Russian hackers switch to LOTL technique to cause power outage
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the...
News
US-CERT Vulnerability Summary for the Week of October 30, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocontec -- solarview_compact_firmwareAn issue in Contec SolarView Compact v.6.0 and before allows...
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
The threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT...
MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel
Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting...
When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules
While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information...
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP)...
WhatsApp Introduces New Privacy Feature to Protect IP Address in Calls
Meta-owned WhatsApp is officially rolling out a new privacy feature in its messaging service called "Protect IP Address in Calls"...
TransForm says ransomware data breach affects 267,000 patients
Shared service provider TransForm has published an update on the cyberattack that recently impacted operations in multiple hospitals in Ontario,...
Marina Bay Sands discloses data breach impacting 665,000 customers
The Marina Bay Sands (MBS) luxury resort and casino in Singapore has disclosed a data breach that impacts personal data...
Microsoft Authenticator now blocks suspicious MFA alerts by default
Microsoft has introduced a new protective feature in the Authenticator app to block notifications that appear suspicious based on specific checks...
BlueNoroff hackers backdoor Macs with new ObjCShellz malware
The North Korean-backed BlueNorOff threat group targets Apple customers with new macOS malware tracked as ObjCShellz that can open remote...
Fake Ledger Live app in Microsoft Store steals $768,000 in crypto
Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at...
Sumo Logic discloses security breach, advises API key resets
Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account...
WhatsApp now lets users hide their location during calls
WhatsApp is rolling out a new privacy feature that helps Android and iOS users hide their location during calls by...
Russian-speaking threat actor “farnetwork” linked to 5 ransomware gangs
The operator of the Nokoyawa ransomware-as-a-service (RaaS), a threat actor known as 'farnetwork', built experience over the years by helping the JSWORM, Nefilim, Karma,...
Russian state-owned Sberbank hit by 1 million RPS DDoS attack
Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of...
FBI: Ransomware gangs hack casinos via 3rd party gaming vendors
The Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management...
New BlueNoroff Malware Variant Targets Cryptocurrency Exchanges
Security researchers have uncovered a new malware variant believed to be associated with the BlueNoroff Advanced Persistent Threat (APT) group. BlueNoroff...
Veeam Patches Two Critical Bugs in Veeam ONE
Data resiliency specialist Veeam has released hotfixes to resolve four newly discovered vulnerabilities in its flagship IT monitoring and analytics...
SIM Box Fraud to Drive 700% Surge in Roaming Scams
The volume of global roaming fraud traffic is set to increase by a staggering 700% over the coming five years...
Threat Actor Farnetwork Linked to Five Ransomware Schemes
Security researchers have shared information on a prolific threat actor who has contributed to multiple ransomware-as-a-service (RaaS) programs over the...
Three-Quarters of Retail Ransomware Attacks End in Encryption
The share of global retailers hit by a serious ransomware breach over the past 12 months fell nearly 10 percentage...
Data Breach at Singapore’s Marina Bay Sands Affects 665,000 Customers
The Singapore-based luxury complex Marina Bay Sands revealed it was hit by a security incident that exposed the personal data...
GootBot Implant Heightens Risk of Post-Infection Ransomware
A “GootBot” implant, a variant of the notorious Gootloader malware, has been discovered by the IBM X-Force team. In an advisory published...
