Multiple flaws in FileWave mobile device management (MDM) product exposed organizations to cyberattacks. Claroty researchers discovered two vulnerabilities in the FileWave MDM product that exposed more than one thousand organizations to cyber attacks. FIleWave MDM is used by organizations to view and manage device configurations, locations, security settings, and other device data. An organization may […]
The ransomware group Lockbit claims to have stolen 78 GB of files from the Italian Revenue Agency (Agenzia delle Entrate). The ransomware gang Lockbit claims to have hacked the Italian Revenue Agency (Agenzia delle Entrate) and added the government agency to the list of victims reported on its dark web leak site. “The Revenue Agency, operational since 1 January […]
Operators behind the Amadey Bot malware use the SmokeLoader to distribute a new variant via software cracks and keygen sites. Amadey Bot is a data-stealing malware that was first spotted in 2018, it also allows operators to install additional payloads. The malware is available for sale in illegal forums, in the past, it was used […]
Drupal development team released security updates to fix multiple issues, including a critical code execution flaw. Drupal developers have released security updates to address multiple vulnerabilities in the popular CMS: Drupal core – Moderately critical – Multiple vulnerabilities – SA-CORE-2022-015 Drupal core – Critical – Arbitrary PHP code execution – SA-CORE-2022-014 Drupal core – Moderately […]
North Korea-linked APT37 group targets high-value organizations in the Czech Republic, Poland, and other countries. Researchers from the Securonix Threat Research (STR) team have uncovered a new attack campaign, tracked as STIFF#BIZON, targeting high-value organizations in multiple countries, including Czech Republic, and Poland. The researchers attribute this campaign to the North Korea-linked APT37 group, aka […]
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to also receive for free the newsletter with the international press subscribe here. FBI seized $500,000 worth of bitcoin obtained from Maui ransomware attacks SonicWall fixed critical SQLi in […]
Threat actor leaked data of 5.4 million Twitter users that were obtained by exploiting a now patched flaw in the popular platform. A threat actor has leaked data of 5.4 million Twitter accounts that were obtained by exploiting a now-fixed vulnerability in the popular social media platform. The threat actor is now offering for sale […]
The U.S. DoJ seized $500,000 worth of Bitcoin from North Korea-linked threat actors who are behind the Maui ransomware. The U.S. Department of Justice (DoJ) has seized $500,000 worth of Bitcoin from North Korean threat actors who used the Maui ransomware to target several organizations worldwide. “The Justice Department today announced a complaint filed in […]
Security company SonicWall released updates to address a critical SQL injection (SQLi) flaw in Analytics On-Prem and Global Management System (GMS) products. Security company SonicWall addressed a critical SQL injection (SQLi) vulnerability, tracked as CVE-2022-22280 (CVSS score 9.4), in Analytics On-Prem and Global Management System (GMS) products. “Improper Neutralization of Special Elements used in an […]
Starting with Windows 11 Microsoft introduce by default an account lockout policy that can block brute force attacks. Starting with Windows 11 Insider Preview build 22528.1000 the OS supports an account lockout policy enabled by default to block brute force attacks. The lockout policy was set to limit the number of failed sign-in attempts to […]