Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Cloud and hosting provider Leaseweb took down critical systems after a cyber attack French employment agency … Read more

Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software

Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software

Cisco addressed three high-severity flaws in NX-OS and FXOS software that could cause denial-of-service (DoS) conditions. Cisco this week addressed multiple flaws in its products, including three high-severity flaws in NX-OS and FXOS software. An attacker can exploit these three issues to cause a denial-of-service (DoS) condition. Below is the list of flaws addressed by … Read more

Cloud and hosting provider Leaseweb took down critical systems after a cyber attack

Cloud and hosting provider Leaseweb took down critical systems after a cyber attack

The cloud and hosting provider Leaseweb suffered a security breach that impacted some “critical” systems of the company. Global hosting and cloud services provider Leaseweb has disabled some “critical” systems following a recent security breach. The company informed its customers that is now working on restoring these systems. According to a notice of incident sent … Read more

French employment agency Pôle emploi data breach impacted 10M people

French employment agency Pôle emploi data breach impacted 10M people

Pôle emploi, the French government employment agency suffered a data breach that impacted 10 million individuals. The French government employment agency Pôle emploi suffered a data breach and is notifying 10 million individuals impacted by the security breach. At the end of last week, the agency was informed of the compromise of the information system of … Read more

Crypto investor data exposed by a SIM swapping attack against a Kroll employee

Crypto investor data exposed by a SIM swapping attack against a Kroll employee

Security consulting giant Kroll disclosed a data breach resulting from a SIM-swapping attack against one of its employees. Security consulting firm Kroll revealed that a SIM-swapping attack against one of its employees caused the theft of user information for multiple cryptocurrency platforms. Kroll is managing ongoing bankruptcy proceedings for the impacted organizations, including BlockFi, FTX, and Genesis. On August … Read more

China-linked Flax Typhoon APT targets Taiwan

China-linked Flax Typhoon APT targets Taiwan

China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cyber espionage campaign that targeted dozens of organizations in Taiwan. The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with … Read more

Whiffy Recon malware triangulates the position of infected systems via Wi-Fi

Whiffy Recon malware triangulates the position of infected systems via Wi-Fi

Experts observed the SmokeLoader malware delivering a new Wi-Fi scanning malware strain dubbed Whiffy Recon. Secureworks Counter Threat Unit (CTU) researchers observed the Smoke Loader botnet dropping a new Wi-Fi scanning malware named Whiffy Recon. The malicious code triangulates the positions of the infected systems using nearby Wi-Fi access points as a data point for Google’s … Read more

FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective

FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective

The FBI warned that patches for a critical Barracuda ESG flaw CVE-2023-2868 are “ineffective” and patched appliances are still being hacked. The Federal Bureau of Investigation warned that security patches for critical vulnerability CVE-2023-2868 in Barracuda Email Security Gateway (ESG) are “ineffective.” According to the feds, threat actors are still hacking the patched appliances in … Read more

Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035

Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035

Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti Sentry authentication bypass vulnerability CVE-2023-38035 (CVSS score 9.8). This week the software company Ivanti released urgent security patches to address the critical-severity vulnerability CVE-2023-38035 impacting the Ivanti Sentry (formerly MobileIron Sentry) product. … Read more

Lazarus APT exploits Zoho ManageEngine flaw to target an Internet backbone infrastructure provider

Lazarus APT exploits Zoho ManageEngine flaw to target an Internet backbone infrastructure provider

The North Korea-linked Lazarus group exploits a critical flaw in Zoho ManageEngine ServiceDesk Plus to deliver the QuiteRAT malware. The North Korea-linked APT group Lazarus has been exploiting a critical vulnerability, tracked as CVE-2022-47966, in Zoho’s ManageEngine ServiceDesk in attacks aimed at the Internet backbone infrastructure provider and healthcare organizations. The state-sponsored hackers targeted entities … Read more

Lapsus$ member has been convicted of having hacked multiple high-profile companies

Lapsus$ member has been convicted of having hacked multiple high-profile companies

An 18-year-old member of the Lapsus$ gang has been convicted of having helped hack multiple high-profile companies. A teenage member of the Lapsus$ data extortion group, Arion Kurtaj (18), was convicted by a London jury of having hacked multiple high-profile companies, including Uber, Revolut, and blackmailed the developers of the gaming firm Rockstar Games. Since September … Read more

More than 3,000 Openfire servers exposed to attacks using a new exploit

More than 3,000 Openfire servers exposed to attacks using a new exploit

Researchers warn that more than 3,000 unpatched Openfire servers are exposed to attacks using an exploit for a recent flaw. Vulncheck researchers discovered more than 3,000 Openfire servers vulnerable to the CVE-2023-32315 flaw that are exposed to attacks using a new exploit. Openfire is a popular open-source chat server written in Java that is maintained by Ignite Realtime. … Read more

jsplaces