-
Asian Hotels (North) Limited Announces Q3 FY23 Results
The company reported a 22.2% YoY increase in revenue, primarily driven by strong demand in the hospitality sector.
-
Asian Hotels (North) Limited Partners with OYO Rooms to Expand Market Reach
The partnership is expected to increase the company's presence in the budget and mid-market hotel segment.
-
Asian Hotels (North) Limited to Invest in New Hotel Projects
The company plans to invest in several new hotel projects across India to capitalize on the growing demand for luxury and upscale accommodations.
-
Asian Hotels (North) Limited Q3FY23 Results: Net Profit Jumps 143% to Rs 185.06 Crore
Asian Hotels (North) Limited (AHNL), a leading hospitality company in North India, reported strong financial results for the third quarter ended December 31, 2022.
-
Asian Hotels (North) Limited Signs Agreement to Acquire 100% Stake in The Roseate, New Delhi
Asian Hotels (North) Limited (AHNL), a leading hospitality company in North India, has signed an agreement to acquire a 100% stake in The Roseate, New Delhi, a luxury hotel located in the heart of the city.
-
Asian Hotels (North) Limited Appoints Mr. Pradeep Sarin as Non-Executive Director
Asian Hotels (North) Limited (AHNL) has announced the appointment of Mr. Pradeep Sarin as an additional non-executive director to the company's board of directors.
-
Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Infosys McCami…
-
A cyberattack shut down the University Hospital Centre Zagreb in Croatia
A cyber attack started targeting the University Hospital Centre Zagreb (KBC Zagreb) on Wednesday night, reported the Croatian Radiotelevision. A cyber attack began targeting the University Hospital Centre Zagreb (KBC Zagreb), the largest Croatian hospital, on…
-
Why Poland Has Become a Gateway to Europe for Filipinos
Thousands of jobseekers have flocked to the country, but faced with low wages and poor working conditions, some are leaving to try their luck in other parts of Europe.
-
US announces a $10M reward for Russia’s GRU hacker behind attacks on Ukraine
The US DoJ announced charges against a member of Russia’s military intelligence service GRU for conducting wiper attacks on Ukraine in 2022. The US Department of Justice (DoJ) announced charges against Russian national Amin Timovich Stigal, who is a member of…
-
LockBit group wrongly claimed the hack of the Federal Reserve
The LockBit ransomware group seems to have lied when they announced the hack of the US Federal Reserve. The real victim is the Evolve Bank. The LockBit ransomware group hasn’t hacked the Federal Reserve as it has recently claimed, the real victim is the Evolv…
-
CISA adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds GeoSolutionsGroup JAI-EXT, Linux Kernel, and Roundcube Webmail bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the fo…
-
New MOVEit Transfer critical bug is actively exploited
Experts warn of active exploitation of a critical authentication bypass vulnerability in MOVEit Transfer file transfer software. Progress Software addressed two critical authentication bypass vulnerabilities, tracked as CVE-2024-5805 and CVE-2024-5806, affect…
-
New Caesar Cipher Skimmer targets popular CMS used by e-stores
A new e-skimmer called Caesar Cipher Skimmer is used to compromise multiple CMS, including WordPress, Magento, and OpenCart. Sucuri researchers discovered a new e-skimmer, called Caesar Cipher Skimmer, that was used in recent weeks to target users of e-stores…
-
Mirai-like botnet is exploiting recently disclosed Zyxel NAS flaw
Researchers warn that a Mirai-based botnet is exploiting a recently disclosed critical vulnerability in EoL Zyxel NAS devices. Researchers at the Shadowserver Foundation warn that a Mirai-based botnet has started exploiting a recently disclosed vulnerability …
-
Wikileaks founder Julian Assange is free
WikiLeaks founder Julian Assange has been released in the U.K. and has left the country after five years in Belmarsh prison. Julian Assange is free after five years in Belmarsh prison, the WikiLeaks founder has been released in the U.K. and is flying to the i…
-
Threat actors compromised 1,590 CoinStats crypto wallets
Threat actors breached 1,590 cryptocurrency wallets of the cryptocurrency portfolio management and tracking platform CoinStats. The cryptocurrency portfolio management and tracking platform CoinStats suffered a massive security breach. Alleged North Korea thr…
