Categorie
Analysis

(Israel) Israel launches commission to probe Pegasus spyware: Legislator (Al Jazeera)

Al Jazeera writes: Israel has established a commission to review allegations that NSO Group’s controversial Pegasus phone surveillance software was misused amid a hacking scandal that has roiled governments globally.

go to Al Jazeera: Israel launches commission to probe Pegasus spyware: Legislator | Cybercrime News | Al Jazeera

Categorie
Analysis

(Saudi Aramco) Saudi Aramco confirms data leak after reports of cyber ransom (Bloomberg, Al Jazeera)

 

go to Al Jazeera website: Saudi Aramco confirms data leak after reports of cyber ransom | Business and Economy News | Al Jazeera

Categorie
Analysis

(USA) US House terminates deal with iConstituent after company waited days to raise ransomware alarm (ZD Net)

writes for ZD Net: The Office of the Chief Administrative Officer (CAO) — which provides support services to US House members of both parties — sent a letter to members of Congress announcing that it has terminated all contracts with iConstituent and will no longer be authorizing the platform’s use because of multiple cybersecurity incidents. 

go to ZD Net: US House terminates deal with iConstituent after company waited days to raise ransomware alarm | ZDNet

Categorie
Analysis

(Cybersecurity) Joker billing fraud malware found in Google Play Store (ZD Net)

Charlie Osborne writes for ZD Net: Malicious Android apps harboring the Joker malware have been discovered in the Google Play Store. On Tuesday, cybersecurity researchers from Zscaler’s ThreatLabz said that a total of 11 apps were recently discovered and found to be “regularly uploaded” to the official app repository, accounting for approximately 30,000 installs between them.

go to ZD Net website: Joker billing fraud malware found in Google Play Store | ZDNet

Categorie
Analysis

(Cybersecurity) Kelihos botmaster Peter Levashov gets time served (Security Affairs)

Pierluigi Paganini writes for Security Affairs: A US federal judge sentenced Russian hacker Peter Levashov to 33 months, time served, and three years of supervised release for his role in operating the Kelihos botnet.

go to Security Affairs website: Kelihos botmaster Peter Levashov gets time servedSecurity Affairs

Categorie
Analysis

(Cybersecurity) LPE flaw in Linux kernel allows attackers to get root privileges on most distros (Security Affairs)

Pierluigi Paganini writes for Security Affairs: Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros.

go to Security Affairs website: LPE flaw in Linux kernel allows attackers to get root privileges on most distrosSecurity Affairs

Categorie
Analysis

(Mexico) ‘Shameful’: Mexican president decries alleged NSO spying (Al Jazeera)

Al Jazeera writes: Mexican President Andres Manuel Lopez Obrador on Tuesday called “shameful” the alleged government-ordered spying several years ago that may have targeted him and his close allies and added that his government did not spy on anyone. British newspaper The Guardian reported on Monday that at least 50 people close to Lopez Obrador, among many others, were potentially targeted by the previous administration of President Enrique Pena Nieto after it purchased Pegasus spying software from Israel-based NSO Group.

go to Al Jazeera network: ‘Shameful’: Mexican president decries alleged NSO spying | Andres Manuel Lopez Obrador News | Al Jazeera

Categorie
Analysis

(Cybersecurity) A bug in Fortinet FortiManager and FortiAnalyzer allows unauthenticated hackers to run code as root (Security Affairs)

Pierluigi Paganini writes for Security Affairs: Fortinet fixes a serious bug in its FortiManager and FortiAnalyzer network management solutions that could be exploited to execute arbitrary code as root.

go to Security Affairs website: Fortinet bug allows unauthenticated hackers to run code as rootSecurity Affairs

we receive from Fortinet: “La sicurezza dei nostri clienti è la nostra assoluta priorità. Abbiamo rilasciato una patch e alcune mitigazioni, stiamo comunicando in modo proattivo con i nostri clienti, esortandoli ad aggiornare tempestivamente le loro soluzioni FortiManager e FortiAnalyzer. Inoltre, consigliamo ai clienti di convalidare la propria configurazione per assicurarsi che nessuna modifica non autorizzata sia stata implementata da terze parti malintenzionate. Fortinet sta monitorando la situazione e al momento non c’è evidenza che questo stia avvenendo. Per ulteriori informazioni, fare riferimento al seguente alert: https://www.fortiguard.com/psirt/FG-IR-21-067

Categorie
Analysis

(Cybersecurity) Microsoft secured court order to take down domains used in BEC campaign (Security Affairs)

Pierluigi Paganini writes for Security Affairs: Microsoft has seized 17 malicious homoglyph domains used by crooks in a business email compromise (BEC) campaign targeting its users.

go to Security Affairs website: Microsoft secured a court order to take down domains used in BEC attacksSecurity Affairs

 

Page 1 of 35
1 2 3 35