Netgear Routers’ Flaws Expose Users to Malware, Remote Attacks, and Surveillance
As many as five security flaws have been disclosed in Netgear RAX30 routers that could be chained to bypass authentication and achieve remote code execution. « Successful exploits could allow attackers to monitor users’ internet activity, hijack internet connections, and redirect traffic to malicious websites or inject malware into network traffic, » Claroty security researcher Uri Katz said in […]
Assurance cyber : le cas des opérateurs de services essentiels
Quelle demande pour les assurances cyber en Europe ? L’ENISA donne à voir le phénomène sous le prisme des OSE.
XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks
Cybersecurity researchers have discovered an ongoing phishing campaign that makes use of a unique attack chain to deliver the XWorm malware on targeted systems. Securonix, which is tracking the activity cluster under the name MEME#4CHAN, said some of the attacks have primarily targeted manufacturing firms and healthcare clinics located in Germany. « The attack campaign has been leveraging rather
New Variant of Linux Backdoor BPFDoor Uncovered After Years of Staying Under the Radar
A previously undocumented and mostly undetected variant of a Linux backdoor called BPFDoor has been spotted in the wild, cybersecurity firm Deep Instinct said in a technical report published this week. « BPFDoor retains its reputation as an extremely stealthy and difficult-to-detect malware with this latest iteration, » security researchers Shaul Vilkomir-Preisman and Eliran Nissan said. BPFDoor (
Solving Your Teams Secure Collaboration Challenges
In today’s interconnected world, where organisations regularly exchange sensitive information with customers, partners and employees, secure collaboration has become increasingly vital. However, collaboration can pose a security risk if not managed properly. To ensure that collaboration remains secure, organisations need to take steps to protect their data. Since collaborating is essential for
Vulnérabilités : trois 0day à corriger d’urgence
Microsoft élimine trois 0days dans Windows, deux sont utilisés dans des cyber attaques.
Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability
U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware Gang that attempt to exploit vulnerable PaperCut servers against the education facilities sector in the country. The attacks took place in early May 2023, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) […]
Severe Security Flaw Exposes Over a Million WordPress Sites to Hijack
A security vulnerability has been disclosed in the popular WordPress plugin Essential Addons for Elementor that could be potentially exploited to achieve elevated privileges on affected sites. The issue, tracked as CVE-2023-32243, has been addressed by the plugin maintainers in version 5.7.2 that was shipped on May 11, 2023. Essential Addons for Elementor has over one million […]
New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
A previously undetected advanced persistent threat (APT) actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020. « Military, transportation, and critical infrastructure were some of the entities being targeted, as well as some involved in the September East Ukraine referendums, » Malwarebytes disclosed in a report published today. « Depending on the campaign,
Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
The National Police of Spain said it arrested 40 individuals for their alleged involvement in an organized crime gang called Trinitarians. Among those apprehended include two hackers who carried out bank scams through phishing and smishing techniques and 15 other members of the crime syndicate, who have all been charged with a number of offenses […]