Courtroom Digital Forensics

[ad_1] Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION  |  Crooks manipulate GitHub’s search results to distribute malware  |  BatBadBut flaw allowed an attacker to perform command injection on Windows  |  Roku disclosed a new security breach impacting 576,000 accounts  |  LastPass employee targeted via an audio deepfake call  |  TA547 targets …

Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION Read More »

[ad_1] Crooks manipulate GitHub’s search results to distribute malware Pierluigi Paganini April 13, 2024 Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware. Checkmarx researchers reported that threat actors are manipulating GitHub search results to deliver persistent malware to developers systems. Attackers behind this campaign create malicious repositories with …

Crooks manipulate GitHub’s search results to distribute malware Read More »

[ad_1] BatBadBut flaw allowed an attacker to perform command injection on Windows Pierluigi Paganini April 13, 2024 A critical vulnerability, named ‘BatBadBut’, impacts multiple programming languages, its exploitation can lead to command injection in Windows applications. The cybersecurity researcher RyotaK (@ryotkak ) discovered a critical vulnerability, dubbed BatBadBut, which impacts multiple programming languages. When specific conditions …

BatBadBut flaw allowed an attacker to perform command injection on Windows Read More »

[ad_1] Roku disclosed a new security breach impacting 576,000 accounts Pierluigi Paganini April 12, 2024 Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. “Credential stuffing is a type of …

Roku disclosed a new security breach impacting 576,000 accounts Read More »

[ad_1] TA547 targets German organizations with Rhadamanthys malware Pierluigi Paganini April 12, 2024 TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. TA547 is a financially motivated threat actor that …

TA547 targets German organizations with Rhadamanthys malware Read More »

[ad_1] LastPass employee targeted via an audio deepfake call Pierluigi Paganini April 12, 2024 Crooks targeted a LastPass employee using deepfake technology to impersonate the company’s CEO in a fraudulent scheme. In a fraudulent scheme, criminals used deepfake technology to impersonate LastPass ‘s CEO, targeting an employee of the company. The attack occurred this week, …

LastPass employee targeted via audio deepfake call Read More »

[ad_1] Microsoft fixed two zero-day bugs exploited in malware attacks Pierluigi Paganini April 11, 2024 Microsoft addressed two zero-day vulnerabilities (CVE-2024-29988 and CVE-2024-26234) actively exploited by threat actors to deliver malware Microsoft addressed two zero-day vulnerabilities, tracked as CVE-2024-29988 and CVE-2024-26234, that threat actors are exploiting to deliver malware. Microsoft Patches Tuesday security updates for …

Microsoft fixed two zero-day flaws exploited in malware attacks Read More »

[ad_1] US CISA published an alert on the Sisense data breach Pierluigi Paganini April 11, 2024 Business intelligence software company Sisense suffered a cyberattack that may have exposed sensitive information of major enterprises worldwide. Sisense, a business intelligence software company, experienced a cyberattack potentially exposing the sensitive data of global enterprises. The list of the …

US CISA published an alert on the Sisense data breach Read More »

[ad_1] CISA adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog Pierluigi Paganini April 11, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following D-Link multiple NAS devices flaws to its …

CISA adds D-Link multiple NAS devices bugs to its Known Exploited Vulnerabilities catalog Read More »

[ad_1] Palo Alto Networks fixed multiple DoS bugs in its firewalls Pierluigi Paganini April 11, 2024 Palo Alto Networks fixed several vulnerabilities in its PAN-OS operating system, including 3 issues that can trigger a DoS condition on its firewalls. Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system. …

Palo Alto Networks fixed multiple DoS bugs in its firewalls Read More »