Summary: A South Korean ERP vendor’s product update server has been compromised by a threat actor, resulting in the delivery of malware instead of legitimate updates.
Threat Actor: Andariel | …
Summary: A South Korean ERP vendor’s product update server has been compromised by a threat actor, resulting in the delivery of malware instead of legitimate updates.
Threat Actor: Andariel | …
Summary: Polish prosecutors are investigating a suspected Russian cyberattack on the country’s state news agency, with the likely goal being disinformation aimed at causing disturbances in Poland’s system or economy.…
Summary: The content discusses the decline in activity of the Predator spyware group, indicating that sanctions and exposure have impacted their operations.
Threat Actor: Predator spyware group | Predator spyware …
Summary: Brighton Park Capital has made an $112 million investment in PortSwigger, an application security software provider, to support its growth and innovation initiatives.
Threat Actor: Brighton Park Capital | …
Summary: The content discusses the projected growth of spending on operational technology (OT) cybersecurity and the factors driving this increase.
Threat Actor: N/A Victim: N/A
Key Point :
Enterprise spending…Summary: AuthZed, a leader in managing permissions systems, has completed a $12 million Series A funding round to accelerate the expansion of its fully managed and easy-to-deploy permissions system for …
Summary: A popular dependency manager for Apple apps, CocoaPods, has been found to have serious vulnerabilities, making it a prime target for hackers.
Threat Actor: Hackers targeting the CocoaPods platform.…
Summary: TeamViewer, a software company, confirmed that it was breached by the Russian hacking group APT29, also known as Cozy Bear, BlueBravo, and Midnight Blizzard.
Threat Actor: APT29 | APT29 …
Summary: This content discusses a data security startup called Odaseva that has raised $54 million to enhance its services.
Threat Actor: N/A Victim: N/A
Key Point :
A data security…Date Reported: 2024-06-27 Country: France (FRA) Victim: Théâtre de la Cité internationale | Theatre of the International City | forumsirius.com Additional Information:
The Théâtre de la Cité internationale in Paris…Date Reported: 2024-06-28 Country: Chile Victim: Colmena | colmena.cl Additional Information :
Colmena has detected a cybersecurity incident in some of its technological platforms. This incident has affected the availability…Summary: Fake IT support sites are promoting malicious PowerShell “fixes” for the 0x80070643 error on Windows devices, infecting them with information-stealing malware.
Threat Actor: Unknown | Unknown Victim: Windows users …
Summary: A man has been charged with running fake Wi-Fi networks on a commercial flight in Australia and using them to steal passengers’ credentials for email and social media services.…
Summary: The Qualys Threat Research Unit has discovered a Remote Unauthenticated Code Execution vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems, which allows unauthenticated remote code execution as root …
Summary: This content discusses the negative effects of scraper bots on business operations and highlights the impact on various aspects such as revenue, competitive edge, brand identity, customer experience, infrastructure …
Summary: This article discusses multiple critical vulnerabilities in Emerson devices that expose them to cyberattacks.
Threat Actor: N/A Victim: Emerson devices
Key Point :
Multiple critical vulnerabilities have been discovered…Summary: The content discusses the increasing number of vulnerabilities being published and the need for effective vulnerability mitigation strategies to protect against cyberattacks.
Threat Actor: N/A
Victim: N/A
Key Point …
Summary: The Brain Cipher ransomware operation has targeted organizations worldwide, including a recent attack on Indonesia’s temporary National Data Center.
Threat Actor: Brain Cipher | Brain Cipher Victim: Indonesia’s temporary …
Summary: A recent supply chain attack conducted through multiple CDNs has been traced back to a common operator, impacting a large number of websites.
Threat Actor: Unknown | Supply Chain …
Summary: Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance …
Summary: Threat actors are exploiting a critical vulnerability in D-Link DIR-859 WiFi routers to collect account information, including user passwords.
Threat Actor: Unknown | Unknown Victim: D-Link DIR-859 WiFi routers …
Summary: The content discusses the vulnerabilities in 5G technologies that put mobile devices at risk of data theft and denial of service attacks.
Threat Actor: Hackers
Victim: Mobile device users…
Summary: A critical vulnerability in certain versions of GitLab Community and Enterprise Edition products allows attackers to run pipelines as any user.
Threat Actor: Unknown | Unknown Victim: GitLab | …
Summary: Operation First Light 2024, orchestrated by Interpol, resulted in the arrest of thousands of suspects involved in online scams, the freezing of bank accounts, and the seizure of assets …
Summary: Three novel credential-phishing campaigns have emerged from state-sponsored actors, compromising at least 40,000 corporate users in just three months. These campaigns demonstrate an evolution in capabilities and can bypass …
Summary: TeamViewer, a remote access tool company, has confirmed an ongoing cyberattack on its corporate network, attributing it to government-backed hackers working for Russian intelligence.
