WebTPA data breach impacted 2.5 million individualsby Pierluigi Paganini on May 19, 2024 at 2:04 pm
WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare management and administrative services. The US company disclosed a data breach that impacted almost 2.5 million people. According to the report sent by the WebTPA to the U.S. Department of Health and
- Security Affairs newsletter Round 472 by Pierluigi Paganini ā INTERNATIONAL EDITIONby Pierluigi Paganini on May 19, 2024 at 12:41 pm
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked IT workers infiltrated hundreds of US firms Turla APT used two new backdoors to
- North Korea-linked Kimsuky used a new Linux backdoor in recent attacksby Pierluigi Paganini on May 19, 2024 at 11:13 am
Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea.Ā Symantec researchers observed the North Korea-linked group Kimsuky using a new Linux backdoor dubbed Gomir. The malware is a version of the GoBear backdoor which was delivered in a recent campaign by
- North Korea-linked IT workers infiltrated hundreds of US firmsby Pierluigi Paganini on May 18, 2024 at 2:52 pm
The U.S. Justice Department charged five individuals, including a U.S. woman, for aiding North Korea-linked IT workers to infiltrate 300 firms. The Justice Department unsealed charges against an Arizona woman, a Ukrainian man, and three unidentified foreign nationals accused of aiding overseas IT workers, pretending to be U.S. citizens, to infiltrate hundreds of firms in
- Turla APT used two new backdoors to infiltrate a European ministry of foreign affairsby Pierluigi Paganini on May 17, 2024 at 9:24 pm
Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. ESET researchers discovered two previously unknown backdoors named LunarWeb and LunarMail that were exploited to breach European ministry of foreign affairs. The two backdoors are designed to carry out a long-term compromise in the target network, data
- City of Wichita disclosed a data breach after the recent ransomware attackby Pierluigi Paganini on May 17, 2024 at 1:04 pm
The City of Wichita disclosed a data breach after the ransomware attack that hit the Kansasās city earlier this month. On May 5th, 2024, the City of Wichita, Kansas, was the victim of a ransomware attack and shut down its network to contain the threat. The city immediately started its incident response procedure to prevent
- CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalogby Pierluigi Paganini on May 17, 2024 at 10:20 am
CISA adds two D-Link DIR-600 and DIR-605 routerĀ vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)Ā added the following D-Link routerĀ vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: According toĀ Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities