Summary: ESET researchers have analyzed the activities of the CosmicBeetle threat actor, focusing on its newly developed ScRansom ransomware and its connections to other ransomware groups, including LockBit and RansomHub. …
Tag: full
Summary: The Cyber Safety Review Board (CSRB), led by the DHS, is preparing to announce its next investigation into a significant cybersecurity incident, following previous examinations of major vulnerabilities and …
Summary: Cybercriminals are exploiting large language models (LLMs) to execute sophisticated attacks, including jailbreaking and data poisoning, which pose significant risks to enterprises. Effective protection against these threats requires a …
Short Summary:
Cisco Talos has identified a new cyber threat named “DragonRank,” which targets web application services primarily in Asia and parts of Europe. This threat utilizes the PlugX and …
Threat Actor: Unknown | unknown Victim: Major Brazilian Real Estate Company | Major Brazilian Real Estate Company Price: $15,000 (or $5,000 for ransomware operators) Exfiltrated Data Type: Network access, administrative …
Summary: Security researchers have disclosed a critical zero-day vulnerability in Windows, tracked as CVE-2024-30051, that allows attackers to escalate privileges to SYSTEM level through a heap-based buffer overflow. The vulnerability …
Threat Actor: $udo | $udo Victim: Puregold | Puregold Price: Not specified Exfiltrated Data Type: Customer records, transaction data, operational data
Key Points :
Over 130,000 customer records allegedly compromised.…Summary: The FreeBSD Project has issued a critical security advisory regarding a vulnerability (CVE-2024-43102) that could allow attackers to exploit kernel panic or execute arbitrary code, leading to potential system …
Summary: Zyxel has issued critical hotfixes for its NAS326 and NAS542 products due to a severe command injection vulnerability (CVE-2024-6342) that allows remote code execution. Despite these devices reaching their …
Rapid7 has been recognized as a Leader in the IDC MarketScape: Worldwide SIEM for SMB 2024 Vendor Assessment. The company highlights the unique features of its InsightIDR product, …
ESET researchers have documented the activities of the CosmicBeetle threat actor, focusing on its newly developed ScRansom ransomware. This group has replaced its previous ransomware, Scarab, with ScRansom, …
Short Summary:
Intezer’s investigation into a file during alert triage revealed a new infostealer variant named Yet Another Silly Stealer (YASS), which shares similarities with CryptBot but has significant differences …
Threat Actor: Unknown | unknown Victim: Slim CD, Inc. | Slim CD, Inc. Price: N/A Exfiltrated Data Type: Sensitive credit card information
Key Points :
Approximately 1.7 million users affected…Short Summary:
Repellent Scorpius is a newly emerged ransomware-as-a-service (RaaS) group distributing Cicada3301 ransomware, first identified in May 2024. The group employs a double extortion scheme, encrypting data and threatening …
Threat Actor: The Brotherhood | The Brotherhood Victim: Cybercriminals | Cybercriminals Price: $750 per slot Exfiltrated Data Type: Sensitive data (passwords, cookies)
Key Points :
The Brotherhood connects the BlackForums…Summary: A security researcher has disclosed a critical elevation of privilege vulnerability in the Windows Telephony service, tracked as CVE-2024-26230, which allows attackers to gain SYSTEM privileges through a use-after-free …
Threat Actor: Unknown | unknown Victim: Slim CD | Slim CD Price: N/A Exfiltrated Data Type: Personal data and credit card information
Key Points :
Data breach affected approximately 1.7…Threat Actor: Unknown | Unknown Victim: Brasil Bitcoin | Brasil Bitcoin Price: $2,000 USD Exfiltrated Data Type: Personal Information
Key Points :
Alleged breach of the Brazilian cryptocurrency exchange Brasil…Summary: HAProxy has issued a security advisory regarding CVE-2024-45506, a critical vulnerability in its load balancing software that is currently being exploited, potentially leading to remote denial-of-service (DoS) attacks. The …
Summary: A new variant of sextortion email scams is targeting spouses by falsely claiming that their partner is cheating, complete with links to alleged proof. These scams have evolved since …
Short Summary:
In July 2024, a previously unknown backdoor named Loki was discovered, which is a private version of an agent from the open-source Mythic framework. Loki has been used …
Short Summary:
Earth Preta has enhanced its attack strategies, utilizing new tools and malware variants in worm-based attacks and time-sensitive spear-phishing campaigns targeting government entities in the APAC region. Key …
The report by CYFIRMA details the discovery of a sophisticated dropper binary known as BLX Stealer (or XLABB Stealer), designed to steal sensitive information from compromised systems. This …
Network forensics is a specialized field within cybersecurity focused on the monitoring, capturing, and analysis of network traffic to uncover and investigate security incidents or breaches.
