The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019 security breach. In 2019, the New Zealand-based cryptocurrency exchange Cryptopia discloses a cyber attack that took place on January 14th. At the time of the first attack, the threat actors stole approximately USD 30 million worth o

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.comExperts warn of threat actors abusing Google Alert

A critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical authentication bypass vulnerability, tracked as CVE-2021-22681, can be exploited by remote attackers to compromise programmable logic controllers (PLCs) manufactured by Rockwell Automation. The v

‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. ​A cybercrime group called ‘Hotarus Corp’ has breached the Ecuador’s largest private bank, Banco Pichincha, and the local Ministry of Finance (the Ministerio de Economía y Finanzas de

The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks. The telecommunications provider T-Mobile has disclosed a data breach after it became aware that some of its customers were allegedly victims of SIM swap attacks. Crooks conduct SIM swapping attacks to take control of v

French experts spotted a new Ryuk ransomware variant that implements self-spreading capabilities to infect other devices on victims’ local networks. Experts from French national cyber-security agency ANSSI have spotted a new Ryuk ransomware variant that implements worm-like capabilities that allow within local networks. “On top of its usual

Data Breach: WizCase team uncovered a massive data leak containing private information about Turkish Citizens through a misconfigured Amazon S3 bucket. The server contained 55,000 court papers regarding over 15,000 legal cases, which affected hundreds of thousands of people. What’s Going On? Our online security team has uncovered a massive data bre

Microsoft announced the release of open-source CodeQL queries that it experts used during its investigation into the SolarWinds supply-chain attack Microsoft has announced the availability of open-source CodeQL queries that the IT giant used during its investigation into the SolarWinds attack. In early 2021, the US agencies FBI, CISA, ODNI, and the NS

Hackers have broken into the biochemical systems of an Oxford University lab where researchers are working on the study of Covid-19. Hackers compromised the systems at one of the most advanced biology labs at the Oxford University that is involved in the research on the Covid-19 pandemic. The news was disclosed by Forbes and the Oxford University confi

Dutch Research Council (NWO) confirmed that the recent cyberattack that forced it to take its servers offline was caused by the DoppelPaymer ransomware gang. On February 14, Dutch Research Council (NWO) was hit by a cyber attack that compromised its network and impacted its operations. In response to the incident, the Dutch Research Council (NWO) was f

The Chinese hacking group, tracked as TA413, used a malicious Firefox add-on in a cyberespionage campaign aimed at Tibetans. China-linked cyberespionage group TA413 targeted Tibetan organizations across the world using a malicious Firefox add-on, dubbed FriarFox, that allowed them to steal Gmail and Firefox browser data and deliver malware on infected sys

Cisco addressed over a dozen vulnerabilities in its products, including three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software. Cisco released security updates to address over a dozen vulnerabilities affecting multiple products, including three critical flaws impacting its ACI Multi-Site Orchestrator, Applicati

North Korea-linked Lazarus APT group has targeted the defense industry with the custom-backdoor dubbed ThreatNeedle since 2020. North Korea-linked Lazarus APT group has targeted the defense industry with the backdoor dubbed ThreatNeedle since early 2020. The state-sponsored hackers targeted organizations from more than a dozen countries. The expert

Google Project Zero team disclosed the details of a recently patched remote code execution vulnerability (CVE-2021-24093) in Windows Operating system. White hat hacker at Google Project Zero disclosed the details of a recently patched Windows vulnerability, tracked as CVE-2021-24093, that can be exploited for remote code execution in the context of the D

Ukraine ‘s government attributes a cyberattack on the government document management system to a Russia-linked APT group. The Ukraine ‘s government blames a Russia-linked APT group for an attack on a government document management system, the System of Electronic Interaction of Executive Bodies (SEI EB). According to Ukrainian officials, th