Security News
Hundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to the Shadowserver Foundation. The non-profit said the attacks take advantage of CVE-2023-3519, a critical code injection vulnerability that could lead to unauthenticated remote code execution.
CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances by exploiting a now-patched zero-day bug. [...]
The Norwegian government is warning that its ICT platform used by 12 ministries has suffered a cyberattack after hackers exploited a zero-day vulnerability in third-party software. The Norwegian Security and Service Organization informed the National Security Authority when the cyberattack was discovered and engaged the police, who are currently investigating the incident.
Following claims by ransomware gang LockBit that it has stolen data belonging to TSMC, the chip-making giant has said it was in fact one of its equipment suppliers, Kinmax, that was compromised by the crew, and not TSMC itself. The crooks said TSMC has an August 6 deadline to cough up.
Attackers behind an ongoing series of proxyjacking attacks are hacking into vulnerable SSH servers exposed online to monetize them through proxyware services that pay for sharing unused Internet bandwidth. Like cryptojacking, which allows attackers to use hacked systems to mine for cryptocurrency, proxyjacking is a low-effort and high-reward tactic of leeching compromised devices' resources.
TechCrunch reviewed the leaked data, which included years of victims' call logs and text messages dating back to 2013. The database we reviewed contained current records on at least 13,000 compromised devices, though some of the devices shared little to no data with LetMeSpy.
Car mount and mobile accessory maker iOttie warns that its site was compromised for almost two months to steal online shoppers' credit cards and personal information. In a new data breach notification issued yesterday, iOttie says they discovered on June 13th that its online store was compromised between April 12th, 2023, and June 2nd with malicious scripts.
Enterprise security company Barracuda is now urging customers who were impacted by a recently disclosed zero-day flaw in its Email Security Gateway appliances to immediately replace them. "Impacted ESG appliances must be immediately replaced regardless of patch version level," the company said in an update, adding its "Remediation recommendation at this time is full replacement of the impacted ESG.".
Email and network security company Barracuda warns customers they must replace Email Security Gateway appliances hacked in attacks targeting a now-patched zero-day vulnerability. "Impacted ESG appliances must be immediately replaced regardless of patch version level," the company warned in an update to the initial advisory issued on Tuesday.
Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. Kaspersky says the campaign started in 2019 and reports the attacks are still ongoing.