Application Delivery Management
Application Modernization & Connectivity
CyberRes
IT Operations Management
Cyber thieves move $760 million stolen in the 2016 Bitfinex heist
https://securityaffairs.co/wordpress/116858/digital-id/bitfinex-funds-moved.html
![]()
|
Cyber thieves move $760 million stolen in the 2016 Bitfinex heist--Security Affairs More than $760 million worth of Bitcoin, stolen from Asian cryptocurrency exchange Bitfinex in 2016, were moved on Wednesday to new accounts. On August 2016, the Asian Bitfinex suffered a security breach that resulted in the […] securityaffairs.co |
---
FBI silently removed web shells planted on Microsoft Exchange servers in the US
https://securityaffairs.co/wordpress/116793/malware/fbi-sanitized-us-microsoft-exchange.html
![]()
|
FBI silently removed web shells planted on Microsoft Exchange servers--Security Affairs A US judge granted the FBI the power to log into web shells that were injected by nation-state hackers on Microsoft Exchange servers across the US and remove the malware, […] securityaffairs.co |
---
Is the recent accident at Iran Natanz nuclear plant a cyber attack?
https://securityaffairs.co/wordpress/116668/cyber-warfare-2/iran-accident-natanz-cyberattack.html
![]()
|
Is recent accident at Iran Natanz nuclear plant a cyber attack?--Security Affairs A mysterious incident occurred on Sunday at the Natanz nuclear enrichment site and the media speculate it was caused by a cyber attack. The “accident” impacted the electricity distribution network at Iran’s […] securityaffairs.co |
---
FireEye: 650 new threat groups were tracked in 2020
https://securityaffairs.co/wordpress/116813/cyber-crime/fireeye-report-650-new-threat-groups.html
![]()
|
FireEye: 650 new threat groups were tracked in 2020--Security Affairs FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 […] securityaffairs.co |
---
Mirai code re-use in Gafgyt
https://securityaffairs.co/wordpress/116882/cyber-crime/gafgyt-re-uses-mirai-code.html
![]()
|
Mirai code re-use in Gafgyt --Security Affairs In this blog, we’ll take a look at some of the re-used Mirai modules, their functionality, and the Uptycs EDR detection capabilities of Gafgyt. Gafgyt. Gafgyt (also known as Bashlite) is a prominent malware family for *nix systems, which mainly target vulnerable IoT devices like Huawei routers, Realtek routers and ASUS devices.Gafgyt also uses some of the existing exploits (CVE-2017-17215 ... securityaffairs.co |
---
Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto
https://securityaffairs.co/wordpress/116874/apt/lazarus-btc-changer-js-sniffers.html
![]()
|
Lazarus BTC Changer. Back in action with redesigned JS-sniffers--Security Affairs Group-IB observed the North Korea-linked Lazarus APT group stealing cryptocurrency using a never-before-seen tool. In the last five years, JavaScript sniffers have grown into one of the most dangerous threats for e-commerce businesses. The simple nature of such attacks combined with the use of malicious JavaScript code for intercepting payment data attract more and more […] securityaffairs.co |
---
Millions of devices impacted by NAME:WRECK flaws
https://securityaffairs.co/wordpress/116734/reports/namewreck-flaws.html
Millions of devices impacted by NAME:WRECK flaws--Security Affairs “Forescout Research Labs, partnering with JSOF Research, disclosed NAME:WRECK, a set of Domain Name System (DNS) vulnerabilities that have the potential to cause either Denial of Service (DoS) or Remote Code Execution, allowing attackers to take targeted devices offline or to gain control over them.” reads the analysis published by Forescout. “The widespread use of these stacks and often ... securityaffairs.co |
---
Expired certificate caused a Pulse Secure VPN global scale outage
https://securityaffairs.co/wordpress/116719/security/pulse-secure-vpn-outage.html
Expired certificate caused a Pulse Secure VPN global scale outage--Security Affairs Pulse Secure VPN users were not able to login after a code signing certificate used to digitally sign and verify software components has expired. Multiple users have reported on […] securityaffairs.co |
---
Microsoft is open sourcing CyberBattleSim Enterprise Environment Simulator
Microsoft is open sourcing CyberBattleSim Simulator--Security Affairs Microsoft has recently announced the open-source availability of the Python-based enterprise environment simulator. named ‘CyberBattleSim.’ “CyberBattleSim is an experimentation research platform to investigate the interaction of automated agents operating in a ... securityaffairs.co |
---
Operation Dream Job Targeting Job Seekers in South Korea
[PDF] https://global.ahnlab.com/global/upload/download/asecreport/ASEC REPORT_vol.102_ENG (4).pdf
ASEC (AhnLab Security Emergency-response Center) is a global security response group consisting of malware analysts and security experts. This report is published by ASEC and focuses on the most global.ahnlab.com |
---
Expert publicly released Chromium-based browsers exploit demonstrated at Pwn2Own 2021
https://securityaffairs.co/wordpress/116727/hacking/chromium-based-browsers-exploit.html
Expert publicly released Chromium-based browsers exploit--Security Affairs The Indian security researcher Rajvardhan Agarwal has publicly released a proof-of-concept exploit code for a recently discovered vulnerability that affects Google Chrome, Microsoft Edge, and other Chromium-based browsers (i.e. Opera ... securityaffairs.co |
---
For the second time in a week, a Google Chromium zero-day released online
https://securityaffairs.co/wordpress/116844/hacking/google-chromium-zero.html
A second Google Chromium zero-day released online securityaffairs.co |
---
WhatsApp flaws could have allowed hackers to remotely hack mobile devices
https://securityaffairs.co/wordpress/116833/hacking/whatsapp-flaws-remote-hack.html
WhatsApp flaws could have allowed hackers to hack mobile devices securityaffairs.co |
---
Microsoft fixes 2 critical Exchange Server flaws reported by the NSA
https://securityaffairs.co/wordpress/116767/uncategorized/exchange-server-flaws-nsa.html
Microsoft fixes 2 critical Exchange Server flaws reported by the NSA--Security Affairs Microsoft patch Tuesday security updates released today have addressed four critical and high severity vulnerabilities in Exchange Server (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483), some of these flaws were reported by the U.S ... securityaffairs.co |
---
Experts released PoC exploit code for a critical RCE in QNAP NAS devices
https://securityaffairs.co/wordpress/116750/hacking/qnap-rce-exploit.html
Experts released PoC exploit code for a critical RCE in QNAP NAS devices--Security Affairs An exploit for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices was publicly released. The vulnerability, tracked as CVE-2020-2501, is a stack-based buffer ... securityaffairs.co |