Security researchers have disclosed multiple architectural vulnerabilities in Siemens SIMATIC and SIPLUS S7-1500 PLCs that could be exploited by a malicious actor to stealthily install firmware on affected devices and take control of them.

The discovered database included sensitive data such as usernames, full personal names, Facebook IDs, phone numbers, and passwords hashed with the BCrypt algorithm, which is considered safe.

The multi-stage infection sequence begins with a phishing email containing a link that downloads a password-protected ZIP archive file with two files: a shortcut (.LNK) file and a batch (.BAT) file.

The number of victims posted on ransomware extortion sites rose more than 20% in December to 241 organizations — the highest monthly count since April, according to data collected by Recorded Future.

According to ESET researchers, attackers use a fake Shagle website that tricks victims into downloading the malicious APK file. In reality, the app is a trojanized version of the standard Telegram app for Android. 

AnyDesk is a popular remote desktop application for Windows, Linux, and macOS, used by millions of people worldwide for secure remote connectivity or performing system administration.

S-RM researchers identified a Lorenz ransomware attack that was completed months after the attackers gained initial access. They exploited CVE-2022-29499, a vulnerability in Mitel telephony infrastructure.

The CISA has added two more security vulnerabilities to its catalog of exploited bugs, one of which affects Microsoft Exchange and the second one is in Windows Advanced Local Procedure Call.

More than 10,000 beneficiaries of a local branch of the French social security agency CAF, or Family Allowance Fund, saw their data exposed for about 18 months, after a file containing personal information was sent to a service provider.