• GitCaught campaign relies on Github and Filezilla to deliver multiple malware

    Researchers discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors that used GitHub to distribute malware. Recorded Future’s Insikt Group discovered a sophisticated cybercriminal campaign by Russian-speaking threat actors from the Commonwealth of Independent States (CIS). The attackers, tracked as GitCaught, used a GitHub profile to impersonate legitimate software applications, including 1Password, Bartender 5, and

  • Two students uncovered a flaw that allows to use laundry machines for free

    Two students discovered a security flaw in over a million internet-connected laundry machines that could allow laundry for free. CSC ServiceWorks is a company that provides laundry services and air vending solutions for multifamily housing, academic institutions, hospitality, and other commercial sectors. They manage and operate many internet-connected laundry machines and systems, offering services such

  • Grandoreiro Banking Trojan is back and targets banks worldwide

    A new Grandoreiro banking trojan campaign has been ongoing since March 2024, following the disruption by law enforcement in January. IBM X-Force warns of a new Grandoreiro banking trojan campaign that has been ongoing since March 2024. Operators behind the Grandoreiro banking trojan have resumed operations following a law enforcement takedown in January. The recent campaign is

  • Healthcare firm WebTPA data breach impacted 2.5 million individuals

    WebTPA, a third-party administrator that provides healthcare management and administrative services, disclosed a data breach. WebTPA is a third-party administrator that provides healthcare management and administrative services. The US company disclosed a data breach that impacted almost 2.5 million people. According to the report sent by the WebTPA to the U.S. Department of Health and

  • Security Affairs newsletter Round 472 by Pierluigi Paganini – INTERNATIONAL EDITION

    A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. North Korea-linked IT workers infiltrated hundreds of US firms Turla APT used two new backdoors to

  • North Korea-linked Kimsuky used a new Linux backdoor in recent attacks

    Symantec warns of a new Linux backdoor used by the North Korea-linked Kimsuky APT in a recent campaign against organizations in South Korea.  Symantec researchers observed the North Korea-linked group Kimsuky using a new Linux backdoor dubbed Gomir. The malware is a version of the GoBear backdoor which was delivered in a recent campaign by

    fr_FRFrançais