Summary: The Medusa banking trojan for Android has resurfaced in campaigns targeting several countries, using more compact variants with fewer permissions and new features to initiate transactions directly from compromised …
Author: Cyware
Summary: Apple has released a firmware update for AirPods to address an authentication issue that could allow unauthorized access to the headphones, potentially enabling eavesdropping on private conversations.
Threat Actor: …
Summary: This content provides an overview of Zeek, an open-source network analysis framework that operates as a versatile sensor to monitor network traffic and generate comprehensive logs and output for …
Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has notified organizations of potential data exposure after an unidentified threat actor accessed CISA’s Chemical Security Assessment Tool. While no evidence of …
Summary: This content discusses two new vulnerabilities in MOVEit Transfer and MOVEit Gateway, which can be exploited by threat actors to bypass SFTP authentication and gain unauthorized access.
Threat Actor: …
Summary: This content discusses the Russia-linked threat actor group UAC-0184 targeting Ukraine with the XWorm remote access trojan (RAT) through the use of Python-related files.
Threat Actor: UAC-0184 | UAC-0184 …
Summary: Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for conducting phishing campaigns and supply chain compromises to steal millions of dollars …
Summary: The FBI is warning of cybercriminals posing as law firms and lawyers that offer cryptocurrency recovery services to victims of investment scams and steal funds and personal information.
Threat …
Summary: The Thales 2024 Cloud Security Study reveals that nearly half of organizations have experienced a cloud data breach, with human error and misconfigurations being the top root cause.
Threat …
Summary: This content discusses the SnailLoad bug and its potential impact on internet connections.
Threat Actor: SnailLoad | SnailLoad Victim: Internet connections | Internet connections
Key Point:
Most internet connections…Summary: P2PInfect, a dormant peer-to-peer malware botnet, has recently become active and is deploying a ransomware module and a cryptominer in attacks on Redis servers.
Threat Actor: P2PInfect | P2PInfect …
Summary: This blog discusses SpyMax, an Android RAT that targets Telegram users, and highlights its capabilities and impact on user privacy and data integrity.
Threat Actor: SpyMax | SpyMax Victim: …
Summary: This content discusses a new command execution technique called ‘GrimResource’ that utilizes specially crafted MSC files and an unpatched Windows XSS flaw to execute code through the Microsoft Management …
Summary: This content discusses the operations of a threat actor known as Boolka, who deploys sophisticated malware and engages in web attacks to steal data from targeted websites.
Threat Actor: …
Summary: Multiple WordPress plugins have been backdoored, allowing threat actors to create rogue administrator accounts and inject malicious code into websites.
Threat Actor: Unknown | unknown Victim: WordPress | WordPress…
Summary: The European Union has sanctioned Russian state hackers, including two military officers, who were involved in “hack and leak” operations against Western governments.
Threat Actor: Russian state hackers | …
Summary: This article discusses the increasing threat of AI-generated cyberattacks and the lack of preparedness among organizations to handle these attacks.
Threat Actor: AI-generated cyberattacks
Victim: Organizations
Key Point :…
Summary: The Department of Energy has released a new framework of best practices for securing clean energy cyber supply chains, with a focus on risk management and proactive incident response.…
Summary: Google has developed a framework called Project Naptime that allows a large language model (LLM) to carry out vulnerability research and improve automated discovery approaches.
Threat Actor: N/A
Victim: …
Summary: This article discusses the use of popular online services, such as Pastebin, by malware developers to obfuscate their command and control (C2) server locations and evade detection.
Threat Actor: …
Summary: This content discusses active attacks targeting end-of-life Zyxel NAS boxes after the disclosure of critical vulnerabilities.
Threat Actor: Mirai-like botnet | Mirai-like botnet Victim: Zyxel NAS devices | Zyxel …
Summary: This article discusses a security flaw in the Ollama open-source AI infrastructure platform that could be exploited for remote code execution.
Threat Actor: Unknown | Ollama Victim: Ollama | …
Summary: CoinStats, a cryptocurrency portfolio management app, experienced a security breach that compromised 1,590 cryptocurrency wallets, potentially carried out by North Korean threat actors.
Threat Actor: North Korean threat actors …
Summary: This article discusses Google’s Project Zero framework, which aims to enhance the detection of AI bugs in the field of cybersecurity.
Threat Actor: None mentioned.
Victim: None mentioned.
Key …
Summary: This content discusses a vulnerability in Power BI that allows an attacker to access hidden columns and tables in a report’s semantic model.
Threat Actor: Unknown | Unknown Victim: …
Summary: Organizations struggle to detect breaches as they become more targeted and sophisticated, with many existing security tools unable to detect breaches when they occur.
