American fast-fashion firm Hot Topic hit by credential stuffing attacks
Security Affairs
by Pierluigi Paganini
29m ago
Hot Topic suffered credential stuffing attacks that exposed customers’ personal information and partial payment data. Hot Topic, Inc. is an American fast-fashion company specializing in counterculture-related clothing and accessories, as well as licensed music. The company was the victim of credential stuffing attacks against its website and mobile application on November 18-19 and November 25, 2023. The attackers detected suspicious login activity to certain Hot Topic Rewards accounts. Threat actors obtained valid account credentials obtained from an unknown ..read more
Visit website
Cisco addressed high-severity flaws in IOS and IOS XE software
Security Affairs
by Pierluigi Paganini
13h ago
Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to trigger a denial-of-service (DoS) condition. Cisco this week released patches to address multiple IOS and IOS XE software vulnerabilities. An unauthenticated attacker can exploit several issues fixed by the IT giant to cause a denial-of-service (DoS) condition. Below are the most severe issues addressed by the company: CVE-2024-20311 (CVSS score 8.6) – A vulnerability in the Locator ID Separation Protocol (LISP) feature of Cisco IOS Software and Cisco IOS XE Software. An unauthenticated, remote attacke ..read more
Visit website
Google: China dominates government exploitation of zero-day vulnerabilities in 2023
Security Affairs
by Pierluigi Paganini
19h ago
Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. Google’s Threat Analysis Group (TAG) and its subsidiary Mandiant reported that in 2023 97 zero-day vulnerabilities were exploited in attacks, while in 2022 the actively exploited zero-day flaws were 62. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. In 2023, the researchers observed 36 zero-day vulnerabilities exploited in the wild targeting enterprise-specific technologies, while 61 vulnerabilities affected ..read more
Visit website
Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024
Security Affairs
by Pierluigi Paganini
1d ago
Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during the Pwn2Own Vancouver 2024. Google addressed several vulnerabilities in the Chrome web browser this week, including two zero-day vulnerabilities, tracked as CVE-2024-2886 and CVE-2024-2887, which were demonstrated during the Pwn2Own Vancouver 2024 hacking competition. The high-severity vulnerability CVE-2024-2886 is a use after free issue that resides in the WebCodecs. The flaw was demonstrated by Seunghyun Lee (@0x10n) of KAIST Hacking Lab during the Pwn2Own 2024. The high-serverity vuln ..read more
Visit website
INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland
Security Affairs
by Pierluigi Paganini
1d ago
The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening to leak three terabytes of alleged stolen data. The INC Ransom extortion gang added the National Health Service (NHS) of Scotland to the list of victims on its Tor leak site. The cybercrime group claims to have stolen three terabytes of data and is threatening to leak them. Scotland’s NHS, or National Health Service, is the publicly funded healthcare system serving Scotland. It provides a wide range of healthcare services, including hospitals, general practitioners (GPs), mental hea ..read more
Visit website
CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog
Security Affairs
by Pierluigi Paganini
2d ago
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the 2023 Pwn2Own to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-24955 Microsoft SharePoint Server Code Injection Vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. Microsoft addressed the remote code execution flaw in SharePoint Server, tracked as CVE-2023-24955 (CVSS Score 7.2), in May 2023. The Star Labs team demonstrated the vulnerability at the Pwn2Own Van ..read more
Visit website
The DDR Advantage: Real-Time Data Defense
Security Affairs
by Pierluigi Paganini
2d ago
This is the advantage of Data Detection and Response (DDR) for organizations aiming to build a real-time data defense. In cybersecurity, and in life, by the time you find out that something went wrong it is often too late. The advantage of Data Detection and Response (DDR) is that you no longer have to wait until the milk is spilled. With DDR, your organization can have real-time data defense. Here’s how it works. What is Data Detection and Response (DDR)? And why do we need it? Before you think, “Oh no, not another –DR acronym,” and keep scrolling – wait. Data Detection and Response is in a c ..read more
Visit website
Finnish police linked APT31 to the 2021 parliament attack
Security Affairs
by Pierluigi Paganini
2d ago
The Finnish Police attributed the attack against the parliament that occurred in March 2021 to the China-linked group APT31. The Finnish Police attributed the March 2021 attack on the parliament to the China-linked group APT31. The Finnish authorities investigated multiple offenses, including aggravated espionage, aggravated unlawful access to an information system, and aggravated violation of the secrecy of communications. According to the police, the offences were committed between autumn 2020 and early 2021. The police immediately suspected the involvement of the China-linked cyberespionage ..read more
Visit website
TheMoon bot infected 40,000 devices in January and February
Security Affairs
by Pierluigi Paganini
3d ago
A new variant of TheMoon malware infected thousands of outdated small office and home office (SOHO) routers and IoT devices worldwide. The Black Lotus Labs team at Lumen Technologies uncovered an updated version of “TheMoon” bot targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices. The new version of the bot has been spotted infecting thousands of outdated devices in 88 countries. The activity of the TheMoon botnet was first spotted in 2014, and since 2017 its operators added to the code of the bot at least 6 IoT device exploits. The botnet targeted broa ..read more
Visit website
UK, New Zealand against China-linked cyber operations
Security Affairs
by Pierluigi Paganini
3d ago
UK, Australia and New Zealand are accusing China-linked threat actors of cyber operations against UK institutions and parliamentarians. GCHQ’s National Cyber Security Centre believes that China-linked cyberespionage group APT31 was responsible for cyber attacks against UK parliamentarians’ emails in 2021. The UK intelligence believes that China-linked threat actors also compromised the UK Electoral Commission’s systems in a separate campaign. “The UK government has called out China state-affiliated actors today (Monday) for carrying out malicious cyber activity targeting UK instituti ..read more
Visit website

Follow Security Affairs on FeedSpot

Continue with Google
Continue with Apple
OR