As technology evolves and our dependence on digital systems increases, the cybersecurity threat landscape also rapidly changes, posing fresh challenges for organizations striving to protect their assets and data. The battle between cybersecurity defenders and malicious actors rages on in the vast digital expanse of today’s interconnected world. As technology advances and our reliance on […]
Resecurity reported about the increasing wave of cyber incidents targeting the aerospace and aviation sectors. The experts emphasized the importance of rigorous cybersecurity risk assessments for airports and proactive threat intelligence in the context of the activity of major ransomware groups and advanced threat actors. As geopolitical tensions rise globally, there’s a heightened risk of […]
FBI and CISA published a joint Cybersecurity Advisory (CSA) to disseminate IOCs, TTPs, and detection methods associated with AvosLocker ransomware. The joint Cybersecurity Advisory (CSA) published by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) provides known IOCs, TTPs, and detection methods associated with the AvosLocker ransomware variant employed […]
ICICI Bank leaked millions of records with sensitive data, including financial information and personal documents of the bank’s clients. In 2022, the ICICI Bankâs resources were named a âcritical information infrastructureâ by the Indian government â any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Personal health information of 42M Americans leaked between 2016 and 2021 Malvertising campaign MasquerAds abuses Google […]
ConnectWise has addressed a critical remote code execution vulnerability impacting Recover and R1Soft Server Backup Manager (SBM). According to the advisory published by ConnectWise, the vulnerability is an Improper Neutralization of Special Elements in Output Used by a Downstream Component. An attacker can exploit the vulnerability to execute remote code or directly access confidential data. […]
The recently discovered malware builder Quantum Builder is being used by threat actors to deliver the Agent Tesla RAT. A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT), Zscaler ThreatLabz researchers warn. “Quantum Builder (aka âQuantum Lnk Builderâ) is used to create malicious shortcut […]
One of the US largest School districts, the Los Angeles Unified School District, suffered a ransomware attack during the weekend. The Los Angeles Unified School District is one of the largest school distinct in the US, it was hit by a ransomware attack during the Labor Day weekend. The security breach took place a few […]
Daxin is the most advanced backdoor in the arsenal of China-linked threat actors designed to avoid the detection of sophisticated defense systems. âSymantec researchers discovered a highly sophisticated backdoor, named Daxin, which is being used by China-linked threat actors to avoid advanced threat detection capabilities. The malicious code was likely designed for long-running espionage campaigns […]
Zero-day exploit broker Zerodium announced it will pay $400,000 for zero-day RCE in Microsoft Outlook email client. The zero-day exploit broker Zerodium has announced it will pay $400,000 for zero-day remote code execution (RCE) vulnerabilities in the Microsoft Outlook email client. The company pointed out that the increased payout for this specific vulnerability exploit is […]