end

LLM Says: ""JS attack detected""

Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports of malicious activity. The domain Polyfill.io was used to host JavaScript code that added modern […]

...more

Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes

Published: 2024-07-05 13:24:55

Popularity: 10

Author: Pierluigi Paganini

Keywords:

LLM Says: "Taylor's code cracked"

The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3rHunters leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour for free. The bar codes are valid for the upcoming concerts of Taylor Swift in Miami, […]

...more

LastPass: hackers breached the computer of a DevOps engineer in a second attack

Published: 2023-02-27 23:14:19

Popularity: 132

Author: Pierluigi Paganini

Keywords:

Threat actors hacked the home computer of a DevOp engineer, they installed a keylogger as part of a sophisticated cyber attack. Password management software firm LastPass disclosed a “second attack,” a threat actor used data stolen from the August security breach and combined it with information available from a third-party data breach. Then the attackers […] The post LastPass: hackers breached the computer of a DevOps engineer in a second attack appeared first on Security Affairs.

...more

Rackspace Hit With Lawsuits Over Ransomware Attack

Published: 2022-12-12 12:21:29

Popularity: 12

Author: Eduard Kovacs

Keywords:

Incident Response

Management & Strategy

At least two lawsuits have been filed against Texas-based cloud company Rackspace over the recently disclosed ransomware attack. read more

...more

Python, JavaScript Developers Targeted With Fake Packages Delivering Ransomware

Published: 2022-12-12 12:46:57

Popularity: 10

Author: Ionut Arghire

Keywords:

Phylum security researchers warn of a new software supply chain attack relying on typosquatting to target Python and JavaScript developers. read more

...more

Roblox breached: Internal documents posted online by unknown attackers

Published: 2022-07-19 11:12:11

Popularity: 53

Author: Christopher Boyd

Keywords:

LLM Says: ""Hacked and Exposed""

We take a look at reports that internal Roblox employee documents have been leaked by an as-yet unknown attacker. The post Roblox breached: Internal documents posted online by unknown attackers appeared first on Malwarebytes Labs.

...more

New Checkmate ransomware target QNAP NAS devices

Published: 2022-07-08 07:23:07

Popularity: 12

Author: Pierluigi Paganini

Keywords:

Taiwanese vendor QNAP wars of a new strain of ransomware, dubbed Checkmate, that is targeting its NAS devices. The Taiwanese vendor QNAP is warning of a new family of ransomware targeting its NAS devices using weak passwords. Threat actors are targeting devices exposed online with the SMB service enabled, they perform brute-force attacks against accounts […] The post New Checkmate ransomware target QNAP NAS devices appeared first on Security Affairs.

...more

A Year After Death, McAfee's Corpse Still in Spanish Morgue

Published: 2022-06-23 18:22:23

Popularity: 18

Author: AFP

Keywords:

Tracking & Law Enforcement

The body of software entrepreneur John McAfee remained at a morgue in Spain Thursday a year after his death as a legal case filed by his family, who do not believe he committed suicide, is yet to be resolved. read more

...more

Exploited Vulnerability Patched in WordPress Plugin With Over 1 Million Installations

Published: 2022-06-17 12:00:51

Popularity: 13

Author: Ionut Arghire

Keywords:

Vulnerabilities

More than one million WordPress websites were potentially impacted by a critical Ninja Forms plugin vulnerability that appears to have been exploited in the wild. With over one million installations, the popular Ninja Forms plugin helps administrators add customizable forms to their WordPress sites. read more

...more

Lapsus$ extortion gang leaked the source code for some Microsoft projects

Published: 2022-03-22 09:56:53

Popularity: 16

Author: Pierluigi Paganini

Keywords:

The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. On Sunday, the Lapsus$ gang announced to have compromised Microsoft’s Azure DevOps […] The post Lapsus$ extortion gang leaked the source code for some Microsoft projects appeared first on Security Affairs.

