Lucene search
K

773 matches found

The Hacker News
The Hacker News
added 2023/08/17 5:10 a.m.88 views

CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 CVSS score: 9.8, the...

9.8CVSS10AI score0.99445EPSS
Exploits18
Schneier on Security
Schneier on Security
added 2023/08/16 11:17 a.m.18 views

UK Electoral Commission Hacked

The UK Electoral Commission discovered last year that it was hacked the year before. Thats fourteen months between the hack and the discovery. It doesnt know who was behind the hack. We worked with external security experts and the National Cyber Security Centre to investigate and secure our...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/11 9:40 a.m.46 views

New SystemBC Malware Variant Targets Southern African Power Company

An unknown threat actor has been linked to a cyber attack on a power generation company in southern Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack. "The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a sout...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/09 6:30 a.m.36 views

U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons

The U.K. Electoral Commission on Tuesday disclosed a "complex" cyber attack on its systems that went undetected for over a year, allowing the threat actors to access years worth of voter data belonging to 40 million people. "The incident was identified in October 2022 after suspicious activity wa...

6.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/09 1:0 a.m.16 views

Voter data stolen in UK Electoral Commission systems breach

The UK's Electoral Commission has revealed it suffered a compromise which has the potential to expose aspects of registered voters' data. While much of this data may already be public, there are some privacy and safety concerns to consider. First of all, lets take a look at whats been affected. T...

7AI score
Exploits0
hivepro
hivepro
added 2023/08/04 4:40 a.m.4 views

STARK#MULE Targets South Korea with US Military-themed Baits

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The STARKMULE cyber attack campaign is ongoing, with a focus on targeting Korean-speaking individuals. It employs U.S. Military-themed document baits to deceive its targets, leading them into unwittingly...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/07/31 6:15 p.m.15 views

Supply chain attacks disrupt emergency services communications

A supply chain attack rendered two ambulance trusts incapable of accessing electronic patient records in the UK. The two services, which operate in a region of 12 million people, were not targeted directly. Instead, the attack was aimed at a third-party technology provider used by both the South...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/29 4:27 a.m.69 views

Ivanti Warns of Another Endpoint Manager Mobile Vulnerability Under Active Attack

Ivanti has disclosed yet another security flaw impacting Endpoint Manager Mobile EPMM, formerly known as MobileIron Core, that it said has been weaponized as part of an exploit chain by malicious actors in the wild. The new vulnerability, tracked as CVE-2023-35081 CVSS score: 7.8, impacts support...

9.5AI score0.99999EPSS
Exploits14
The Hacker News
The Hacker News
added 2023/07/28 12:57 p.m.29 views

STARK#MULE Targets Koreans with U.S. Military-themed Document Lures

An ongoing cyber attack campaign has set its sights on Korean-speaking individuals by employing U.S. Military-themed document lures to trick them into running malware on compromised systems. Cybersecurity firm Securonix is tracking the activity under the name STARKMULE. The scale of the attacks i...

7AI score
Exploits0
Krebs on Security
Krebs on Security
added 2023/07/13 9:45 p.m.23 views

SEO Expert Hired and Fired By Ashley Madison Turned on Company, Promising Revenge

This is Part II of a story published here last week on reporting that went into a new Hulu documentary series on the 2015 Ashley Madison hack. It was around 9 p.m. on Sunday, July 19, when I received a message through the contact form on KrebsOnSecurity.com that the marital infidelity website...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/07/12 10:45 a.m.21 views

Microsoft Thwarts Chinese Cyber Attack Targeting Western European Governments

Microsoft on Tuesday revealed that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations, some of which include government agencies, in a cyber espionage campaign designed to acquire confidential data. The attacks, which commenced on May 15, 2023,...

7AI score
Exploits0
HackRead
HackRead
added 2023/07/10 10:33 a.m.15 views

Hackers Exploit Flaws in Revolut’s Payment System, Stealing $20 Million

By Waqas Revolut has not yet issued an official statement regarding the cyber attack. This is a post from HackRead.com Read the original post: Hackers Exploit Flaws in Revoluts Payment System, Stealing $20 Million...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/21 3:0 a.m.15 views

Ransomware attackers email bemused students as leverage for a payout

The University of Manchester has fallen victim to a ransomware gang, who are currently applying an interesting twist to their attack. Blackmail and pressure are two ways to extract funds from potential victims. We see this in sextortion cases, as well as in social engineering. Here, the fraudster...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/20 11:55 a.m.38 views

Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer

A highly targeted cyber attack against an East Asian IT company involved the deployment of a custom malware written in Golang called RDStealer. "The operation was active for more than a year with the end goal of compromising credentials and data exfiltration," Bitdefender security researcher Vict...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/06/20 2:0 a.m.23 views

Black Cat ransomware group wants $4.5m from Reddit or will leak stolen files

The ramifications of a Reddit breach which occurred back in February are now being felt, with the attackers threatening to leak the stolen data. The February attack, billed as a "sophisticated phishing campaign" by Reddit, involved an attempt to swipe credentials and two-factor authentication...

10AI score
Exploits0
HackRead
HackRead
added 2023/06/13 4:36 p.m.11 views

UK’s Ofcom confirms cyber attack as PoC exploit for MOVEit is released

By Waqas Ofcom, the UK communications regulator, is the latest victim of the infamous Cl0p extortion gang, who have been exploiting MOVEit vulnerabilities to target high-profile firms. This is a post from HackRead.com Read the original post: UKs Ofcom confirms cyber attack as PoC exploit for MOVE...

7.2AI score
Exploits0
HackRead
HackRead
added 2023/06/07 7:19 p.m.15 views

Deepfake Cyber Attack Hits Russia: Fake Putin Message Broadcasted

By Waqas Initially, reports suggested that only radio messages were affected. However, subsequent investigations and recordings revealed that the fraudulent messages were also displayed on television screens. This is a post from HackRead.com Read the original post: Deepfake Cyber Attack Hits...

7AI score
Exploits0
HackRead
HackRead
added 2023/06/05 5:50 p.m.10 views

British Airways, BBC and Boots Hit by Suspected Russian Cyber Attack

By Waqas Reportedly, the hackers gained unauthorized access to sensitive data by exploiting a backdoor in MOVEit, a file transfer software used by Zellis. This is a post from HackRead.com Read the original post: British Airways, BBC and Boots Hit by Suspected Russian Cyber Attack...

6.8AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/06/02 12:0 a.m.8 views

The vulnerability of Cisco SD-WAN vEdge router microprogramming software, related to the execution of operations outside the buffer in memory, allows a attacker to cause service failure.

The vulnerability of Cisco SD-WAN vEdge microprogramming software relates to the execution of operations outside the buffer in memory when handling traffic. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

7.8CVSS7.5AI score0.0122EPSS
Exploits0References2Affected Software2
Schneier on Security
Schneier on Security
added 2023/05/31 2:53 p.m.15 views

Chinese Hacking of US Critical Infrastructure

Everyone is writing about an interagency and international report on Chinese hacking of US critical infrastructure. Lots of interesting details about how the group, called Volt Typhoon, accesses target networks and evades detection...

7.1AI score
Exploits0
Rows per page
Query Builder