• Alleged member of ShinyHunters group extradited to the US, could face 116 years in jail
    by Pierluigi Paganini on January 29, 2023 at 8:54 pm

    An alleged member of the ShinyHunters cybercrime gang has been extradited from Morocco to the United States. Sebastien Raoult, a French national who is suspected of being a member of ShinyHunters cybercrime gang known as “Seyzo Kaizen,” has been extradited from Morocco to the United States. The 22-year-old man was arrested in Morocco at Rabat The post Alleged member of ShinyHunters group extradited to the US, could face 116 years in jail appeared first on Security Affairs.

  • Pro-Russia group Killnet targets Germany due to its support to Ukraine
    by Pierluigi Paganini on January 29, 2023 at 7:40 pm

    Pro-Russia group Killnet launched last week DDoS attacks against the websites of German airports, administration bodies, and banks. The Pro-Russia group Killnet is behind the DDoS attacks that last week hit the websites of German airports, administration bodies, and banks. The attacks are the hacktivists’ response to the German government’s decision to send Leopard 2 tanks to The post Pro-Russia group Killnet targets Germany due to its support to Ukraine appeared first on Security Affairs.

  • Security Affairs newsletter Round 404 by Pierluigi Paganini
    by Pierluigi Paganini on January 29, 2023 at 3:16 pm

    A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Copycat Criminals mimicking Lockbit gang in northern Europe Sandworm APT targets Ukraine with new SwiftSlicer wiper The post Security Affairs newsletter Round 404 by Pierluigi Paganini appeared first on Security Affairs.

  • Watch out! Experts plans to release VMware vRealize Log RCE exploit next week
    by Pierluigi Paganini on January 29, 2023 at 2:37 pm

    Horizon3’s Attack Team made the headlines again announcing the releasse of a PoC exploit code for remote code execution in VMware vRealize Log. Researchers from the Horizon3’s Attack Team announced the release of PoC exploit code for remote code execution in VMware vRealize Log. The PoC exploit code will trigger a series of flaws in The post Watch out! Experts plans to release VMware vRealize Log RCE exploit next week appeared first on Security Affairs.

  • Copycat Criminals mimicking Lockbit gang in northern Europe
    by Pierluigi Paganini on January 28, 2023 at 9:58 pm

    Recent reports of Lockbit locker-based attacks against North European SMBs indicate that local crooks started using Lockbit locker variants. Executive Summary Incident Insights Recently, there has been a significant increase in ransomware attacks targeting companies in northern Europe. These attacks are being carried out using the LockBit locker, which is known to be in use The post Copycat Criminals mimicking Lockbit gang in northern Europe appeared first on Security Affairs.

  • Sandworm APT targets Ukraine with new SwiftSlicer wiper
    by Pierluigi Paganini on January 28, 2023 at 8:53 pm

    Russia-linked Sandworm APT group is behind a new Golang-based wiper, tracked as SwiftSlicer, that hit Ukraine, ESET reports. Researchers from ESET discovered a new Golang-based wiper, dubbed SwiftSlicer, that was used in attacks aimed at Ukraine. The experts believe that the Russia-linked APT group Sandwork (aka BlackEnergy and TeleBots) is behind the wiper attacks. The Sandworm group has been The post Sandworm APT targets Ukraine with new SwiftSlicer wiper appeared first on Security Affairs.

  • ISC fixed high-severity flaws in DNS software suite BIND
    by Pierluigi Paganini on January 28, 2023 at 11:22 am

    The latest BIND updates patch multiple remotely exploitable vulnerabilities that could lead to denial-of-service (DoS). BIND is a suite of software for interacting with the Domain Name System (DNS) maintained by the Internet Systems Consortium (ISC). The ISC released security patches to address multiple high-severity denial-of-service DoS vulnerabilities in the DNS software suite. Threat actors can exploit The post ISC fixed high-severity flaws in DNS software suite BIND appeared first on Security Affairs.

  • Patch management is crucial to protect Exchange servers, Microsoft warns
    by Pierluigi Paganini on January 27, 2023 at 10:42 pm

    Microsoft warns customers to patch their Exchange servers because attackers always look to exploit unpatched installs. Microsoft published a post to urge its customers to protect their Exchange servers because threat actors actively attempt to exploit vulnerabilities in unpatched installs. The IT giant recommends installing the latest available Cumulative Update (CU) and Security Update (SU) The post Patch management is crucial to protect Exchange servers, Microsoft warns appeared first on Security Affairs.

  • BrandPost: Understanding Device and Infrastructure Attacks: Exploring the Microsoft Digital Defense Report 2022
    by Brand Post on January 27, 2023 at 8:06 pm

    The Microsoft Digital Defense Report explores the most pressing cyber threats as they relate to cybercrime, nation-state threats, devices and infrastructure, cyber-influence operations, and cyber resiliency. Based on intelligence from 43 trillion security signals daily, this report offers insight and guidance on how organizations can help strengthen their cyber defenses. In this post, we will take a deeper look at section two of the report. Keep reading for our findings, and download the full Microsoft Digital Defense Report for even more insights. To read this article in full, please click here

  • Multiple Vulnerabilities Found In Healthcare Software OpenEMR
    on January 27, 2023 at 6:00 pm

    Two of these vulnerabilities combined could lead to unauthenticated remote code execution