Summary: Fake IT support sites are promoting malicious PowerShell “fixes” for the 0x80070643 error on Windows devices, infecting them with information-stealing malware.
Threat Actor: Unknown | Unknown Victim: Windows users …
Summary: Fake IT support sites are promoting malicious PowerShell “fixes” for the 0x80070643 error on Windows devices, infecting them with information-stealing malware.
Threat Actor: Unknown | Unknown Victim: Windows users …
Summary: A man has been charged with running fake Wi-Fi networks on a commercial flight in Australia and using them to steal passengers’ credentials for email and social media services.…
Summary: The Qualys Threat Research Unit has discovered a Remote Unauthenticated Code Execution vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems, which allows unauthenticated remote code execution as root …
Summary: This content discusses the negative effects of scraper bots on business operations and highlights the impact on various aspects such as revenue, competitive edge, brand identity, customer experience, infrastructure …
Summary: This article discusses multiple critical vulnerabilities in Emerson devices that expose them to cyberattacks.
Threat Actor: N/A Victim: Emerson devices
Key Point :
Multiple critical vulnerabilities have been discovered…Summary: The content discusses the increasing number of vulnerabilities being published and the need for effective vulnerability mitigation strategies to protect against cyberattacks.
Threat Actor: N/A
Victim: N/A
Key Point …
Summary: The Brain Cipher ransomware operation has targeted organizations worldwide, including a recent attack on Indonesia’s temporary National Data Center.
Threat Actor: Brain Cipher | Brain Cipher Victim: Indonesia’s temporary …
Summary: A recent supply chain attack conducted through multiple CDNs has been traced back to a common operator, impacting a large number of websites.
Threat Actor: Unknown | Supply Chain …
Summary: Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance …
Summary: Threat actors are exploiting a critical vulnerability in D-Link DIR-859 WiFi routers to collect account information, including user passwords.
Threat Actor: Unknown | Unknown Victim: D-Link DIR-859 WiFi routers …
Summary: The content discusses the vulnerabilities in 5G technologies that put mobile devices at risk of data theft and denial of service attacks.
Threat Actor: Hackers
Victim: Mobile device users…
Summary: A critical vulnerability in certain versions of GitLab Community and Enterprise Edition products allows attackers to run pipelines as any user.
Threat Actor: Unknown | Unknown Victim: GitLab | …
Summary: Operation First Light 2024, orchestrated by Interpol, resulted in the arrest of thousands of suspects involved in online scams, the freezing of bank accounts, and the seizure of assets …
Summary: Three novel credential-phishing campaigns have emerged from state-sponsored actors, compromising at least 40,000 corporate users in just three months. These campaigns demonstrate an evolution in capabilities and can bypass …
Summary: TeamViewer, a remote access tool company, has confirmed an ongoing cyberattack on its corporate network, attributing it to government-backed hackers working for Russian intelligence.
Threat Actor: APT29 (Midnight Blizzard) …
Summary: Unfurling Hemlock is a threat actor that has been infecting systems with multiple pieces of malware simultaneously, using a “malware cluster bomb” technique.
Threat Actor: Unfurling Hemlock | Unfurling …
Summary: Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets in Git repositories.
Threat Actor: N/A Victim: N/A
Key Point :
Gitleaks is an open-source SAST…Summary: This content discusses a newly discovered campaign that utilizes BPL sideloading and other tactics to deliver the IDAT Loader malware while evading detection.
Threat Actor: Unknown | Unknown Victim: …
Summary: This content discusses a report that found a majority of critical open-source projects use memory-unsafe language, posing security risks.
Threat Actor: None mentioned. Victim: None mentioned.
Key Point :…
Summary: This article discusses a cybercrime incident where a terminated worker unlawfully accessed patient information at Geisinger, a healthcare organization.
Threat Actor: Former employee of Nuance Communications Inc. | Nuance …
Summary: This article discusses the use of social engineering and phishing by scammers to deceive workers and IT help desk staff.
Threat Actor: Scammers | scammers Victim: Workers and IT …
Summary: The content discusses the conviction of a 24-year-old leader of an international robbery crew that kidnapped and terrorized wealthy victims in order to steal cryptocurrency tokens, resulting in the …
Summary: This blog post discusses a new campaign that is distributing a stealer targeting Mac users via malicious Google ads for the Arc browser.
Threat Actor: Rodrigo4 | Rodrigo4 Victim: …
Summary: This content discusses the XenoRAT malware, its association with a North Korean hacking group, and its targeting of the gaming community.
