Security Affairs
6,342 FOLLOWERS
This website is dedicated to everything digital forensics, from hacking to cybersecurity. Every day, readers can get new information on the digital forensics front often with headlines pulled straight from top-tier media. This site also touts a large database of research on cyber threats, from international security spending to the most damaging cyber attacks of the year.
Security Affairs
4h ago
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog:
CVE-2024-20353 Cisco ASA and FTD Denial of Service Vulnerability
CVE-2024-20359 Cisco ASA and FTD Privilege Escalation Vulnerability
CVE-2024-4040 CrushFTP VFS Sandbox Escape Vulnerability
Cisco Talos this week warned that the nation-state actor UAT4356 (aka STORM-1849) has been exploiting two zero-day vulnerabil ..read more
Security Affairs
4h ago
U.S. CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
Cisa added the flaw to the KEV catalog after Microsoft reported that the Russia-linked APT28 group (aka “Forest Blizzard”, “Fancybear” or “Strontium” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028.
Si ..read more
Security Affairs
10h ago
The U.S. Department of Justice (DoJ) announced the arrest of two co-founders of a cryptocurrency mixer Samourai.
The U.S. Department of Justice (DoJ) has arrested two co-founders of the cryptocurrency mixer Samourai and seized the service. The allegations include claims of facilitating over $2 billion in illicit transactions and laundering more than $100 million in criminal proceeds.
The duo, Keonne Rodriguez (35) and William Lonergan Hill (65), are charged with operating Samourai Wallet, which DoJ states is an unlicensed money-transmitting business.
Keonne Rodriguez was the Chief Executi ..read more
Security Affairs
13h ago
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics layer engine.
Google addressed four vulnerabilities in the Chrome web browser, including a critical vulnerability tracked as CVE-2024-4058.
The vulnerability CVE-2024-4058 is a Type Confusion issue that resides in the ANGLE graphics layer engine. An attacker can exploit this vulnerability to execute arbitrary code on a victim’s machine.
This critical flaw was reported by Toan (suto) Pham and Bao (zx) Pham of Qrious Secure on 2024-04-02, the researchers have been awarded a $16,000 boun ..read more
Security Affairs
1d ago
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November 2023 to breach government networks.
Cisco Talos warned that the nation-state actor UAT4356 (aka STORM-1849) has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide.
Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor.
Early in 2024, a customer contacted Cisco to report a suspicious related to its Cisco Adaptive Security Appliances (ASA ..read more
Security Affairs
1d ago
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute backdoors and cryptocurrency miners.
Avast researchers discovered and analyzed a malware campaign that exploited the update mechanism of the eScan antivirus to distribute backdoors and crypto miners.
Threat actors employed two different types of backdoors and targeted large corporate networks
The researchers believe the campaign could be attributed to North Korea-linked AP Kimsuky. The final payload distributed by GuptiMiner was also XMRig.
“GuptiMiner is a highly sophisticated threat that uses a ..read more
Security Affairs
2d ago
The Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their role in cyberattacks against the U.S..
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions on four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies. OFAC has also sanctioned two front companies, Mehrsam Andisheh Saz Nik (MASN) and Dadeh Afzar Arman (DAA) linked to the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC).
The Iranian Islamic Revolu ..read more
Security Affairs
2d ago
A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all day and severely impacted the council’s operations
The Leicester City Council suffered a cyber attack that severely impacted the authority’s services in March and led to the leak of confidential documents. The ransomware group behind the attack leaked multiple documents, including rent statements and applications to buy council houses. The attack occurred on March 7 and crippled the city council’s IT systems.
Some lights have been stuck in all day due to the cyber attack and ..read more
Security Affairs
2d ago
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities.
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting defense industry entities to steal defense technology information.
North Korea-linked APT groups Lazarus, Andariel, and Kimsuky hacked multiple defense companies in South Korea, reported the National Police Agency.
The state-sponsored hackers hacked into the subcontractors of defense companies by exploiting vulnerabilities in the targeted systems and deployed malware.
“N ..read more
Security Affairs
3d ago
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the commercial spyware business.
The US Department of State is imposing visa restrictions on 13 individuals involved in the development and sale of commercial spyware or their immediate family members. The measure aims to counter the misuse of surveillance technology targeting journalists, academics, human rights defenders, dissidents, and US Government personnel, as documented in the Country Reports on Human Rights Practices.
“the Department is taking steps to impose visa restrictions on 13 individual ..read more