Kootenai Health suffered a data breach impacting over 464,000 patients following a 3AM ransomware attack. Kootenai Health disclosed a data breach impacting over 464,088 patients following the leak of their personal information by the ThreeAM (3AM) ransomware gang. Kootenai Health…
Tag: Security Affairs
Microsoft Patch Tuesday security updates for August 2024 addressed six actively exploited bugs
Microsoft’s August 2024 Patch Tuesday addressed 90 vulnerabilities, including six that are actively exploited. Patch Tuesday security updates for August 2024 addressed 90 vulnerabilities in Microsoft products including Windows and Windows Components; Office and Office Components; .NET and Visual Studio;…
A PoC exploit code is available for critical Ivanti vTM bug
Ivanti warned of a critical authentication bypass flaw in its Virtual Traffic Manager (vTM) appliances that can allow attackers to create rogue administrator accounts. Ivanti addressed a critical authentication bypass vulnerability, tracked as CVE-2024-7593 (CVSS score of 9.8), impacting Virtual…
CERT-UA warns of a phishing campaign targeting government entities
CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government…
US DoJ dismantled remote IT worker fraud schemes run by North Korea
The U.S. DoJ arrested a Tennessee man for running a “laptop farm” that enabled North Korea-linked IT workers to obtain remote jobs with American companies. The U.S. Justice Department arrested Matthew Isaac Knoot (38) from Nashville (Tennessee) for operating a…
A FreeBSD flaw could allow remote code execution, patch it now!
FreeBSD Project maintainers addressed a high-severity flaw in OpenSSH that could allow remote code execution with elevated privileges. The maintainers of the FreeBSD Project have released urgent security updates to address a high-severity flaw, tracked as CVE-2024-7589, (CVSS score of 7.4)…
EastWind campaign targets Russian organizations with sophisticated backdoors
A campaign tracked as EastWind is targeting Russian government and IT organizations with PlugY and GrewApacha Backdoors. In late July 2024, Kaspersky researchers detected a series of targeted cyberattacks against the Russian government and IT organizations. Kaspersky named this campaign…
Microsoft found OpenVPN bugs that can be chained to achieve RCE and LPE
Microsoft found four bugs in OpenVPN that could be chained to achieve remote code execution and local privilege escalation. During the Black Hat USA 2024 conference, Microsoft researchers disclosed multiple medium-severity bugs in the open-source project OpenVPN that could be…
Foreign nation-state actors hacked Donald Trump’s campaign
Donald Trump’s campaign reported that its emails were hacked by “foreign sources hostile to the United States.” Donald Trump’s presidential campaign announced it was hacked, a spokesman attributes the attack to foreign sources hostile to the United States. The presidential…
Security Affairs newsletter Round 484 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Is the INC…