Threat Actor: North Korean hacking group | Kimsuky …
Summary: The healthcare sector receives a high security rating but is vulnerable to supply chain cyber risk, according to SecurityScorecard.
Threat Actor: Ransomware groups | ransomware groups Victim: Healthcare organizations …
Summary: The article discusses how companies are investing in cyber defense in order to qualify for cyber insurance, and highlights the gaps that still exist between recovery costs and the …
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three known exploited vulnerabilities to its catalog, including a code injection flaw in GeoServer and a use-after-free vulnerability in …
Summary: The content discusses the indictment of a 22-year-old Russian, Amin Timovich Stigal, for allegedly attacking Ukrainian government computers and destroying critical infrastructure systems in the “WhisperGate” wiper attack.
Threat …
Summary: BlackBerry detected and stopped 3.1 million cyberattacks in the first quarter of 2024, with a significant increase in malicious hashes compared to the previous reporting period.
Threat Actor: N/A…
Summary: This content discusses the unpatchable vulnerabilities found in temperature monitors made by Proges Plus and used in hospitals.
Threat Actor: No specific threat actor mentioned. Victim: Hospitals using temperature …
Summary: The Vanna AI library is vulnerable to remote code execution (RCE) due to a prompt injection vulnerability.
Threat Actor: Unknown | Vanna AI Victim: Users of Vanna AI | …
Summary: This blog post discusses a newly discovered type of jailbreak attack called Skeleton Key that can subvert the intended behavior of generative AI models.
Threat Actor: N/A
Victim: N/A…
Summary: The California Privacy Protection Agency (CPPA) has signed a partnership agreement with France’s Commission Nationale de l’Informatique et des Libertés (CNIL) to conduct joint research on data privacy issues …
Summary: This content discusses a critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) and the availability of a proof-of-concept exploit online.
Threat Actor: N/A
Victim: Enterprise admins using Fortra …
Summary: A novel malware strain called Snowblind is targeting banking customers in Southeast Asia, using a technique that disables Android banking apps’ ability to detect malicious modifications, leading to financial …
Summary: This content discusses the alleged deliberate infection of South Korean telco KT’s customers with malware due to their excessive use of peer-to-peer downloading tools, resulting in a large number …
Summary: This content discusses the increasing number of malicious packages found in public, open-source repositories and the threat they pose to IT environments.
Threat Actor: Malicious actors | malicious actors …
Summary: This content discusses the issue of secrets being exposed in source code, even after they have been removed, and highlights the potential risks and challenges associated with this.
Threat …
Summary: This content discusses multiple vulnerabilities in ADOdb, a PHP database abstraction layer library, and emphasizes the importance of updating the library to mitigate potential security risks.
Threat Actor: N/A…
Summary: This content discusses how cyberespionage groups are using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal …
Summary: This content discusses a vulnerability in a vendor’s product and provides a business recommendation for addressing the issue.
Threat Actor: N/A
Victim: N/A
Key Point :
The vendor, Siemens,…Summary: The polyfill.io domain, which provides JavaScript code to add functionality to older browsers, has been compromised and is now infecting websites with malware.
Threat Actor: Chinese organization | Chinese …
Summary: This content discusses the collaboration between UK and US law enforcement agencies to combat the Qilin ransomware gang, which has targeted the global healthcare industry. The article also highlights …
Summary: The Medusa banking trojan for Android has resurfaced in campaigns targeting several countries, using more compact variants with fewer permissions and new features to initiate transactions directly from compromised …
Summary: Apple has released a firmware update for AirPods to address an authentication issue that could allow unauthorized access to the headphones, potentially enabling eavesdropping on private conversations.
Threat Actor: …
Summary: This content provides an overview of Zeek, an open-source network analysis framework that operates as a versatile sensor to monitor network traffic and generate comprehensive logs and output for …
Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has notified organizations of potential data exposure after an unidentified threat actor accessed CISA’s Chemical Security Assessment Tool. While no evidence of …
Summary: This content discusses two new vulnerabilities in MOVEit Transfer and MOVEit Gateway, which can be exploited by threat actors to bypass SFTP authentication and gain unauthorized access.
Threat Actor: …
Summary: This content discusses the Russia-linked threat actor group UAC-0184 targeting Ukraine with the XWorm remote access trojan (RAT) through the use of Python-related files.
Threat Actor: UAC-0184 | UAC-0184 …
Summary: Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for conducting phishing campaigns and supply chain compromises to steal millions of dollars …