DirtyMoe Malware Infects 2,000+ Ukrainian Computers for DDoS and Cryptojacking
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned that more than 2,000 computers in the country have been...
News
Active Exploitation of Vulnerability in Ivanti Products
Ivanti has released security updates to address two high severity vulnerabilities (CVE-2024-21888 and CVE-2024-21893) in Ivanti Connect Secure (ICS), Ivanti...
Former CIA Engineer Sentenced to 40 Years for Leaking Classified Documents
A former software engineer with the U.S. Central Intelligence Agency (CIA) has been sentenced to 40 years in prison by...
INTERPOL Arrests 31 in Global Operation, Identifies 1,900+ Ransomware-Linked IPs
An INTERPOL-led collaborative operation targeting phishing, banking malware, and ransomware attacks has led to the identification of 1,300 suspicious IP...
Cloudzy Elevates Cybersecurity: Integrating Insights from Recorded Future to Revolutionize Cloud Security
Cloudzy, a prominent cloud infrastructure provider, proudly announces a significant enhancement in its cybersecurity landscape. This breakthrough has been achieved...
Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs
Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen...
Purplefox Malware Infects Thousands Of Computers In Ukraine
The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least...
Ftc Orders Blackbaud To Boost Security After Massive Data Breach
Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading...
More Android Apps Riddled With Malware Spotted On Google Play
An Android remote access trojan (RAT) known as VajraSpy was found in 12 malicious applications, six of which were available...
Cisa Orders Federal Agencies To Disconnect Ivanti Vpn Appliances By Saturday
CISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple...
New Windows Event Log Zero Day Flaw Gets Unofficial Patches
Free unofficial patches are available for a new Windows zero-day flaw dubbed EventLogCrasher that lets attackers remotely crash the Event Log...
Cloudflare Hacked Using Auth Tokens Stolen In Okta Attack
Cloudflare disclosed today that its internal Atlassian server was breached by a suspected 'nation state attacker' who accessed its Confluence...
CISA Warns of Active Exploitation Apple iOS and macOS Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and...
US Thwarts Volt Typhoon Cyber Espionage Campaign Through Router Disruption
Hundreds of routers have been disabled in the US in an effort to take down a cyber espionage campaign conducted...
Ivanti Releases Zero-Day Patches and Reveals Two New Bugs
Ivanti has finally released patches for two critical zero-day vulnerabilities, but said the update also covers two new bugs – one...
Interpol-Led Initiative Targets 1300 Suspicious IPs
Unveiling a new operation named Synergia, law enforcement agencies from over 50 Interpol member countries have joined forces in a...
US Agencies Failure to Oversee Ransomware Protections Threaten White House Goals
The White House’s goal of bolstering the cyber resilience of critical infrastructure is being threatened by US federal agencies’ lack...
Pump-and-Dump Schemes Make Crypto Fraudsters $240m
Market manipulators may have made over $240m last year by artificially inflating the value of Ethereum tokens, according to Chainalysis.The...
Google’s Bazel Exposed to Command Injection Threat
Security researchers have recently unearthed a supply-chain vulnerability within Bazel, one of Google’s flagship open-source products. The flaw centered around a...
FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network
The threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that...
CISA Warns of Active Exploitation of Flaw in Apple iOS and macOS
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and...
Exposed Docker APIs Under Attack in ‘Commando Cat’ Cryptojacking Campaign
Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. "The campaign...
Malvertisers Zoom In On Cryptocurrencies And Initial Access
During the past month, we have observed an increase in the number of malicious ads on Google searches for “Zoom”,...
Ransomware Review December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
