Security Affairs

"TP-Link Archer C5400X gaming router is affected by a critical flaw."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 28 May 2024, 1417 UTC.

Content and Source:  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed/Security Affairs.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

64K followers26 articles per week#security#tech
16

MOST POPULAR

TP-Link Archer C5400X gaming router is affected by a critical flaw
2 TTPs
by Pierluigi Paganini / 7h
CVE-2024-5035
Researchers warn of a critical remote code execution vulnerability in TP-Link Archer C5400X gaming router. Researchers at OneKey discovered a a critical remote code execution (RCE) vulnerability, tracked as CVE-2024-5035 (CVSS score 10.0), in TP-Link Archer C5400X gaming router. A remote, unauthenticated, attacker can exploit the vulnerability to execute commands on the device. The TP-Link Archer
Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors
by Pierluigi Paganini / 4d
The use of Dynamic DNS (DDNS) services embedded in appliances can potentially expose data and devices to attacks. The use of Dynamic DNS (DDNS) services embedded in appliances, such as those provided by vendors like Fortinet or QNAP, carries cybersecurity implications. It increases the discoverability of customer devices by attackers. Advisory on security impacts related to the use of TLS in prop
New ATM Malware family emerged in the threat landscape
by Pierluigi Paganini / 1d
Experts warn of a new ATM malware family that is advertised in the cybercrime underground, it was developed to target Europe. A threat actor is advertising a new ATM malware family that claims to be able of compromised 99% of devices in Europe. The threat actor is offering the malware for $30,000, he claims that the “EU ATM Malware” is designed from scratch and that can also target approximately

YESTERDAY

WordPress Plugin abused to install e-skimmers in e-commerce sites
IoC > 1 URL
by Pierluigi Paganini / 4h
2 TTPs
Hackers exploit WordPress plugin
Threat actors are exploiting a WordPress plugin to insert malicious PHP code in e-commerce sites and steal credit card data. Sucuri researchers observed threat actors using a PHP snippet WordPress plugin to install malicious code in WooCommerce e-stores and harvest credit card details. In the campaign spotted by the experts, attackers use a very obscure WordPress plugin called Dessky Snippets , w
Sav-Rx data breach impacted over 2.8 million individuals
Sav-Rx data breach affects 2.8M
by Pierluigi Paganini / 17h
Prescription service firm Sav-Rx disclosed a data breach that potentially impacted over 2.8 million people in the United States. Prescription service company Sav-Rx disclosed a data breach after 2023 cyberattack. The company is notifying 2,812,336 individuals impacted by the security breach in the United States. A&A Services, which operates as Sav-RX, shared with the Maine Attorney General’s offi
The Impact of Remote Work and Cloud Migrations on Security Perimeters
by Pierluigi Paganini / 1d
Organizations had to re-examine the traditional business perimeter and migrate to cloud-based tools to support distributed workforces. Which is the impact? The almost overnight shift to remote work, driven by the COVID-19 pandemic, has profoundly impacted how businesses use technology. Organizations across the globe had to adapt and adapt quickly. They had to re-examine the traditional business p

MAY 26, 2024

A high-severity vulnerability affects Cisco Firepower Management Center
2 TTPs
by Pierluigi Paganini / 1d
Cisco addressed a SQL injection vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software. Cisco addressed a vulnerability, tracked as CVE-2024-20360 (CVSS score 8.8), in the web-based management interface of the Firepower Management Center (FMC) Software. The vulnerability is a SQL injection issue, an attacker can exploit the flaw to obtain any data fr
CERT-UA warns of malware campaign conducted by threat actor UAC-0006
by Pierluigi Paganini / 1d
The Ukraine CERT-UA warns of a concerning increase in cyberattacks attributed to the financially-motivated threat actor UAC-0006. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of surge in in cyberattacks linked to the financially-motivated threat actor UAC-0006 . UAC-0006 has been active since at least 2013. The threat actors focus on compromising accountants’ PCs (which are us
Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
by Pierluigi Paganini / 2d
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Fake AV websites used to distribute info-stealer malware MITRE December 2023 attack: Threat actors created rogue VMs to evade detection An XSS fla

MAY 25, 2024

Malware-laced JAVS Viewer deploys RustDoor implant in supply chain attack
IoC > 2 hashes
by Pierluigi Paganini / 2d
6 TTPs
JAVS Viewer compromised in supply chain attack
Malicious actors compromised the JAVS Viewer installer to deliver the RustDoor malware in a supply chain attack. Rapid7 researchers warned that threat actors added a backdoor to the installer for the Justice AV Solutions JAVS Viewer software. The attackers were able to inject a backdoor in the JAVS Viewer v8.3.7 installer that is being distributed from the JAVS’ servers. Justice AV Solutions (JAV
Fake AV websites used to distribute info-stealer malware
IoC > 3 domains
by Pierluigi Paganini / 2d
2 TTPs
Fake antivirus websites distribute malware
Threat actors used fake AV websites masquerading as legitimate antivirus products from Avast, Bitdefender, and Malwarebytes to distribute malware. In mid-April 2024, researchers at Trellix Advanced Research Center team spotted multiple fake AV sites used to distribute info-stealers. The malicious websites hosted sophisticated malicious files such as APK, EXE and Inno setup installer, including Sp
MITRE December 2023 attack: Threat actors created rogue VMs to evade detection
7 TTPs
by Pierluigi Paganini / 3d
MITRE cyber attack by hackers
The MITRE Corporation revealed that threat actors behind the December 2023 attacks created rogue virtual machines (VMs) within its environment. The MITRE Corporation has provided a new update about the December 2023 attack . In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. The security team at the organization promptly launched an investigation, lo

MAY 24, 2024

An XSS flaw in GitLab allows attackers to take over accounts
Account Manipulation (Enterprise T1098)
by Pierluigi Paganini / 3d
GitLab addressed a high-severity cross-site scripting (XSS) vulnerability that allows unauthenticated attackers to take over user accounts. GitLab fixed a high-severity XSS vulnerability, tracked as CVE-2024-4835 , that allows attackers to take over user accounts. An attacker can exploit this issue by using a specially crafted page to exfiltrate sensitive user information. The vulnerability impac
Google fixes eighth actively exploited Chrome zero-day this year, the third in a month
by Pierluigi Paganini / 4d
Google rolled out a new emergency security update to fix another actively exploited zero-day vulnerability in the Chrome browser. Google has released a new emergency security update to address a new vulnerability, tracked as CVE-2024-5274, in the Chrome browser, it is the eighth zero-day exploited in attacks disclosed this year. The vulnerability is a high-severity ‘type confusion’ in the V8 Java
CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog
by Pierluigi Paganini / 4d
CISA adds Apache Flink improper access control vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healthcare Mirth Connect vulnerability to its Known Exploited Vulnerabilities (KEV) catalog . The issue, tracked as CVE-2020-17519 , is an improper access control vulnerability in Apache Flink. Apache Flink co

MAY 23, 2024

Recall feature in Microsoft Copilot+ PCs raises privacy and security concerns
Microsoft launches Recall tool for Windows 11
by Pierluigi Paganini / 4d
UK data watchdog is investigating Microsoft regarding the new Recall feature in Copilot+ PCs that captures screenshots of the user’s laptop every few seconds. The UK data watchdog, the Information Commissioner’s Office (ICO), is investigating a new feature, called Recall, implemented by Microsoft” Copilot+ PCs that captures screenshots of the user’s laptop every few seconds. “You can use Recall o

END OF FEED

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more