Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively exploited in the wild. This includes a pair of zero-days that have been weaponized in a mobile surveillance campaign called Operation Triangulation that has been active since 2019. The exact threat actor behind the campaign is not known.

The Hacker News
Open in Source
#vulnerability#web#ios#mac#apple#backdoor#rce#zero_day#webkit#The Hacker News
New DoJ Cyber Prosecution Team Will Go After Nation-State Threat Actors

The US Department of Justice adds litigators under its National Security Division to take on sophisticated cyber threats from adversarial nation-states.

Avast, Norton Parent Latest Victim of MOVEit Data Breach Attacks

Gen Digital, the parent company of the security companies, is the latest victim in a rash of Cl0p attacks on the bug in the MOVEit transfer software, leading to employee data being revealed.

Fresh Ransomware Gangs Emerge as Market Leaders Decline

The ransomware landscape is energized with the emergence of smaller groups and new tactics, while established gangs like LockBit see fewer victims.

Data Breach at New BreachForums: 4,000 members’ data leaked

By Waqas BreachForums is a recently resurfaced alternative to the popular hacker and cybercrime forum, Breach Forums, which is now defunct. This is a post from HackRead.com Read the original post: Data Breach at New BreachForums: 4,000 members’ data leaked

US dangles $10 million reward for information about Cl0p ransomware gang

Categories: News Categories: Ransomware Tags: Cl0p Tags: ransomware Tags: RFJ Tags: 10 million Tags: MOVEit Rewards for Justice (RFJ) is offering a reward of up to $10 million for information the Cl0p ransomware gang is acting at the direction or under the control of a foreign government. (Read more...) The post US dangles $10 million reward for information about Cl0p ransomware gang appeared first on Malwarebytes Labs.

Warning: Fake GitHub Repos Delivering Malware as PoCs

By Waqas According to researchers, these fake accounts on GitHub and Twitter are spreading malware that infects both Windows- and Linux-based systems. This is a post from HackRead.com Read the original post: Warning: Fake GitHub Repos Delivering Malware as PoCs

Active exploitation of the MOVEit Transfer vulnerability — CVE-2023-34362 — by Clop ransomware group

The Clop ransomware group has claimed responsibility for exploiting the vulnerability to deploy a previously unseen web shell, LemurLoot.

Third MOVEit Transfer Vulnerability Disclosed by Progress Software

MOVEit has created a patch to fix the issue and urges customers to take action to protect their environments, as Cl0p attacks continue to mount, including on government targets.

MOVEit discloses THIRD critical vulnerability

Categories: Exploits and vulnerabilities Categories: News Categories: Ransomware Tags: Progress Tags: Moveit Tags: CVE-2023-34362 Tags: CVE-2023-35036 Tags: Cl0p Progress has released an advisory about yet another MOVEit Transfer vulnerability while new victims of the first one keep emerging. (Read more...) The post MOVEit discloses THIRD critical vulnerability appeared first on Malwarebytes Labs.