Fake Webshops Storming the Internet (Ψεύτικα καταστήματα εισβάλλουν στο Διαδίκτυο)

Posted by & filed under Security Alerts, Security News.

Σε Ευρωπαικά δημοσιεύματα φαίρεται να έχουν εντοπιστεί ψεύτικα διαδικτυακά καταστήματα που εισβάλλουν στο Διαδίκτυο με πλαστοπροσωπίες δημοφιλών εμπορικών εταιρειών.  Παρακάτω εμφανίζεται ένας πίνακας που περιλαμβάνει τους κακόβουλους τομείς προκειμένου να αποτραπεί η απάτη των χρηστών του Διαδικτύου. website IP address brand aenergyes[.]com 196[.]245[.]52[.]77 nike amthucthuanviet[.]com 196[.]245[.]52[.]78 nike aquipopular[.]com 196[.]245[.]52[.]69 nike auweaving[.]com 196[.]245[.]52[.]76 nike buyconverseaustralia[.]com 196[.]245[.]52[.]80… Read more »

Evilnum hackers use the same malware supplier as FIN6, Cobalt

Posted by & filed under Security Alerts.

Hackers in the Evilnum group have developed a toolset that combines custom malware, legitimate utilities, and tools bought from a malware-as-a-service (MaaS) provider that caters for big fintech threat actors. The group has been active since at least 2018 and focuses on companies from the financial technology sector that offer trading and investment platforms. Taking… Read more »

Citrix Bugs Allow Unauthenticated Code Injection, Data Theft

Posted by & filed under Security Alerts.

Admins should patch their Citrix ADC and Gateway installs immediately. Multiple vulnerabilities in the Citrix Application Delivery Controller (ADC) and Gateway would allow code injection, information disclosure and denial of service, the networking vendor announced Tuesday. Four of the bugs are exploitable by an unauthenticated, remote attacker. The Citrix products  (formerly known as NetScaler ADC… Read more »

Ransomware attack on insurance MSP Xchanging affects clients

Posted by & filed under Security Alerts.

Global IT services and solutions provider DXC Technology announced over the weekend a ransomware attack on systems from its Xchanging subsidiary. Xchanging is known as a managed service provider for businesses in the insurance industry but its list of customers includes companies from other fields: financial services, aerospace and defense, automotive, education, consumer packaged goods,… Read more »

PoC exploits released for F5 BIG-IP vulnerabilities, Patch Now!

Posted by & filed under Security Alerts.

Two days after patches for critical F5 BIG-IP vulnerability were released, security researchers have started publicly posting proof-of-concept (PoC) exploits show how easy it is to exploit these devices. F5 customers using BIG-IP devices and solutions include governments, Fortune 500 firms, banks, Internet services providers, and many consumer brands, including Microsoft, Oracle, and Facebook. On Friday, F5… Read more »