Cybersecurity News.

"Gamaredon hackers start stealing data 30 minutes after a breach."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 16 July 2023, 1341 UTC.  Content supplied by ""

Source: ("").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (

Gamaredon hackers start stealing data 30 minutes after a breach

  • Ukraine's Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour.

  • Hacker

Genesis Market infrastructure and inventory sold on hacker forum

  • The administrators of the Genesis Market for stolen credentials announced on a hacker forum that they sold the store and a new owner would get the reins "next month."

  • Microsoft

Microsoft still unsure how hackers stole Azure AD signing key

  • Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies.

  • Rockwell Automation

Rockwell warns of new APT RCE exploit targeting critical infrastructure

  • Rockwell Automation says a new remote code execution (RCE) exploit linked to an unnamed Advanced Persistent Threat (APT) group could be used to target unpatched ControlLogix communications modules commonly used in manufacturing, electric, oil and gas, and liquified natural gas industries.

  • Spotify reportedly makes users' private playlists public

Spotify reportedly makes users' private playlists public

  • In what is shaping up to be a widespread privacy controversy, Spotify has come under scrutiny following allegations by users that the music streaming service made their private playlists public without their consent.

  • WordPress

WordPress AIOS plugin used by 1M sites logged plaintext passwords

  • The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext passwords from user login attempts to the site's database, putting account security at risk.

  • Hacker cybersecurity

BreachForums owner Pompompurin pleads guilty to hacking charges

  • 20-year-old Conor Brian Fitzpatrick aka Pompompurin, the owner of the notorious BreachForums (aka Breached) hacking forum, has pleaded guilty to charges of hacking and possession of child pornography.

  • Colorado State University

Colorado State University says data breach impacts students, staff

  • Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students and employees during the recent MOVEit Transfer data-theft attacks.

  • Shutterfly

Shutterfly says Clop ransomware attack did not impact customer data

  • Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months, Clop ransomware gang has been exploiting a vulnerability in the MOVEit File Transfer utility to breach hundreds of companies to steal their data and attempt extortion against them.

  • Botnet

AVrecon malware infects 70,000 Linux routers to build botnet

  • Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office (SOHO) routers and add them to a botnet designed to steal bandwidth and provide a hidden residential proxy service.

  • Cisco

Cisco SD-WAN vManage impacted by unauthenticated REST API access

  • The Cisco SD-WAN vManage management software is impacted by a flaw that allows an unauthenticated, remote attacker to gain read or limited write permissions to the configuration of the affected instance.

  • Google Play

Google Play will enforce business checks to curb malware submissions

  • Google is fighting back against the constant invasion of malware on Google Play by requiring all new developer accounts registering as an organization to provide a valid D-U-N-S number before submitting apps.

  • Windows 11

Windows 11 23H2 coming this fall as a small enablement package

  • Microsoft announced today that the upcoming Windows 11, version 23H2, will be available in the fourth quarter of 2023 as an enablement package since it shares Windows 11 22H2's code base and servicing branch.

  • Linux

Fake Linux vulnerability exploit drops data-stealing malware

  • ​Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware.

  • Zimbra

Zimbra urges admins to manually fix zero-day exploited in attacks

  • Zimbra urged admins today to manually fix a zero-day vulnerability actively exploited to target and compromise Zimbra Collaboration Suite (ZCS) email servers.



Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.