DarkGate Malware Campaigns Linked to Vietnam-Based Cybercriminals
Vietnam-based cybercriminals are believed to be behind to attacks using DarkGate malware, which have targeted organizations in the UK, US...
News
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
India targets Microsoft, Amazon tech support scammers in nationwide crackdown
India's Central Bureau of Investigation (CBI) raided 76 locations in a nationwide crackdown on cybercrime operations behind tech support scams...
Casio discloses data breach impacting customers in 149 countries
Japanese electronics manufacturer Casio disclosed a data breach impacting customers from 149 countries after hackers gained to the servers of...
Iranian hackers lurked in Middle Eastern govt network for 8 months
The Iranian hacking group tracked as OilRig (APT34) breached at least twelve computers belonging to a Middle Eastern government network...
Ragnar Locker ransomware’s dark web extortion sites seized by police
The Ragnar Locker ransomware operation's Tor negotiation and data leak sites were seized Thursday morning as part of an international...
Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day
More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed...
BlackCat ransomware uses new ‘Munchkin’ Linux VM in stealthy attacks
The BlackCat/ALPHV ransomware operation has begun to use a new tool named 'Munchkin' that utilizes virtual machines to deploy encryptors...
Fake KeePass site uses Google Ads and Punycode to push malware
A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official...
Microsoft extends Purview Audit log retention after July breach
Microsoft is extending Purview Audit log retention as promised after the Chinese Storm-0558 hacking group breached dozens of Exchange and...
E-Root admin faces 20 years for selling stolen RDP, SSH accounts
Sandu Diaconu, the operator of the E-Root marketplace, has been extradited to the U.S. to face a maximum imprisonment penalty...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
Clever malvertising attack uses Punycode to look like KeePass’s official website
Threat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a...
FBI warns of extortion groups targeting plastic surgery offices
Update October 18, 12:12 EDT: Added statement from the American Board of Plastic Surgery. The FBI warned of cybercriminals using...
Single Sign On and the Cybercrime Ecosystem
It’s not just your perception, cybercrime is increasing dramatically. At Flare we’ve identified a 112% increase in data extortion ransomware...
Google links WinRAR exploitation to Russian, Chinese state hackers
Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by...
MATA malware framework exploits EDR in attacks on defense firms
An updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil...
Recently patched Citrix NetScaler bug exploited as zero-day since August
A critical vulnerability tracked as CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August,...
Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials
Hackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux...
Google Play Protect adds real-time scanning to fight Android malware
Google has announced new, real-time scanning features for Google Play Protect that make it harder for malicious apps employing polymorphism...
Hacker leaks millions of new 23andMe genetic data profiles
A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany...
Ukrainian activists hack Trigona ransomware gang, wipe servers
A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang...
Ex-Navy IT head gets 5 years for selling people’s data on darkweb
Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison...
North Korean hackers exploit critical TeamCity flaw to breach networks
Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to...