Threat Actor: APT29 (Midnight Blizzard) …
Summary: Unfurling Hemlock is a threat actor that has been infecting systems with multiple pieces of malware simultaneously, using a “malware cluster bomb” technique.
Threat Actor: Unfurling Hemlock | Unfurling …
Summary: Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets in Git repositories.
Threat Actor: N/A Victim: N/A
Key Point :
Gitleaks is an open-source SAST…Summary: This content discusses a newly discovered campaign that utilizes BPL sideloading and other tactics to deliver the IDAT Loader malware while evading detection.
Threat Actor: Unknown | Unknown Victim: …
Summary: This content discusses a report that found a majority of critical open-source projects use memory-unsafe language, posing security risks.
Threat Actor: None mentioned. Victim: None mentioned.
Key Point :…
Summary: This article discusses a cybercrime incident where a terminated worker unlawfully accessed patient information at Geisinger, a healthcare organization.
Threat Actor: Former employee of Nuance Communications Inc. | Nuance …
Summary: This article discusses the use of social engineering and phishing by scammers to deceive workers and IT help desk staff.
Threat Actor: Scammers | scammers Victim: Workers and IT …
Summary: The content discusses the conviction of a 24-year-old leader of an international robbery crew that kidnapped and terrorized wealthy victims in order to steal cryptocurrency tokens, resulting in the …
Summary: This blog post discusses a new campaign that is distributing a stealer targeting Mac users via malicious Google ads for the Arc browser.
Threat Actor: Rodrigo4 | Rodrigo4 Victim: …
Summary: This content discusses the XenoRAT malware, its association with a North Korean hacking group, and its targeting of the gaming community.
Threat Actor: North Korean hacking group | Kimsuky …
Summary: The healthcare sector receives a high security rating but is vulnerable to supply chain cyber risk, according to SecurityScorecard.
Threat Actor: Ransomware groups | ransomware groups Victim: Healthcare organizations …
Summary: The article discusses how companies are investing in cyber defense in order to qualify for cyber insurance, and highlights the gaps that still exist between recovery costs and the …
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three known exploited vulnerabilities to its catalog, including a code injection flaw in GeoServer and a use-after-free vulnerability in …
Summary: The content discusses the indictment of a 22-year-old Russian, Amin Timovich Stigal, for allegedly attacking Ukrainian government computers and destroying critical infrastructure systems in the “WhisperGate” wiper attack.
Threat …
Summary: BlackBerry detected and stopped 3.1 million cyberattacks in the first quarter of 2024, with a significant increase in malicious hashes compared to the previous reporting period.
Threat Actor: N/A…
Date Reported: 2024-06-25 Country: United Kingdom (GBR) Victim: Shoe Zone | shoezone.com Additional Information :
The shoe retailer Shoe Zone has been targeted in a cyber attack, but immediate measures…Date Reported: 2024-06-27 Country: CAN | Canada Victim: Co-op | coop.ca Additional Information:
A cyberattack has led to the closure of several Co-op locations, including gas stations and stores, after…Summary: This content discusses the unpatchable vulnerabilities found in temperature monitors made by Proges Plus and used in hospitals.
Threat Actor: No specific threat actor mentioned. Victim: Hospitals using temperature …
Summary: The Vanna AI library is vulnerable to remote code execution (RCE) due to a prompt injection vulnerability.
Threat Actor: Unknown | Vanna AI Victim: Users of Vanna AI | …
Summary: This blog post discusses a newly discovered type of jailbreak attack called Skeleton Key that can subvert the intended behavior of generative AI models.
Threat Actor: N/A
Victim: N/A…
Summary: The California Privacy Protection Agency (CPPA) has signed a partnership agreement with France’s Commission Nationale de l’Informatique et des Libertés (CNIL) to conduct joint research on data privacy issues …
Date Reported: 2024-06-27 Country: Croatia (HRV) Victim: KBC Zagreb | KBC Zagreb | kbc-zagreb.hr Additional Information:
The University Hospital Centre Zagreb (KBC Zagreb) was targeted in a cyber attack during…Summary: This content discusses a critical SQL injection vulnerability in Fortra FileCatalyst Workflow (CVE-2024-5276) and the availability of a proof-of-concept exploit online.
Threat Actor: N/A
Victim: Enterprise admins using Fortra …
Summary: A novel malware strain called Snowblind is targeting banking customers in Southeast Asia, using a technique that disables Android banking apps’ ability to detect malicious modifications, leading to financial …
Summary: This content discusses the alleged deliberate infection of South Korean telco KT’s customers with malware due to their excessive use of peer-to-peer downloading tools, resulting in a large number …