-
Experts observed approximately 120 malicious campaigns using the Rafel RAT
Multiple threat actors are using an open-source Android remote administration tool called Rafel RAT to target Android Devices. Check Point Research identified multiple threat actors using Rafel, an open-source remote administration tool (RAT). The researchers…
-
Experts observed approximately 120 malicious campaigns using the Rafel RAT
Multiple threat actors are using an open-source Android remote administration tool called Rafel RAT to target Android Devices. Check Point Research identified multiple threat actors using Rafel, an open-source remote administration tool (RAT). The researchers…
-
LockBit claims the hack of the US Federal Reserve
The Lockbit ransomware group announced that it had breached the US Federal Reserve and exfiltrated 33 TB of sensitive data. The Lockbit ransomware group announced that it had breached the systems of Federal Reserve of the United States and exfiltrated 33 TB o…
-
Ransomware threat landscape Jan-Apr 2024: insights and challenges
Between Jan and Apr 2024, the global ransomware landscape witnessed significant activity, with 1420 ransomware claims reported worldwide. In the first four months of 2024, the global ransomware landscape witnessed significant activity, with 1420 ransomware cl…
-
ExCobalt Cybercrime group targets Russian organizations in multiple sectors
The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple se…
-
Threat actor attempts to sell 30 million customer records allegedly stolen from TEG
A threat actor is offering for sale customer data allegedly stolen from the Australia-based live events and ticketing company TEG. TEG (Ticketek Entertainment Group) is an Australian company that operates in the live entertainment and ticketing industry. The …
-
Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. US government …
-
Threat actors are actively exploiting SolarWinds Serv-U bug CVE-2024-28995
Threat actors are actively exploiting a recently discovered vulnerability in SolarWinds Serv-U software using publicly available proof-of-concept (PoC) code. Threat actors are actively exploiting a recently discovered vulnerability, tracked as CVE-2024-28995,…
-
Experts found a bug in the Linux version of RansomHub ransomware
The RansomHub ransomware operators added a Linux encryptor to their arsenal, the version targets VMware ESXi environments. RansomHub ransomware operation relies on a new Linux version of the encrypted to target VMware ESXi environments. Although RansomHub onl…
-
UEFICANHAZBUFFEROVERFLOW flaw in Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models
A serious vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI firmware potentially impacts hundreds of PC and server models. Firmware security firm Eclypsium discovered a vulnerability, tracked as CVE-2024-0762 (CVSS of 7.5), in the Phoenix SecureCor…
-
Russia-linked APT Nobelium targets French diplomatic entities
French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information security agency ANSSI reported that Russia-linked APT Nobelium targ…
-
How Lonely Planet Founders Tony and Maureen Wheeler Revolutionized the Way We Travel
On July 4, 1972, a pair of young newlyweds named Tony and Maureen backed out of the driveway of a family home in the south of England. They were driving a used blue minivan that they had bought for the princely sum of £65, and their goal was to get to India. …
-
Atlassian fixed six high-severity bugs in Confluence Data Center and Server
Australian software company Atlassian addressed multiple high-severity vulnerabilities in its Confluence, Crucible, and Jira solutions. Atlassian June 2024 Security Bulletin addressed nine high-severity vulnerabilities in Confluence, Crucible, and Jira produc…
-
China-linked spies target Asian Telcos since at least 2021
A China-linked cyber espionage group has compromised telecom operators in an Asian country since at least 2021. The Symantec Threat Hunter Team reported that an alleged China-linked APT group has infiltrated several telecom operators in a single, unnamed, Asi…
-
New Rust infostealer Fickle Stealer spreads through various attack methods
New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration A new Rust malware called Fickle Stealer spreads through various attack methods and steals sensitive information. Fortinet FortiGuard Labs researchers detected a new Rust-based…
