The US Treasury Department announced sanctions on two APT31 Chinese hackers linked to attacks against organizations in the US critical infrastructure sector. The US government announced sanctions against a pair of Chinese hackers (Zhao Guangzong and Ni Gaobin), alleged members of the China-linked APT31 group, who are responsible for “malicious cyber operations targeting U.S. entities that operate […]
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds FortiClient EMS, Ivanti EPM CSA, Nice Linear eMerge E3-Series bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-48788 (CVSS score 9.3) is a critical pervasive SQL injection issue that resides […]
In recent campaigns, Iran-linked APT group MuddyWater used a legitimate Remote Monitoring and Management (RMM) solution called Atera. Proofpoint researchers observed the Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, TA450, and Static Kitten) was behind a new phishing campaign in March 2024 that attempted to drop a legitimate Remote Monitoring and Management (RMM) solution called Atera on the target systems. […]
Researchers reported that over 100 organizations in Europe and US were targeted by a wave of large-scale StrelaStealer campaigns Palo Alto Networks’ Unit42 spotted a wave of large-scale StrelaStealer campaigns impacting over 100 organizations across the EU and US. The threat actors sent out spam emails with attachments that eventually launched the StrelaStealer malware. The […]
Researchers demonstrated a new side-channel attack, named GoFetch, against Apple CPUs that could allow an attacker to obtain secret keys. A team of researchers from several US universities demonstrated a new microarchitectural side-channel attack named GoFetch that could allow attackers to extract secret keys from systems using Apple CPUs. GoFetch side-channel attack can extract secret […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Russia-linked APT29 targeted German political parties with WINELOADER backdoor Mozilla fixed Firefox zero-days exploited at Pwn2Own […]
During the month of Ramadan, Resecurity observed a significant increase in fraudulent activities and scams. During the month of Ramadan, Resecurity observed a significant increase in fraudulent activities and scams, coinciding with a surge in retail and online transactions. Middle Eastern enterprises, facing this heightened risk, are urged to bolster consumer protection and reinforce their […]
Russia-linked threat actors employ the WINELOADER backdoor in recent attacks targeting German political parties. In late February, Mandiant researchers spotted the Russia-linked group APT29 using a new variant of the WINELOADER backdoor to target German political parties with a CDU-themed lure. This is the first time Mandiant observed the APT29 subcluster targeting political parties, suggesting […]
Mozilla addressed two Firefox zero-day vulnerabilities exploited during the Pwn2Own Vancouver 2024 hacking competition. Mozilla has done an amazing job addressing two zero-day vulnerabilities in the Firefox web browser exploited during the recent Pwn2Own Vancouver 2024 hacking competition. The researcher Manfred Paul (@_manfp), who won the competition, exploited the two vulnerabilities, respectively tracked CVE-2024-29944 and […]
A large-scale malware campaign, tracked as Sign1, has already compromised 39,000 WordPress sites in the last six months. Sucurity researchers at Sucuri spotted a malware campaign, tracked as Sign1, which has already compromised 39,000 WordPress sites in the last six months. The experts discovered that threat actors compromised the websites implanting malicious JavaScript injections that […]