The University of California San Francisco (UCSF) revealed that it paid roughly $1.14 million to cybercriminals to recover data after a ransomware attack. Late last week, the University of California San Francisco (UCSF) admitted having paid roughly $1.14 million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. […]
Palo Alto Networks addressed a critical flaw in the PAN-OS of its next-generation firewalls that could allow attackers to bypass authentication. Palo Alto Networks addressed a critical vulnerability, tracked as CVE-2020-2021, in the operating system (PANâOS) that powers its next-generation firewalls that could allow unauthenticated network-based attackers to bypass authentication. “When Security Assertion Markup Language (SAML) authentication is enabled and […]
Tens of organizations in the United States have been targeted with the recently discovered WastedLocker ransomware. The malicious code was first documented by researchers from the NCC Groupâs report and later Symantec published its own analysis. Security experts from Symantec reported that at least 31 organizations in the United States have been targeted with the recently discovered […]
Researchers revealed that the number of daily brute-force attacks on Windows RDP has doubled during the pandemic lockdown. Security experts from ESET revealed that the number of daily brute-force attacks on Windows RDP has doubled during the COVID-19 lockdown. The phenomenon is not surprising because during the COVID-19 lockdown employees were forced to work from […]
A new malware dubbed GoldenSpy is being distributed embedded in tax payment software that some businesses operating in China are required to install. GoldenSpy is a new backdoor that is being distributed embedded in tax payment software (the Aisino Intelligent tax software) that some businesses operating in China are required to install. The campaign is […]
Experts are warning of a new phishing campaign aimed at Office 365 users that are returning to the workplace with Coronavirus training resources. Threat actors continue to use Coronavirus lures adapting their technique to the current situation. The attack techniques adopted by the threat actors depends on the state of businesses in each region. In […]
Australian ACSC published a detailed report on the techniques, tactics, and procedures associated with the threat actor that targeted organizations in the country. Recently, Australia âs prime minister Scott Morrison revealed that a âstate-based actorâ is targeting government, public services, and businesses. Warning Australians of âspecific risksâ and an increased frequency of attacks, the Australian […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. 230k+ Indonesian COVID-19 patients records for sale in the Darkweb COVID-19 themed attacks are just a small percentage of the overall threats New Shlayer Mac malware spreads via poisoned search […]
Adobe, Mastercard, Visa are warning the owners of the online store running Magento 1.x of updating their installs because it will reach EOL by June 30 Adobe, Mastercard, Visa are warning the owners of online store running Magento 1.x of updating their installs because it will reach the end-of-life (EOL) by June 30 After June […]
Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they […]