The Breach News

New ‘Goldoon’ Botnet Exploits Decade-Old Vulnerability in D-Link Routers

A newly identified botnet, known as Goldoon, has emerged with a focus on exploiting a long-standing vulnerability within D-Link routers. This vulnerability, designated as CVE-2015-2051, has been present for nearly ten years, affecting models like the D-Link DIR-645. The flaw permits remote attackers to execute arbitrary commands through specially crafted…

Read MoreNew ‘Goldoon’ Botnet Exploits Decade-Old Vulnerability in D-Link Routers

Accelerating Vendor Risk Assessments Amidst SaaS Proliferation

In the current digital landscape, where Software as a Service (SaaS) applications have become integral to business operations, companies are increasingly reliant on third-party vendors for essential cloud services and software solutions. This growing dependence has not only expanded the SaaS supply chain but also heightened the complexity and potential…

Read MoreAccelerating Vendor Risk Assessments Amidst SaaS Proliferation

Addressing Ransomware Attacks on Healthcare: Highlights from a UN Security Council Briefing – DataBreaches.net

UN Security Council Addresses Surge in Ransomware Attacks Targeting Healthcare Facilities In a crucial briefing at the United Nations Security Council, officials highlighted the alarming rise in ransomware attacks aimed at hospitals and other healthcare services. The discussion comes in response to a series of high-profile incidents that have severely…

Read MoreAddressing Ransomware Attacks on Healthcare: Highlights from a UN Security Council Briefing – DataBreaches.net

Researchers Reveal Prolonged Cyber Espionage Targeting Foreign Embassies in Belarus

In a troubling revelation, the cyber espionage group codenamed MoustachedBouncer, which has remained undocumented until now, has been linked to a series of attacks targeting foreign embassies in Belarus. ESET security researcher Matthieu Faou notes that this group has likely been active since 2014 and has continuously improved its techniques,…

Read MoreResearchers Reveal Prolonged Cyber Espionage Targeting Foreign Embassies in Belarus

Critical Unpatched Vulnerability in Ray AI Platform Exploited for Cryptocurrency Mining

Cybersecurity experts are sounding alarms about active exploitation of a critical vulnerability in Anyscale Ray, an open-source artificial intelligence (AI) platform. This unpatched flaw is being used by malicious actors to commandeer computing resources for unauthorized cryptocurrency mining activities. The vulnerability in question, identified as CVE-2023-48022, has attained a notable…

Read MoreCritical Unpatched Vulnerability in Ray AI Platform Exploited for Cryptocurrency Mining

Nokia Reports Limited Impact from Recent Source Code Leak – SecurityWeek

Nokia has reported that the ramifications of a recent source code leak are minimal, a claim suggesting effective measures to mitigate potential risks. This breach primarily concerns the company’s proprietary software and appears to have minimal impact on Nokia’s operational capabilities and customer services. As a major player in the…

Read MoreNokia Reports Limited Impact from Recent Source Code Leak – SecurityWeek

Four Major Vulnerabilities Leave HPE Aruba Devices Open to RCE Attacks

HPE Aruba Networking, previously known as Aruba Networks, has recently issued critical security updates addressing significant vulnerabilities within its ArubaOS. These flaws pose a risk that could lead to remote code execution (RCE) on affected systems, making immediate action imperative for businesses reliant on this networking solution. The updates pertain…

Read MoreFour Major Vulnerabilities Leave HPE Aruba Devices Open to RCE Attacks