...more

Adobe Releases Emergency Patch for Exploited Commerce Zero-Day

Published: 2022-02-13 18:01:12

Popularity: 15

Author: Eduard Kovacs

Keywords:

Adobe released an emergency advisory on Sunday to inform Commerce and Magento users of a critical zero-day vulnerability that has been exploited in attacks. read more

...more

Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP

Published: 2022-01-31 19:30:15

Popularity: 16

Author: Pierluigi Paganini

Keywords:

A hacking campaign, tracked as Eternal Silence, is abusing UPnP to compromise routers and use them to carry out malicious activities. Researchers from Akamai have spotted a malicious campaign, tracked as ‘Eternal Silence,’ that is abusing Universal Plug and Play (UPnP) to turn routers into a proxy server used to carry out a broad range […] The post Hundreds of thousands of routers exposed to Eternal Silence campaign via UPnP appeared first on Security Affairs.

...more

Telegram is becoming the paradise of cyber criminals

Published: 2021-09-27 07:56:11

Popularity: None

Author: Pierluigi Paganini

Keywords:

Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data and hacking tools. Many experts believe that the popular Telegram app is an efficient alternative to dark web marketplaces, its channels are used by hacking communities and cybercriminals to buy and sell stolen data, accesses […] The post Telegram is becoming the paradise of cyber criminals appeared first on Security Affairs.

...more

Attacks Targeting OMIGOD Vulnerability Ramping Up

Published: 2021-09-21 03:45:05

Popularity: 13

Author: Ionut Arghire

Keywords:

Attackers are increasingly targeting a remote code execution vulnerability in the Open Management Infrastructure (OMI) framework that Microsoft released patches for earlier this month. read more

...more

Recently Patched Confluence Vulnerability Exploited in the Wild

Published: 2021-09-02 10:47:16

Popularity: 7

Author: Eduard Kovacs

Keywords:

Hackers started exploiting a vulnerability in Atlassian’s Confluence enterprise collaboration product just one week after the availability of a patch was announced. read more

...more

Biden Tells Putin Russia Must Crack Down on Cybercriminals

Published: 2021-07-10 16:22:11

Popularity: 13

Author: Associated Press

Keywords:

LLM Says: "Russian hackers busted"

President Joe Biden told Russian President Vladimir Putin in a Friday phone call that he must “take action” against cybercriminals acting in his country and that the U.S. reserves the right to “defend its people and its critical infrastructure” from future attacks, the White House said. read more

...more

Polish State Websites Hacked and Used to Spread False Info

Published: 2021-03-18 09:46:58

Popularity: 49

Author: Associated Press

Keywords:

LLM Says: ""Hacked again""

Two Polish government websites were hacked Wednesday and used briefly to spread false information about a non-existent radioactive threat, in what a Polish government official said had the hallmarks of a Russian cyberattack. read more

...more

Adobe Patches Reader Vulnerability Exploited in the Wild

Published: 2021-02-09 18:29:39

Popularity: 24

Author: Eduard Kovacs

Keywords:

Adobe on Tuesday announced the availability of patches for 50 vulnerabilities across six of its products, including a zero-day vulnerability in Reader that has been exploited in the wild. read more

...more

Global Espionage Campaign Used Software Supply Chain Hack To Compromise Targets, Including US Gov

Published: 2020-12-14 12:02:05

Popularity: 64

Author: Mike Lennon

Keywords:

Tampered Versions of SolarWinds Orion IT Monitoring Software Used to Compromise Global Organizations read more

...more

Ticketmaster confirms data breach impacting 560 million customers

Published: 2024-06-01 20:20:13

Popularity: 19

Author: Pierluigi Paganini

Keywords:

LLM Says: "Data gone wrong"

Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. ShinyHunters, the current administrator of BreachForums, recently claimed the hack of Ticketmaster and offered for sale 1.3 TB of data, including full details of 560 million customers, for $500,000. Stolen data includes names, emails, addresses, phone numbers, ticket sales, […]

...more

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

Published: 2024-08-30 08:12:43

Popularity: 21

Author: Pierluigi Paganini

Keywords:

malware

Security Affairs

Security News

LLM Says: "Crypto mining chaos"

Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. The critical vulnerability CVE-2023-22527 (CVSS score 10.0) in the Atlassian Confluence Data Center and Confluence Server is being actively exploited for cryptojacking campaigns. The vulnerability is a template injection vulnerability that can allow remote […]

...more

Quishing, an insidious threat to electric car owners

Published: 2024-09-05 08:33:20

Popularity: 19

Author: Pierluigi Paganini

Keywords: