Remove 07
Remove 2022 Remove Data Remove Information Security Remove Security
article thumbnail

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The US agency has ordered federal civilian agencies to address both issues by March 21, 2022. Yesterday Mozilla has released Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0,

article thumbnail

Malware-laced npm packages used to target Discord users

Security Affairs

Threat actors used multiple npm packages to target Discord users with malware designed to steal their payment card data. A malicious campaign targeting Discord users leverages multiple npm packages to deliver malware that steals their payment card information, Kaspersky researchers warn. 2022-07-17 20:28:29 small-sm 4.2.0

Passwords 111
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Security Affairs

Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. It is a multi-purpose botnet with data stealing and remote access capabilities. “Aurora is another infostealer targeting data from browsers, cryptocurrency wallets, local systems, and acting as a loader.

article thumbnail

Security Affairs newsletter Round 365 by Pierluigi Paganini

Security Affairs

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. The post Security Affairs newsletter Round 365 by Pierluigi Paganini appeared first on Security Affairs. To nominate, please visit:? Pierluigi Paganini.

article thumbnail

Hackers behind Twilio data breach also targeted Cloudflare employees

Security Affairs

“Yesterday, August 8, 2022, Twilio shared that they’d been compromised by a targeted phishing attack. The attackers sent the messages to at least 76 employees in less than 1 minute, but the company security team was not able to determine how the threat actors obtained the list of employees’ phone numbers.

article thumbnail

Dirty Pipe Linux flaw allows gaining root privileges on major distros

Security Affairs

Dirty Pipe is a Linux vulnerability, tracked as CVE-2022-0847, that can allow local users to gain root privileges on all major distros. Security expert Max Kellermann discovered a Linux flaw, dubbed Dirty Pipe and tracked as CVE-2022-0847, that can allow local users to gain root privileges on all major distros.

Passwords 101
article thumbnail

Lockbit leak sites hit by mysterious DDoS attack after Entrust hack

Security Affairs

provides software and hardware used to issue financial cards, e-passport production, user authentication for those looking to access secure networks or conduct financial transactions, trust certificated for websites, mobile credentials, and connected devices. Entrust security incident dated June 18th. Entrust Corp.