Tag: MONITOR

Apple Bug Allows Root Protections Bypass Without Physical Access
Summary: Cyber defenders are urged to update macOS systems to address a critical vulnerability (CVE-2024-44243) that compromises the operating system’s security. This flaw allows threat actors to bypass System Integrity Protection (SIP), potentially leading to severe malware installations without physical access.

Threat Actor: Unknown | unknown Victim: Apple | Apple

Key Point :

Vulnerability allows bypassing of macOS System Integrity Protection (SIP).…
Read More
Windows 11 KB5050009 & KB5050021 cumulative updates released
Summary: Microsoft has released mandatory cumulative updates KB5050009 and KB5050021 for Windows 11 to address security vulnerabilities and improve system features. These updates include various fixes and enhancements, particularly for touchscreen gestures, File Explorer, and speech functionalities.

Threat Actor: Microsoft | Microsoft Victim: Windows 11 Users | Windows 11 Users

Key Point :

Mandatory updates KB5050009 and KB5050021 fix security vulnerabilities and improve system features.…
Read More
The Feed 2025, 01, 14
A summary of recent cybersecurity threats including ransomware targeting AWS S3 buckets, a macOS vulnerability allowing SIP bypass, a cyber espionage campaign linked to Russia, and exploitation of a critical RCE vulnerability in Aviatrix Controller. Affected: AWS, macOS, Aviatrix, Microsoft Office

Keypoints :

Codefinger ransomware targets Amazon S3 buckets using SSE-C.…
Read More
New Startups Focus on Deepfakes, Data-in-Motion & Model Security
Summary: In 2024, early growth startups faced challenges in securing capital, yet there was a surge in investments focused on data and AI security, particularly addressing deepfakes and disinformation. The landscape saw significant developments in monitoring technologies and data leakage concerns, prompting a shift in how organizations approach cybersecurity.…
Read More
Extensive Personal Data Leak in France
Victim: France | France Price: Not disclosed Exfiltrated Data Type: Personal Information

Key Points :

Extensive database containing personal information of individuals in France. Leaked data includes names, phone numbers, email addresses, postal addresses, and postal codes. Significant risks include identity theft, phishing attacks, and unauthorized access to sensitive accounts.…
Read More
Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations
This report discusses a cyber espionage campaign linked to the Russian intrusion set UAC-0063, which targets Central Asian countries, particularly Kazakhstan, using weaponized Office documents. The campaign is associated with the APT28 group and aims to collect strategic intelligence concerning Kazakhstan’s diplomatic and economic relations. Affected: Kazakhstan, Ukraine, Israel, India, Kyrgyzstan, Tajikistan

Keypoints :

UAC-0063 is a Russian intrusion set active since at least 2021, targeting various countries.…
Read More
Russian Pharmacy Platform Data Breach Raises Privacy Issues
Victim: apteka.lekafarm.ru | apteka.lekafarm.ru Price: Not disclosed Exfiltrated Data Type: Personal details, prescription records, internal operational data

Key Points :

Data breach involving a prominent Russian pharmacy platform. Leaked database contains sensitive customer information. Risks include identity theft, fraud, and misuse of medical information. Healthcare platforms must enhance security measures to protect sensitive data.…
Read More
INBAL Database Breach Raises Concerns About Security of Cultural Institutions
Victim: Instituto Nacional de Bellas Artes y Literatura (INBAL) | Instituto Nacional de Bellas Artes y Literatura Price: Not disclosed Exfiltrated Data Type: Sensitive institutional data, personal information of users, critical records

Key Points :

Recent data breach exposed sensitive information from INBAL. Leaked database includes personal information of users and critical institutional records.…
Read More
Phishing Trend Exploiting YouTube URLs Through Microsoft Office 365 Expiry Themes
Summary: A new wave of phishing campaigns is exploiting Microsoft 365 password expiry notifications and using cleverly disguised URLs to deceive users into revealing their credentials. These tactics involve obfuscation techniques that make malicious links appear legitimate, increasing the risk of credential theft.

Threat Actor: Phishers | phishers Victim: Microsoft 365 Users | Microsoft 365 Users

Key Point :

Phishing emails use a specific subject line format and urge users to reconfirm passwords.…
Read More
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
Summary: This week’s cybersecurity recap highlights critical vulnerabilities, ongoing exploits, and legal actions against threat actors, emphasizing the importance of proactive security measures. Staying informed about these threats and implementing protective strategies is essential for individuals and organizations alike.

Threat Actor: UNC5337 | UNC5337 Victim: Ivanti | Ivanti

Key Point :

A critical vulnerability in Ivanti Connect Secure appliances has been exploited as a zero-day, allowing for remote code execution.…
Read More
This article provides a comprehensive overview of significant cybersecurity incidents and vulnerabilities reported recently, including outages, data breaches, and exploits targeting various platforms. Affected: Proton Mail, Ivanti VPN, Banshee, BayMark Health Services, Medusind, MirrorFace, STIIIZY, Samsung, GFI KerioControl, Mitel MiCollab, CrowdStrike, Akamai, Casio.

Keypoints :

Proton Mail experienced a worldwide outage due to a surge in database connections during infrastructure migration.…
Read More
RST TI Report Digest: January 13, 2025
This week’s threat intelligence report from RST Cloud highlights significant cyber threats from various actors, including the Chinese state-sponsored group RedDelta targeting Mongolia, Taiwan, and Southeast Asia, as well as the emergence of new malware like Banshee and the Gayfemboy botnet. The report summarizes key findings from 29 threat intelligence reports, detailing tactics, techniques, and procedures (TTPs) used in these attacks, and includes numerous indicators of compromise (IoCs).…
Read More
Magic Trick Shop Database Report Leaked
Victim: Happy Magic | Happy Magic Price: Not disclosed Exfiltrated Data Type: Customer information (names, email addresses, payment information)

Key Points :

Data breach at Happy Magic, a Russian shop specializing in magic tricks. Exposed sensitive customer information, raising concerns about data privacy. Compromised database includes names, email addresses, and potentially payment information.…
Read More
Massive Database Leak Available Online
Victim: Unknown | unknown Price: Free Exfiltrated Data Type: Potentially personal, financial, or corporate information

Key Points :

Leaked database made available in an online thread titled “FREE take it or go away lol.” Exact contents and extent of the data remain unclear. Raises concerns about unauthorized data sharing and risks to privacy and cybersecurity.…
Read More