By examining data packets, …
Summary: A series of critical vulnerabilities in Veeam Backup & Replication have been identified, exposing organizations to severe risks including unauthorized access and remote code execution. The most critical vulnerability …
Summary: Hackers stole approximately $27 million worth of cryptocurrency from the Penpie DeFi protocol, prompting the company to halt withdrawals and file reports with local authorities and the FBI. Despite …
Summary: The Fog Ransomware group has expanded its targeting from education and recreation sectors to the financial services sector, successfully launching an attack that was mitigated by Adlumin’s advanced security …
Short Summary:
Fog ransomware, first detected in May 2024, is a new strain targeting US educational organizations. Darktrace’s investigation revealed a rapid attack cycle, utilizing compromised VPN credentials for initial …
Short Summary:
The SonicWall Capture Labs threat research team has identified a high-severity SQL Injection vulnerability (CVE-2024-23119) in Centreon Web versions prior to 22.10.17, 23.04.13, and 23.10.5. This vulnerability allows …
Threat Actor: Unknown | unknown Victim: Private College in Spain | private college in Spain Price: $4,500 Exfiltrated Data Type: IT infrastructure access
Key Points :
Access to critical systems…Threat Actor: Unknown | unknown Victim: Dingding Talk | Dingding Talk Price: For Sale (exact price not disclosed) Exfiltrated Data Type: User Information
Key Points :
Threat actor leaked a…Short Summary:
Satori has reported on a significant fraud campaign named “Konfety,” which exploits the CaramelAds mobile ad SDK to create malicious duplicates of popular apps. The investigation revealed numerous …
Summary: Security researchers have disclosed a critical vulnerability (CVE-2024-26581) in the Linux kernel that allows local authenticated attackers to leak sensitive information, potentially leading to privilege escalation. The flaw affects …
Summary: Lowe’s employees are being targeted by phishing attacks through malicious Google ads that mimic the company’s employee portal, MyLowesLife. These typosquatting websites are designed to steal employee credentials by …
“`html
1. Short SummaryThe article discusses the increasing threat activity associated with the Kimsuky group, particularly focusing on the Konni campaign. It highlights the use of legitimate cloud and …
Summary: A critical vulnerability, CVE-2024-20017, has been discovered in MediaTek chipsets, allowing remote code execution on affected devices without user interaction. Security researcher Hyprdude has released a proof-of-concept exploit, highlighting …
Short Summary:
ShrinkLocker is a newly identified ransomware strain that exploits BitLocker to encrypt data and create a secure boot partition, locking users out unless a ransom is paid. It …
Summary: A targeted cyber-attack has been identified by Cyble Research and Intelligence Lab (CRIL) against political figures and government officials in Malaysia, utilizing malicious ISO files to deploy the Babylon …
Summary: JFrog’s security research team has identified a new supply chain attack technique called “Revival Hijack,” which allows malicious actors to hijack removed PyPI packages, potentially leading to widespread malware …
The Head Mare hacktivist group targets Russian and Belarusian organizations, leveraging cyberattacks as a means to influence geopolitical tensions related to the Russo-Ukrainian conflict. Their operations involve sophisticated …
Summary: CISA has identified three critical vulnerabilities in its KEV catalog, emphasizing their active exploitation and urging immediate patching by organizations. Notably, vulnerabilities in Draytek routers and Kingsoft WPS Office …
Summary: Google has patched a high-severity privilege escalation vulnerability in its Android operating system, tracked as CVE-2024-32896, which is currently being exploited in the wild. The vulnerability allows for local …
Threat Actor: Play | Play Victim: Microchip Technology | Microchip Technology Price: Unknown Exfiltrated Data Type: Employee information, financial reports, payroll records, customer documents, tax files
Key Points :
Microchip…Victim: Arch Street Capital Advisors Country : US Actor: qilin Source: http://kbsqoivihgdmwczmxkbovk7ss2dcynitwhhfu5yw725dboqo5kthfaad.onion/site/view?uuid=231f4228-f67d-3496-8f2d-6f9796693a8b Discovered: 2024-09-05 09:39:22.301176 Published: 2024-09-05 00:00:00.000000 Description : Arch Street Capital Advisors is a full-service real estate investment …
Tropic Trooper, an APT group active since 2011, has recently targeted a government entity in the Middle East, marking a strategic shift in their operations. Their campaigns involve …
Short Summary:
The Fog Ransomware group has shifted its focus from targeting educational and recreational sectors to attacking financial services. Adlumin successfully thwarted a ransomware attack in August 2024, utilizing …
Short Summary:
Mallox is a sophisticated ransomware family that has been actively attacking organizations globally since 2021. With over 700 samples discovered, it has evolved significantly, particularly in 2023 and …