-
An unpatched bug allows anyone to impersonate Microsoft corporate email accounts
A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate emai…
-
Smishing Triad Is Targeting Pakistan To Defraud Banking Customers At Scale
Resecurity researchers warn of a new activity of Smishing Triad, which has expanded its operations to Pakistan. Resecurity has identified a new activity of Smishing Triad, which has expanded its operations to Pakistan. The group’s latest tactic involves sendi…
-
Alleged researchers stole $3 million from Kraken exchange
Alleged researchers have exploited a zero-day in Kraken crypto exchange to steal $3 million worth of cryptocurrency. Kraken Chief Security Officer Nick Percoco revealed that alleged security researchers exploited a zero-day flaw to steal $3 million worth of c…
-
Google Chrome 126 update addresses multiple high-severity flaws
Google released Chrome 126 update that addresses a high-severity vulnerability demonstrated at the TyphoonPWN 2024 hacking competition. Google has issued a Chrome 126 security update, addressing six vulnerabilities, including a flaw, tracked as CVE-2024-6100 …
-
Chip maker giant AMD investigates a data breach
AMD announced an investigation after a threat actor attempted to sell data allegedly stolen from its systems. AMD has launched an investigation after the threat actor IntelBroker announced they were selling sensitive data allegedly belonging to the company. “…
-
[Latest] Global Gym Equipment Market Size/Share Worth USD 27,420.9 Million by 2033 at a 4.8% CAGR: Custom Market Insights (Analysis, Outlook, Leaders, Report, Trends, Forecast, Segmentation, Growth, Growth Rate, Value)
[220+ Pages Latest Report] According to a market research study published by Custom Market Insights, the demand analysis of Global Gym Equipment Market size & share revenue was valued at approximately USD 17,158.1 Million in 2023 and is expected to reach USD …
-
Cryptojacking campaign targets exposed Docker APIs
A malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered a new cryptojacking campaign linked to the attackers behind Spinning YARN campaign. The threat actors target…
-
VMware fixed RCE and privilege escalation bugs in vCenter Server
VMware addressed vCenter Server vulnerabilities that can allow remote code execution or privilege escalation. VMware addressed multiple vCenter Server vulnerabilities that remote attackers can exploit to achieve remote code execution or privilege escalation. …
-
Meta delays training its AI using public content shared by EU users
Meta announced it is postponing the training of its large language models using public content from adult Facebook and Instagram users in the EU. Meta announced it is delaying the training of its large language models (LLMs) using public content shared by adu…
-
Keytronic confirms data breach after ransomware attack
Printed circuit board assembly (PCBA) manufacturer Keytronic disclosed a data breach after a ransomware attack. Keytronic has confirmed a data breach after a ransomware group leaked allegedly stolen personal information from its systems. The company did not p…
-
Share Market Highlights 18th June 2024: Sensex hits new closing peak, Nifty hits record closing high
Sensex, Nifty updates on 18th June 2024: As per provisional figures, Sensex was at 77,308.45, up 315.68 points or 0.41 per cent higher. The Nifty was at 23,560.70, a gain of 95.10 points or 0.41 per cent firmer.
The majority of Nifty sectoral indices were in …
-
Empire Market owners charged with operating $430M dark web marketplace
Federal authorities charged two individuals with operating the dark web marketplace Empire Market that facilitated over $430 million in illegal transactions. Two men, Thomas Pavey (aka “Dopenugget”) and Raheim Hamilton (aka “Sydney” and “Zero Angel”), have be…
-
China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign
Chinese cyberespionage group Velvet Ant was spotted using custom malware to target F5 BIG-IP appliances to breach target networks. In late 2023, Sygnia researchers responded to an incident suffered by a large organization that they attributed to a China-linke…
-
Myanmar’s Conflict Reaches the Doorstep of Bangladesh’s Saint Martin’s Island
Boat transportation to the island has been suspended following gunfire from Myanmar, once again dragging Dhaka into its neighbor's civil war.
