Security Affairs

"RockYou2024 compilation containing 10 billion passwords was leaked online."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 09 July 2024, 1538 UTC.

Content and Source:  https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed/Security Affairs.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

65K followers23 articles per week#security#tech
16

MOST POPULAR

RockYou2024 compilation containing 10 billion passwords was leaked online
5 TTPs
38by Pierluigi Paganini / 16h
Massive password leak exposes cybersecurity risks
Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. RockYou2024 announcement: Source CyberNews The compilation (“rockyou2024.txt”) contains 9,948,575,739 unique plaintext passwords was posted
Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes
Ticketmaster breach exposes Taylor Swift tickets
48by Pierluigi Paganini / 4d
The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3rHunters leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour for free. The bar codes are valid for the upcoming concerts of Taylor Swift in Miami, New Orleans, and Indianapolis. The threat actor dem
Hackers stole OpenAI secrets in a 2023 security breach
35by Pierluigi Paganini / 3d
The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported. The American newspaper revealed that the threat actors gained access to the internal discussions among researchers and other employees, but they did not access the source code of

YESTERDAY

Avast released a decryptor for DoNex Ransomware and its predecessors
2 TTPs
by Pierluigi Paganini / 6h
Avast decrypts DoNex ransomware
Avast developed and released a decryptor for the DoNex ransomware family that allows victims to recover their files for free. Avast researchers identified a cryptographic flaw in the DoNex ransomware and its predecessors that allowed them to develop a decryptor. The experts revealed the weakness during the Recon 2024 conference . Avast also released a decryptor that allows victims to recover thei
Critical Ghostscript flaw exploited in the wild. Patch it now!
4 TTPs
by Pierluigi Paganini / 20h
Threat actors are exploiting Ghostscript vulnerability CVE-2024-29510 to bypass the sandbox and achieve remote code execution. Threat actors are actively exploiting a Ghostscript vulnerability, tracked as CVE-2024-29510, that can allow them to escape the – dSAFER sandbox and achieve remote code execution. Ghostscript is an interpreter for the PostScript language and for PDF files. It is used prim
Apple removed 25 VPN apps from the App Store in Russia following Moscow’s requests
Russia forces Apple remove VPNs
by Pierluigi Paganini / 1d
Apple removed several virtual private network (VPN) apps from its App Store in Russia following a request from the Russian Government. Russia is tightening its citizens’ control over Internet access and forced Apple to remove several virtual private network (VPN) apps from its App Store in Russia following a request from Russia’s state communications watchdog Roskomnadzor . “Over the past few yea

JUL 7, 2024

CISA adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog
5 TTPs
by Pierluigi Paganini / 1d
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco NX-OS Command Injection Vulnerability, tracked as CVE-2024-20399 , to its Known Exploited Vulnerabilities (KEV) catalog . This week, Cisco addressed an NX-OS zero-day, trac
Apache fixed a source code disclosure flaw in Apache HTTP Server
4 TTPs
by Pierluigi Paganini / 1d
The Apache Foundation addressed a critical source code disclosure vulnerability, tracked as CVE-2024-39884, in the HTTP Server. The Apache Software Foundation has addressed multiple vulnerabilities in its popular Apache HTTP Server. The vulnerabilities include denial-of-service (DoS), remote code execution, and unauthorized access issues. One of these vulnerabilities is a critical source code dis
Security Affairs Malware Newsletter – Round 1
by Pierluigi Paganini / 2d
Today marks the launch of the Security Affairs newsletter, specializing in Malware. This newsletter complements the weekly one you already receive. Each week, it will feature a collection of the best articles and research on malware. CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts Supply Chain Compromise Leads to Trojanized Installers for Notezilla, Rec

JUL 6, 2024

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION
by Pierluigi Paganini / 2d
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfi
Alabama State Department of Education suffered a data breach following a blocked attack
Alabama State Education cyber attack investigation
by Pierluigi Paganini / 2d
Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped. Superintendent Eric Mackey, who disclosed the attack, said they are wo
GootLoader is still active and efficient
12 TTPs
by Pierluigi Paganini / 2d
GootLoader malware active
Researchers warn that the malware GootLoader is still active and threat actors are still using it in their campaigns. Threat actors continue to use GootLoader malware in their campaigns, Cybereason researchers warn. The malware has evolved, resulting in several versions, with GootLoader 3 currently in use. Despite updates to the payload, the infection strategies and overall functionality have rem

JUL 5, 2024

Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain
IoC > 1 URL
by Pierluigi Paganini / 4d
Cybersecurity company Censys has identified over 380,000 hosts that are still referencing the malicious polyfill.io domain. Censys reported that over 380,000 internet-exposed hosts are still referencing the malicious polyfill.io domain. The polyfill.io domain was suspended last week following multiple reports of malicious activity. The domain Polyfill.io was used to host JavaScript code that adde
New Golang-based Zergeca Botnet appeared in the threat landscape
IoC > 1 IP
by Pierluigi Paganini / 4d
17 TTPs
New Golang-based Zergeca botnet conducts powerful
Researchers uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. Researchers at the QiAnXin XLab team uncovered a new Golang-based botnet called Zergeca that can carry out distributed denial-of-service (DDoS) attacks. On May, 2024, the researchers detected a suspicious ELF file at /usr/bin/geomi that was uploaded from Russia to VirusT

JUL 4, 2024

Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus
4 TTPs
by Pierluigi Paganini / 4d
Microsoft discovered two flaws in Rockwell Automation PanelView Plus that remote, unauthenticated attackers could exploit. Microsoft responsibly disclosed two vulnerabilities in Rockwell Automation PanelView Plus that remote, unauthenticated attackers can exploit to perform remote code execution (RCE) and denial-of-service (DoS). The RCE vulnerability in PanelView Plus involves exploiting two cus
Hackers compromised Ethereum mailing list and launched a crypto draining attack
Ethereum mailing list breach affects 35
by Pierluigi Paganini / 4d
Hackers compromised Ethereum ‘s mailing list provider and sent phishing messages to the members attempting to drain their crypto funds. Hackers compromised Ethereum’s mailing list provider and on the night of June 23, they sent an email to the 35,794 addresses. The email was sent from the address ‘updates@blog.ethereum.org’ and included a link to a malicious site running a crypto drainer. “This w

END OF FEED

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more