Threat Actor: N/A
Victim: N/A…
Summary: A China-linked state-sponsored threat actor known as RedJuliett has been conducting a cyber espionage campaign targeting government, academic, technology, and diplomatic organizations in Taiwan and other countries.
Threat Actor: …
Summary: This article discusses the importance of maintaining up-to-date Microsoft SQL Server instances and highlights the lack of attention given to this issue compared to other topics in the IT …
Summary: Positive Technologies researchers have discovered a cybercrime gang called ExCobalt that targeted Russian organizations with a new Golang-based backdoor known as GoRed, believed to be linked to the Cobalt …
Summary: The content discusses a Texas federal court ruling that the U.S. Department of Health and Human Services overstepped its authority in web tracking guidance related to HIPAA.
Threat Actor: …
Summary: A new adware family called AdsExhaust is being distributed through a campaign that tricks users searching for the Meta Quest application into downloading it.
Threat Actor: AdsExhaust | AdsExhaust …
Summary: This content discusses the phenomenon of hackers selling fake data breaches, exploring the motivations behind this deceptive practice.
Threat Actor: Hackers selling fake data breaches | hackers selling fake …
Summary: The content discusses the sanctions imposed by the US Treasury Department on twelve Kaspersky Lab executives for their role in the Russian company, highlighting the commitment to protect against …
Summary: Polish prosecutors have seized Pegasus spyware systems from a government agency in Warsaw as part of an investigation into the alleged abuse of the surveillance tool by the previous …
Summary: A Chinese-language advanced persistent threat (APT) group, known as SneakyChef, has been spying on government ministries across the eastern hemisphere using a modified version of Gh0st RAT called SugarGh0st …
Summary: This article discusses a new phishing campaign, dubbed PHANTOM#SPIKE, that targets people in Pakistan using a custom backdoor. The campaign uses military-related phishing documents to activate the infection sequence.…
Summary: Semperis, a startup focused on Active Directory (AD) protection, has raised $125 million in funding to further develop its AD protection tools and expand its business.
Threat Actor: N/A…
Summary: The U.S. Department of Commerce has issued a ban on Kaspersky Lab’s security software in the country, citing national security risks due to the company’s ties to the Russian …
Summary: The RansomHub ransomware operation has developed a Linux encryptor specifically designed to target VMware ESXi environments in corporate attacks.
Threat Actor: RansomHub | RansomHub Victim: Corporate organizations | corporate …
Summary: This article discusses the increase in the number of cybersecurity mentions in organizations’ annual 10-K filings reported to the SEC, indicating a growing focus on cybersecurity posture.
Threat Actor: …
Summary: This content discusses the importance of public-private collaboration in ensuring the security of critical infrastructure.
Threat Actor: N/A Victim: N/A
Key Point :
The Department of Homeland Security (DHS)…Summary: This article discusses the upcoming minimum cybersecurity mandates expected for hospitals and questions whether they will be sufficient in addressing the cyber threats in the healthcare sector.
Threat Actor: …
Summary: A vulnerability called “CosmicSting” in Adobe Commerce and Magento websites is leaving millions of sites at risk of XML external entity injection (XXE) and remote code execution (RCE) attacks.…
Summary: A study by Hack The Box reveals that British and US enterprises may be losing up to $756 million each year due to lost productivity caused by burned-out cybersecurity …
Summary: This content discusses Cilium, an open-source, cloud-native solution that uses eBPF technology to provide secure and monitored network connectivity between workloads.
Threat Actor: N/A
Victim: N/A
Key Point :…
Summary: Pomerium, the NextGen Access platform, has raised $13.75 million in a Series A funding round and announced its newest security platform offering, Pomerium Zero, which provides secure access to …
Summary: Russian-aligned threat actor Nobelium has been continuously targeting French diplomatic entities and public organizations since 2021, according to the French cybersecurity agency ANSSI.
Threat Actor: Nobelium | Nobelium Victim: …
Summary: The Atlassian June 2024 Security Bulletin addressed multiple high-severity vulnerabilities in their Confluence, Crucible, and Jira products.
Threat Actor: None identified.
Victim: Atlassian.
Key Point :
The Atlassian June…Summary: Russian hackers are suspected to be behind the disruption of an online broadcast of the Euro 2024 soccer tournament in Poland.
Threat Actor: Russian hackers | Russian hackers Victim: …
Summary: This content explains what overlays are, particularly on Android devices, and how cybercriminals use them to deceive users.
Threat Actor: Cybercriminals | cybercriminals Victim: Android device users | Android …