The U.S. government may ban TP-Link routers in 2025 if investigations confirm their use could pose a national security risk. The U.S. government is investigating whether TP-Link routers, linked to cyberattacks, pose a national security risk, the Wall Street Journal…
Tag: Security Affairs
Russia-linked APT29 group used red team tools in rogue RDP attacks
Russia-linked APT29 group uses malicious RDP configuration files, adapting red teaming methods for cyberattacks to compromise systems. In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) used rogue RDP attacks via phishing…
Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677
Researchers warn that threat actors are attempting to exploit a recently disclosed Apache Struts vulnerability CVE-2024-53677. Researchers warn that threat actors are attempting to exploit the vulnerability CVE-2024-53677 (CVSS score of 9.5) in Apache Struts. A remote attacker could exploit…
Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach
Meta has been fined €251M ($263M) for a 2018 data breach affecting millions in the EU, marking another penalty for violating privacy laws. The Irish Data Protection Commission (DPC) fined Meta €251 million ($263M) for a 2018 data breach impacting…
The Mask APT is back after 10 years of silence
Kaspersky researchers linked a new wave of cyber attacks to the cyber espionage group tracked as The Mask. Kaspersky researchers linked several targeted attacks to a cyber espionage group known as The Mask. The APT group targeted an organization in…
Texas Tech University data breach impacted 1.4 million individuals
Texas Tech University reports a data breach affecting 1.4 million, exposing personal, health, and financial data from its health sciences centers. Texas Tech University disclosed a data breach that impacted over 1.4 million individuals following a cyber attack. The security…
The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs
The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. The Federal Bureau of Investigation (FBI) released a Private Industry Notification (PIN) to warn of HiatusRAT malware campaigns targeting Chinese-branded web cameras…
Russia FSB relies on Ukrainian minors for criminal activities disguised as “quest games”
Ukraine’s SBU uncovered an FSB espionage campaign recruiting minors for criminal activities disguised as “quest games.” The Security Service of Ukraine (SBU or SSU) uncovered a new espionage campaign linked to Russia’s intelligence agency Federal Security Service (FSB), which consists…
U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference (CVE-2024-35250) and…
ConnectOnCall data breach impacted over 900,000 individuals
ConnectOnCall disclosed a data breach impacting over 900,000 individuals, exposing their personal information. ConnectOnCall is a telehealth platform and after-hours on-call answering service designed to enhance communication between healthcare providers and patients. It offers automated patient call tracking, HIPAA-compliant chat,…