Microsoft: North Korean hackers target Russian govt, defense orgs
Microsoft says North Korean hacking groups have breached multiple Russian government and defense targets since the start of the year....
Month: September 2023
US and UK sanction 11 TrickBot and Conti cybercrime gang members
The USA and the United Kingdom have sanctioned eleven Russian nationals associated with the TrickBot and Conti ransomware cybercrime operations. The...
Apple zero-click iMessage exploit used to infect iPhones with spyware
Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a...
Google Looker Studio abused in cryptocurrency phishing attacks
Cybercriminals are abusing Google Looker Studio to create counterfeit cryptocurrency phishing websites that phish digital asset holders, leading to account...
Iranian hackers breach US aviation org via Zoho, Fortinet bugs
Image: Midjourney State-backed hacking groups have breached a U.S. aeronautical organization using exploits targeting critical Zoho and Fortinet vulnerabilities, a...
Cisco BroadWorks impacted by critical authentication bypass flaw
A critical vulnerability impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow remote attackers...
CISA warns of critical Apache RocketMQ bug exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities (KEV) a critical–severity...
BlackByte Ransomware Victim: FOCUS Business Solutions
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
BlackByte Ransomware Victim: Chambersburg Area School District
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Apple Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Apple Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
MITRE and CISA Release OT Attack Emulation Tool
A new open source tool designed to emulate cyber-attacks against operational technology (OT) has been released by MITRE and the...
Russia-Backed APT28 Tried to Attack a Ukrainian Critical Power Facility
Ukraine’s Computer Emergency Response Team (CERT-UA) issued an alert on September 5, 2023, about a cyber-attack attempted by Russian threat...
High-Severity Vulnerability Discovered in Popular CMS
A high-severity vulnerability has been discovered in PHPFusion, an open-source content management system (CMS) used by over 15 million websites...
Hundreds of Scam Pages Uncovered in Major Investment Fraud Campaign
Researchers are warning of a major global investment fraud campaign that uses social media advertising to lure unwitting victims into...
UK Government Backs Down on Anti-Encryption Stance
The UK government appears to have pulled back on a controversial clause in its forthcoming Online Safety Bill that would...
Chinese Hacker Steals Microsoft Signing Key, Spies on US Government
A China-based threat actor gained access to a Microsoft account (MSA) cryptographic key, as early as 2021, and used it...
IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary
Sensitive patient data may have been accessed following a breach of the Janssen CarePath platform, a subsidiary of pharmaceutical giant...
DGA Behavior Shifts Raise Cybersecurity Concerns
Researchers at Akamai have unearthed a concerning shift in the behavior of dynamically seeded Domain Generation Algorithm (DGA) families within...
UK and US Sanction 11 Russians Tied to Trickbot/Conti Ransomware
The US and the UK have sanctioned 11 individuals accused of being linked with the Trickbot malware and the Conti...
Zero-Day Flaw Exposes Atlas VPN User IPs
A Reddit user known as “Educational-Map-8145” has exposed a critical zero-day flaw affecting the Linux client of Atlas VPN, a popular...
API Vulnerabilities: 74% of Organizations Report Multiple Breaches
API security company Traceable has unveiled its 2023 State of API Security Report. In collaboration with the Ponemon Institute, the...
CISA: CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware
CISA and International Partners Release Malware Analysis Report on Infamous Chisel Mobile Malware Today, the United Kingdom’s National Cyber Security...
CISA: CISA Adds One Known Vulnerability to Catalog
CISA Adds One Known Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on August 31, 2023. These...