Bumblebee malware returns in new attacks abusing WebDAV folders
The malware loader 'Bumblebee' has broken its two-month vacation with a new campaign that employs new distribution techniques that abuse...
News
APT36 state hackers infect Android devices using YouTube app clones
The APT36 hacking group, aka 'Transparent Tribe,' has been observed using at least three Android apps that mimic YouTube to infect...
Trend Micro fixes endpoint protection zero-day used in attacks
Trend Micro fixed a remote code execution zero-day vulnerability in the Trend Micro's Apex One endpoint protection solution that was actively exploited...
Hackers backdoor telecom providers with new HTTPSnoop malware
New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat...
Claimants in Celsius crypto bankruptcy targeted in phishing attack
Scammers are impersonating the bankruptcy claim agent for crypto lender Celsius in phishing attacks that attempt to steal funds from...
GitLab urges users to install security updates for critical pipeline flaw
GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users...
Hackers breached International Criminal Court’s systems last week
The International Criminal Court (ICC) disclosed a cyberattack on Tuesday after discovering last week that its systems had been breached....
Microsoft AI Researchers Leak 38TB of Private Data
Microsoft accidentally revealed a huge trove of sensitive internal information dating back over three years via a public GitHub repository,...
Clorox Struggling to Recover From August Cyber-Attack
A leading US manufacturer of cleaning products has admitted its operations are still experiencing major disruption after the firm experienced...
#mWISE: Chinese Cyber Power Bigger Than the Rest of the World Combined
While most people won’t be surprised to hear that China is investing heavily in cybersecurity, the extent of the country’s...
Chinese Group Exploiting Linux Backdoor to Target Governments
A Chinese-linked threat actor known as ‘Earth Lusca’ has been conducting cyber espionage campaigns against governments around the world via...
#mWISE: FBI Director Urges Greater Private-Public Collaboration Against Cybercrime
“I’m here to recruit you.” Was Christopher Wray, director of the FBI, really joking when he said that hiring people...
Threat Actor Claims Major TransUnion Data Breach
A notorious threat actor linked to previous big-name breaches has released several gigabytes of personal data stolen from credit agency...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
ShroudedSnooper’s HTTPSnoop Backdoor Targets Middle East Telecom Companies
Telecommunication service providers in the Middle East are the target of a new intrusion set dubbed ShroudedSnooper that employs a...
Operation Rusty Flag: Azerbaijan Targeted in New Rust-Based Malware Campaign
Targets located in Azerbaijan have been singled out as part of a new campaign that's designed to deploy Rust-based malware...
Financially Motivated UNC3944 Threat Actor Shifts Focus to Ransomware Attacks
The financially motivated threat actor known as UNC3944 is pivoting to ransomware deployment as part of an expansion to its...
Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data
Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38...
New AMBERSQUID Cryptojacking Operation Targets Uncommon AWS Services
A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify,...
Hook: New Android Banking Trojan That Expands on ERMAC’s Legacy
A new analysis of the Android banking trojan known as Hook has revealed that it's based on its predecessor called...
Retool Falls Victim to SMS-Based Phishing Attack Affecting 27 Cloud Clients
Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted...
Think Your MFA and PAM Solutions Protect You? Think Again
When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out...
Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code...
Live Webinar: Overcoming Generative AI Data Leakage Risks
As the adoption of generative AI tools, like ChatGPT, continues to surge, so does the risk of data exposure. According...
