Trend Micro addresses actively exploited Apex One zero-day
Trend Micro addressed multiple vulnerabilities in its Apex One endpoint security product, including actively exploited zero-day flaws. Trend Micro announced...
hacking
Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks
Iran-linked threat actors target individuals specializing in Middle Eastern affairs, nuclear security and genome research. In mid-2022, Proofpoint researchers uncovered...
Montenegro and its allies are working to recover from the massive cyber attack
A massive cyberattack hit Montenegro, officials believe that it was launched by pro-Russian hackers and the security services of Moscow....
Pro-Palestinian group GhostSec hacked Berghof PLCs in Israel
The hacktivist collective GhostSec claimed to have compromised 55 Berghof PLCs used by Israeli organizations. Pro-Palestinian Hacking Group GhostSec claimed to have...
Apple fixed the eighth actively exploited zero-day this year
Apple has addressed the eighth zero-day vulnerability that is actively exploited in attacks against iPhones and Macs since January. Apple...
Google announced the completion of the acquisition of Mandiant for $5.4 billion
Google completed the acquisition of the threat intelligence firm Mandiant, the IT giant will pay $5.4 billion. Google announced the...
PersistenceSniper – Powershell Script That Can Be Used By Blue Teams, Incident Responders And System Administrators To Hunt Persistences Implanted In Windows Machines
PersistenceSniper is a Powershell script that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences...
Cisco confirms that data leaked by the Yanluowang ransomware gang were stolen from its systems
Cisco confirmed the May attack and that the data leaked by the Yanluowang ransomware group was stolen from its systems....
Some firmware bugs in HP business devices are yet to be fixed
Six high-severity firmware bugs affecting several HP Enterprise devices are yet to be patched, some of them since July 2021....
Albania was hit by a new cyberattack and blames Iran
Albania blamed Iran for a new cyberattack that hit computer systems used by the state police on Friday. Albania blamed...
Security Affairs newsletter Round 383
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Iran-linked APT42 is behind over 30 espionage attacks
Iran-linked APT42 (formerly UNC788) is suspected to be the actor behind over 30 cyber espionage attacks against activists and dissidents....
Nim-RunPE – A Nim Implementation Of Reflective PE-Loading From Memory
A Nim implementation of reflective PE-Loading from memory. The base for this code was taken from RunPE-In-Memory - which I...
IHG suffered a cyberattack that severely impacted its booking process
InterContinental Hotels Group PLC (IHG) discloses a security breach, parts of its IT infrastructure has been subject to unauthorised activity...
China-Linked BRONZE PRESIDENT APT targets Government officials worldwide
China-linked BRONZE PRESIDENT group is targeting government officials in Europe, the Middle East, and South America with PlugX malware. Secureworks...
GraphCrawler – GraphQL Automated Security Testing Toolkit
Graph Crawler is the most powerful automated testing toolkit for any GraphQL endpoint.NEW: Can search for endpoints for you using...
Scammers live-streamed on YouTube a fake Apple crypto event
Scammers live-streamed on YouTube an old interview with Tim Cook as part of a fake Apple crypto event, and tens...
US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack
The U.S. Treasury Department sanctioned Iran ‘s Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence over the...
$30 Million worth of cryptocurrency stolen by Lazarus from Axie Infinity was recovered
US authorities recovered more than $30 million worth of cryptocurrency stolen by the North Korea-linked Lazarus APT from Axie Infinity....
Gohide – Tunnel Port To Port Traffic Over An Obfuscated Channel With AES-GCM Encryption
Tunnel port to port traffic via an obfuscated channel with AES-GCM encryption.Obfuscation ModesSession Cookie HTTP GET (http-client)Set-Cookie Session Cookie HTTP/2...
Experts warn of attacks exploiting zero-day in WordPress BackupBuddy plugin
Threat actors are exploiting a zero-day vulnerability in a WordPress plugin called BackupBuddy, Wordfence researchers warned. On September 6, 2022, the...
Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices
Iran-linked APT group DEV-0270 (aka Nemesis Kitten) is abusing the BitLocker Windows feature to encrypt victims’ devices. Microsoft Security Threat...
CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog
CISA added 12 more security flaws to its Known Exploited Vulnerabilities Catalog including four D-Link vulnerabilities. The U.S. Cybersecurity and Infrastructure...
Classified NATO documents sold on darkweb after they were stolen from Portugal
Threat actors claimed to have stolen classified NATO documents from the Armed Forces General Staff agency of Portugal (EMGFA). After...