-
Thomas Cook India : CRISIL upgrades Thomas Cook India's Rating Outlook to ‘Positive' Reaffirms Company's Ratings at CRISIL AA-/Positive & CRISIL A1+
(marketscreener.com)
CRISIL upgrades Thomas Cook India's Rating Outlook to 'Positive' Reaffirms Company's Ratings at CRISIL AA-/Positive & CRISIL A1+
Reflects significant improvement in Thomas Cook India Group's overall operating performance by 44%…
-
Spanish police arrested an alleged member of the Scattered Spider group
A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of being a key member of the cybercrime group known as Scattered Spi…
-
Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. London…
-
ASUS fixed critical remote authentication bypass bug in several routers
Taiwanese manufacturer giant ASUS addressed a critical remote authentication bypass vulnerability impacting several router models. ASUS addresses a critical remote authentication bypass vulnerability, tracked as CVE-2024-3080 (CVSS v3.1 score: 9.8), impacting…
-
CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the …
-
City of Cleveland still working to fully restore systems impacted by a cyber attack
Early this week, the City of Cleveland suffered a cyber attack that impacted multiple services. The City is working to restore impacted systems. On Monday, the City of Cleveland announced it was the victim of a cyber attack and was forced to take some of its …
-
Two Ukrainians accused of spreading Russian propaganda and hack soldiers’ phones
Ukraine’s security service (SBU) detained two individuals accused of supporting Russian intelligence in spreading propaganda and hacking soldiers’ phones. Ukraine’s security service, the SBU, detained two individuals who are accused of supporting Russian inte…
-
Google fixed an actively exploited zero-day in the Pixel Firmware
Google is warning of a security vulnerability impacting its Pixel Firmware that has been actively exploited in the wild as a zero-day. Google warned of an elevation of privilege vulnerability, tracked as CVE-2024-32896, in the Pixel Firmware, which has been e…
-
Multiple flaws in Fortinet FortiOS fixed
Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue. Fortinet addressed multiple vulnerabilities in FortiOS and other products, including some code execution flaws. The com…
-
CISA adds Arm Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Know…
-
Ukraine Police arrested a hacker who developed a crypter used by Conti and LockBit ransomware operation
The Ukraine cyber police arrested a Russian man for having developed the crypter component employed in Conti and LockBit ransomware operations. The Ukraine cyber police arrested a Russian man (28) for his role in developing a crypter used in Conti and LockBit…
-
JetBrains fixed IntelliJ IDE flaw exposing GitHub access tokens
JetBrains warned to fix a critical vulnerability in IntelliJ integrated development environment (IDE) apps that exposes GitHub access tokens. JetBrains warned customers to address a critical vulnerability, tracked as CVE-2024-37051, that impacts users of its …
-
Microsoft Patch Tuesday security updates for June 2024 fixed only one critical issue
Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities, only one of them is a publicly disclosed zero-day flaw. Microsoft Patch Tuesday security updates for June 2024 addressed 49 vulnerabilities in Windows and Windows Components;…
-
Cylance confirms the legitimacy of data offered for sale in the dark web
A threat actor is selling the data belonging to BlackBerry’s Cylance cybersecurity unit, he demanded $750,000. A threat actor, that goes online with the moniker Sp1d3r, is selling the stolen data for $750,000. The data includes 34 million customer and employe…
-
Arm zero-day in Mali GPU Drivers actively exploited in the wild
Semiconductor and software design company Arm warns of an actively exploited zero-day vulnerability in Mali GPU Kernel Driver. Arm is warning of an actively exploited zero-day vulnerability, tracked as CVE-2024-4610, in Mali GPU Kernel Driver. The vulnerabili…
-
Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. Patch it now!
