PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks
Researcher released PoC exploit code for a recent critical flaw (CVE-2023-34039) in VMware Aria Operations for Networks. At the end…
Security
Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…
LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM)
The LockBit ransomware gang claims to have breached the Commission des services electriques de Montréal (CSEM). The LockBit ransomware group…
Social engineering attacks target Okta customers to achieve a highly privileged role
Identity services provider Okta warned customers of social engineering attacks carried out by threat actors to obtain elevated administrator permissions.…
2023 OWASP Top-10 Series: API6:2023 Unrestricted Access to Sensitive Business Flows
Welcome to the 7th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a…
Talos wars of customizations of the open-source info stealer SapphireStealer
Cisco reported that multiple threat actors are customizing the SapphireStealer information stealer after the leak of its source code. Cisco…
Friday Squid Blogging: We’re Genetically Engineering Squid Now
Is this a good idea? The transparent squid is a genetically altered version of the hummingbird bobtail squid, a species…
UNRAVELING EternalBlue: inside the WannaCry’s enabler
WannaCry and NotPetya, probably two most damaging cyberattacks in recent history, were both only made possible because of EternalBlue. Here…
Researchers released a free decryptor for the Key Group ransomware
Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a…
Spyware Vendor Hacked
A Brazilian spyware app vendor was hacked by activists: In an undated note seen by TechCrunch, the unnamed hackers described…