"October ransomware attack on Dallas County impacted 200,000 people."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 12 July 2024, 1536 UTC.

Content and Source:  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed/Security Affairs.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

65K followers23 articles per week#security#tech

14

MOST POPULAR

October ransomware attack on Dallas County impacted over 200,000 people

Dallas County notifies 200

•

by Pierluigi Paganini / 8h

The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000 individuals exposing their personal information. In October 2023 the Play ransomware group hit Dallas County, Texas, and added the city to its Tor leak site claiming the theft of sensitive documents from multiple departments. Dallas refused to pay the ransom and the extortion group leaked the stolen docume

Palo Alto Networks fixed a critical bug in the Expedition tool

2 TTPs

•

by Pierluigi Paganini / 49min

Palo Alto Networks addressed five vulnerabilities impacting its products, including a critical authentication bypass issue. Palo Alto Networks released security updates to address five security flaws impacting its products, the most severe issue, tracked as CVE-2024-5910 (CVSS score: 9.3), is a missing authentication for a critical function in Palo Alto Networks Expedition that can lead to an adm

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

IoC > 1 domain

•

by Pierluigi Paganini / 1d

•

10 TTPs

•

CVE-2024-4577

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The Akamai Security Intelligence Response Team (SIRT) warns that multiple threat actors are exploiting the PHP vulnerability C VE-2024-4577 to deliver multiple malware families, including Gh0st RAT , RedTail cryptominers, and XMRig. “Threat actors continued the speedy-time-fro

YESTERDAY

Smishing Triad Is Targeting India To Steal Personal and Payment Data at Scale

6 TTPs

•

by Pierluigi Paganini / 8h

•

Smishing Triad targets India

Resecurity has identified a new campaign by the Smishing Triad that is targeting India to steal personal and payment data at scale Resecurity (USA) identified a new campaign targeting India Post (Department of Posts, India) by the Smishing Triad, which reportedly started amplifying around July 8, 2024, based on multiple victim reports and the detection of new infrastructure set up in the days pre

CrystalRay operations have scaled 10x to over 1,500 victims

6 TTPs

•

by Pierluigi Paganini / 17h

•

CrystalRay threat actor targets 1

A threat actor known as CrystalRay targeted 1,500 victims since February using tools like SSH-Snake and various open-source utilities. The Sysdig Threat Research Team (TRT) first spotted the threat actor CrystalRay on February 2024 and observed it using the SSH-Snake open-source software penetration testing tool. The experts collected new evidence that revealed that the threat actor expanded its

JUL 10, 2024

AI-Powered Russia’s bot farm operates on X, US and its allies warn

IoC > 1 domain

•

by Pierluigi Paganini / 1d

•

US disrupts Russian AI disinformation campaign

The US and its allies disrupted an AI-powered Russia-linked bot farm on the social media platform X relying on the Meliorator AI software. The U.S. FBI and Cyber National Mission Force, along with Dutch and Canadian intelligence and security agencies, warned social media companies about Russian state-sponsored actors using covert AI software, Meliorator, in disinformation campaigns. Affiliates of

VMware fixed critical SQL-Injection in Aria Automation product

CVE-2024-22280

•

by Pierluigi Paganini / 1d

VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tracked as CVE-2024-22280 (CVSSv3 base score of 8.5), in its Aria Automation solution. VMware Aria Automation (formerly vRealize Automation ) is a modern cloud automation platform that simplifies and strea

Citrix fixed critical and high-severity bugs in NetScaler product

3 TTPs

•

by Pierluigi Paganini / 2d

IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity issues in its NetScaler product . The most severe issue is an improper authorization flaw, tracked as CVE-2024-6235 (CVSS score of 9.4). An attacker with access to the NetScaler Console IP can exploit the v

Multiple cybersecurity agencies warn of China-linked APT40 ‘s capabilities

11 TTPs

•

by Pierluigi Paganini / 2d

Multiple cybersecurity agencies released a joint advisory warning about a China-linked group APT40 ‘s capability to rapidly exploit disclosed security flaws. Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. released a joint advisory warning about the China-linked group APT40 (aka TEMP.Periscope , TEMP.Jumper , Bronze Mohawk, Gingham T

JUL 9, 2024

A new flaw in OpenSSH can lead to remote code execution

2 TTPs

•

by Pierluigi Paganini / 2d

A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select versions of the OpenSSH secure networking suite, it can be exploited to achieve remote code execution (RCE). The issue is a possible race condition in cleanup_exit() in openssh’s privsep child that impacts

Microsoft Patch Tuesday for July 2024 fixed 2 actively exploited zero-days

4 TTPs

•

by Pierluigi Paganini / 2d

•

PatchTuesday

Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnerabilities in Windows and Windows Components; Office and Office Components; .NET and Visual Studio; Azure; Defender for IoT; SQL Server; Windows Hyper-V; Bitlocker and Secure(?) Boot; Remote Desktop; and X

U.S. CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog

4 TTPs

•

by Pierluigi Paganini / 2d

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special El

Evolve Bank data breach impacted over 7.6 million individuals

Evolve Bank data breach impacts 7.6 million people

•

by Pierluigi Paganini / 2d

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 million individuals. At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.” Despite the announcement, data leaked data from the group belongs to the Ar

More than 31 million customer email addresses exposed following Neiman Marcus data breach

Neiman Marcus data breach exposes 31 million

•

by Pierluigi Paganini / 2d

The recent data breach suffered by the American luxury department store chain Neiman Marcus has exposed more than 31 million customer email addresses. In May 2024, the American luxury retailer and department store chain Neiman Marcus disclosed a data breach following the security breach of the cloud-based data warehousing company Snowflake. The luxury retailer disclosed the data breach after thre

END OF FEED