A proof-of-concept (PoC) exploit code for a Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 is publicly available. Researcher Sina Kheirkha analyzed the Veeam Backup Enterprise Manager authentication bypass flaw CVE-2024-29849 and a …
-
Japanese video-sharing platform Niconico was victim of a cyber attack
The Japanese video-sharing platform, Niconico, was forced to suspend its services following a cybersecurity incident. The Japanese video-sharing platform, Niconico, temporarily suspended its services following a large-scale cyberattack on June 8, 2024. “Due t…
-
Christie’s data breach impacted 45,798 individuals
Auction house Christie’s revealed that the data breach caused by the recent ransomware attack impacted 45,000 individuals. At the end of May, the auction house Christie’s disclosed a data breach after the ransomware group RansomHub threatened to leak stolen d…
-
Sticky Werewolf targets the aviation industry in Russia and Belarus
Morphisec researchers observed a threat actor, tracked as Sticky Werewolf, targeting entities in Russia and Belarus. Sticky Werewolf is a threat actor that was first spotted in April 2023, initially targeting public organizations in Russia and Belarus. The gr…
-
Frontier Communications data breach impacted over 750,000 individuals
Frontier Communications is notifying over 750,000 individuals that their personal information was stolen in a recent cyber attack. Last week, the RansomHub ransomware group claimed to have stolen the information of over 2 million customers from the American t…
-
PHP addressed critical RCE flaw potentially impacting millions of servers
A new PHP for Windows remote code execution (RCE) flaw affects version 5.x and earlier versions, potentially impacting millions of servers worldwide. Researchers at cybersecurity firm DEVCORE discovered a critical remote code execution (RCE) vulnerability, tr…
-
Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New Yo…
-
New York Times source code compromised via exposed GitHub token
The source code and data of The New York Times leaked on the 4chan was stolen from the company’s GitHub repositories in January 2024. This week, VX-Underground first noticed that the internal data of The New York Times was leaked on 4chan by an anonymous user…
-
SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform
SolarWinds addressed multiple vulnerabilities in Serv-U and the SolarWinds Platform, including a bug reported by a pentester working with NATO. SolarWinds announced security patches to address multiple high-severity vulnerabilities in Serv-U and the SolarWind…
-
Pandabuy was extorted twice by the same threat actor
Chinese shopping platform Pandabuy previously paid a ransom demand to an extortion group that extorted the company again this week. The story of the attack against the Chinese shopping platform Pandabuy demonstrates that paying a ransom to an extortion group …
-
UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces
Ukraine CERT-UA warned of cyber attacks targeting defense forces with SPECTR malware as part of a cyber espionage campaign dubbed SickSync. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber espionage campaign targeting defense forces i…
-
Chinese threat actor exploits old ThinkPHP flaws since October 2023
Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2…
-
A new Linux version of TargetCompany ransomware targets VMware ESXi environments
A new Linux variant of the TargetCompany ransomware family targets VMware ESXi environments using a custom shell script. A new variant of the TargetCompany ransomware group uses a custom shell script as a means of payload delivery and execution, this is the f…
-
RansomHub operation is a rebranded version of the Knight RaaS
Researchers believe the RansomHub ransomware-as-a-service is a rebranded version of the Knight ransomware operation. Cybersecurity experts who analyzed the recently emerged ransomware operation RansomHub speculate that is is a rebranded version of Knight rans…
-
Malware can steal data collected by the Windows Recall tool, experts warn
Cybersecurity researchers demonstrated how malware could potentially steal data collected by the new Windows Recall tool. The Recall feature of Microsoft Copilot+ is an AI-powered tool designed to help users search for past activities on their PC. The data co…
-
Cisco addressed Webex flaws used to compromise German government meetings
Cisco addressed vulnerabilities that were exploited to compromise the Webex meetings of the German government. In early May, German media outlet Zeit Online revealed that threat actors exploited vulnerabilities in the German government’s implementation of the…
-
CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs
A vulnerability in the popular video-sharing platform TikTok allowed threat actors to take over the accounts of celebrities. Threat actors exploited a zero-day vulnerability in the video-sharing platform TikTok to hijack high-profile accounts. The vulnerabili…
-
Zyxel addressed three RCEs in end-of-life NAS devices
Zyxel Networks released an emergency security update to address critical vulnerabilities in end-of-life NAS devices. Zyxel Networks released an emergency security update to address three critical flaws in some of its NAS devices that have reached end-of-life.…
-
A ransomware attack on Synnovis impacted several London hospitals
A ransomware attack that hit the provider of pathology and diagnostic services Synnovis severely impacted the operations of several London hospitals. A ransomware attack on pathology and diagnostic services provider Synnovis has severely impacted the operatio…
-
RansomHub gang claims the hack of the telecommunications giant Frontier Communications
The RansomHub ransomware group added the American telecommunications company Frontier Comunications to the list of victims on its Tor leak site. The RansomHub ransomware group claimed to have stolen the information of over 2 million customers from the America…
-
Cybercriminals attack banking customers in EU with V3B phishing kit – PhotoTAN and SmartID supported.
