Security Affairs Read, think, share … Security is everyone’s responsibility
- Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist everby Pierluigi Paganini on February 23, 2025 at 12:19 am
Crypto exchange Bybit was the victim of a sophisticated attack, and threat actors stole $1.5B worth of cryptocurrency from one of the company’s offline wallets. Crypto exchange Bybit suffered a sophisticated cyberattack, threat actors transferred over 400,000 ETH and stETH worth more than $1.5 billion to an unidentified address. The Bybit hack is the largest cryptocurrency
- Apple removes iCloud encryption in UK following backdoor demandby Pierluigi Paganini on February 22, 2025 at 11:50 am
Apple removed iCloud’s Advanced Data Protection in the UK after the government requested encryption backdoor access. Apple ends iCloud end-to-end encryption in the United Kingdom following the government’s request for encryption backdoor access. Advanced Data Protection is now unavailable for new UK users. In 2022, the IT giant introduced the optional setting Advanced Data Protection (ADP)
- B1ack’s Stash released 1 Million credit cardsby Pierluigi Paganini on February 21, 2025 at 2:41 pm
Experts warn that the carding website B1ack’s Stash released a collection of over 1 million unique credit and debit cards. D3 Lab researchers reported that on February 19, 2025, the carding website B1ack’s Stash released a collection of over 1 million unique credit and debit cards. Experts speculate that B1ack’s Stash used the free card release as a marketing strategy. The
- U.S. CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalogby Pierluigi Paganini on February 21, 2025 at 10:40 am
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Craft CMS and Palo Alto Networks PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two vulnerabilities are: Craft is a flexible, user-friendly CMS, affected
- Atlassian fixed critical flaws in Confluence and Crowdby Pierluigi Paganini on February 21, 2025 at 8:02 am
Australian software firm Atlassian patched 12 critical and high-severity flaws in Bamboo, Bitbucket, Confluence, Crowd, and Jira. Software firm Atlassian released security patches to address 12 critical- and high-severity vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd, and Jira products. The most severe vulnerabilities addressed by the company are: CVE-2024-50379 – (CVSS score of 9.8) – RCE
- Salt Typhoon used custom malware JumbledPath to spy U.S. telecom providersby Pierluigi Paganini on February 20, 2025 at 11:17 pm
China-linked cyber espionage group Salt Typhoon uses custom malware JumbledPath to on spy U.S. telecom providers. Cisco Talos researchers reported that China-linked APT group Salt Typhoon uses a custom-built utility, dubbed JumbledPath, to spy on network traffic of U.S. telecommunication providers. China-linked APT group Salt Typhoon (also known as FamousSparrow and GhostEmperor) and has been active since at least 2019 and
- NailaoLocker ransomware targets EU healthcare-related entitiesby Pierluigi Paganini on February 20, 2025 at 3:47 pm
NailaoLocker ransomware is a new threat that targeted European healthcare organizations from June to October 2024. Orange Cyberdefense CERT uncovered a malware campaign, tracked as The Green Nailao campaign, that targeted European organizations, including healthcare, in late 2024, using ShadowPad, PlugX, and the previously undocumented NailaoLocker ransomware. The Orange Cyberdefense CERT investigated four attackers with
- Microsoft fixed actively exploited flaw in Power Pagesby Pierluigi Paganini on February 20, 2025 at 11:20 am
Microsoft addressed a privilege escalation vulnerability in Power Pages, the flaw is actively exploited in attacks. Microsoft has addressed two critical vulnerabilities, tracked as CVE-2025-21355 (CVSS score: 8.6) and CVE-2025-24989 (CVSS score: 8.2), respectively impacting Bing and Power Pages. CVE-2025-21355 is a missing authentication for critical Function in Microsoft Bing, an unauthorized attacker could exploit the flaw
- Citrix addressed NetScaler console privilege escalation flawby Pierluigi Paganini on February 20, 2025 at 10:46 am
Citrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent under certain conditions. Citrix released security updates to address a high-severity security vulnerability, tracked as CVE-2024-12284 (CVSS score of 8.8) impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. The vulnerability is an improper privilege management that could allow attackers to escalate privileges
- Palo Alto Networks warns that CVE-2025-0111 flaw is actively exploited in attacksby Pierluigi Paganini on February 20, 2025 at 6:32 am
Palo Alto Networks warns that the vulnerability CVE-2025-0111 is actively exploited with two other flaws to compromise PAN-OS firewalls. Palo Alto Networks warns that threat actors are chaining the vulnerability CVE-2025-0111 with two other vulnerabilities, tracked as CVE-2025-0108 with CVE-2024-9474, to compromise PAN-OS firewalls. The vulnerability CVE-2025-0111 is a file read issue in PAN-OS, an