Resecurity uncovered a cybercriminal group that is providing a sophisticated phishing kit, named V3B, to target banking customers in the EU. Resecurity has uncovered a new cybercriminal group providing Phishing-as-a-Service (PhaaS) platform that is equipping …
-
Experts released PoC exploit code for a critical bug in Progress Telerik Report Servers
Researchers published a PoC exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers. Researchers published a proof-of-concept (PoC) exploit code for an authentication bypass vulnerability on Progress Telerik Report Servers. …
-
Multiple flaws in Cox modems could have impacted millions of devices
Researcher discovered several authorization bypass vulnerabilities in Cox modems that potentially impacted millions of devices. The security researcher Sam Curry discovered multiple issues in Cox modems that could have been exploited to modify the settings of…
-
CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog
CISA adds Oracle WebLogic Server OS command injection vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Oracle WebLogic Server vulnerability to its Known Exploited Vulnerabi…
-
Spanish police shut down illegal TV streaming network
Spanish police dismantled a pirated TV streaming network that allowed its operators to earn over 5,300,000 euros since 2015. The Spanish National Police dismantled a network that illicitly distributed audiovisual content, earning over 5,300,000 euros since 20…
-
APT28 targets key networks in Europe with HeadLace malware
Russia-linked APT28 used the HeadLace malware and credential-harvesting web pages in attacks against networks across Europe. Researchers at Insikt Group observed Russian GRU’s unit APT28 targeting networks across Europe with information-stealer Headlace and c…
-
FlyingYeti targets Ukraine using WinRAR exploit to deliver COOKBOX Malware
Russia-linked threat actor FlyingYeti is targeting Ukraine with a phishing campaign to deliver the PowerShell malware COOKBOX. Cloudflare researchers discovered phishing campaign conducted by a Russia-linked threat actor FlyingYeti (aka UAC-0149) targeting Uk…
-
Security Affairs newsletter Round 474 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ticket…
-
Ticketmaster confirms data breach impacting 560 million customers
Ticketmaster owner Live Nation confirmed the Ticketmaster data breach that compromised the data of 560 million customers. ShinyHunters, the current administrator of BreachForums, recently claimed the hack of Ticketmaster and offered for sale 1.3 TB of data, i…
-
Critical Apache Log4j2 flaw still threatens global finance
The vulnerability CVE-2021-44832 is Apache Log4j2 library is still a serious problem for multiple industries, expert warns it threatens global Finance. The independent cyber threat intelligence analyst Anis Haboubi warns of a severe logging configuration flaw…
-
Crooks stole more than $300M worth of Bitcoin from the exchange DMM Bitcoin
Crooks stole approximately 48.2 billion yen ($304 million) worth of Bitcoin from the Japanese cryptocurrency exchange DMM Bitcoin. The Japanese cryptocurrency exchange DMM Bitcoin announced that crooks stole 4,502.9 Bitcoin (BTC), approximately $304 million (…
-
ShinyHunters is selling data of 30 million Santander customers
The threat actor ShinyHunters claims breach of Santander and is offering for sale bank data, including information for 30 million customers. A notorious threat actor ShinyHunters is offering a huge trove of data allegedly stolen from the Santander Bank for sa…
-
The Best Bang for Your Buck Events in Portland This Weekend
Starlight Parade, Pedalpalooza Kick-Off Ride, and More Cheap & Easy Events Under $15
by EverOut Staff
If an easy, breezy weekend is what you're after, we've got all the makings here, with events from the CareOregon Starlight Parade to Pedalpalooza's…
-
LilacSquid APT targeted organizations in the U.S., Europe, and Asia since at least 2021
A previously undocumented APT group tracked as LilacSquid targeted organizations in the U.S., Europe, and Asia since at least 2021. Cisco Talos researchers reported that a previously undocumented APT group, tracked as LilacSquid, conducted a data theft campai…