Interpol takes down 16shop phishing-as-a-service platform
A joint operation between Interpol and cybersecurity firms has led to an arrest and shutdown of the notorious 16shop phishing-as-a-service...
News
New Downfall attacks on Intel CPUs steal encryption keys, data
A senior research scientist at Google has devised new CPU attacks to exploit a vulnerability dubbed Downfall that affects multiple...
Microsoft Monthly Security Update (August 2023)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesBrowser Medium RiskSecurity Restriction Bypass Microsoft Office Extremely High RiskRemote Code...
Russian Hacktivists Overwhelm Spanish Sites With DDoS
A leading Spanish research institute has become the latest organization in the country to come under cyber-attack from Russia, after...
FBI Warns Against Criminals Posing as NFT Developers
The US Federal Bureau of Investigation (FBI) has issued a warning concerning a growing wave of financial fraud within the...
US Primary Care Services Shuttered After Cyber-Attack
A widespread cyber-attack on hospital computer systems has caused significant disruptions across the United States, leading to the closure of...
Invisible Ad Fraud Targets Korean Android Users
Cybersecurity experts have discovered a new adware campaign specifically targeting Korean Android users. The discovery by McAfee’s Mobile Research Team shed...
#BHUSA: Identity Compromise the Cause of Most Breaches
Identity theft has established itself as the main initial access method for threat actors, according to CrowdStrike.In its 2023 Threat...
North Korean Hackers Compromise Russian Missile Maker
Security researchers have discovered a likely North Korean cyber-espionage campaign targeting the IT network of a Russian manufacturer of intercontinental...
Two-Thirds of UK Sites Vulnerable to Bad Bots
The majority (66%) of UK websites are unable to block simple bot attacks, exposing their businesses to fraud, account compromise...
Over 200 Million Brits Have Data Compromised in Four Years
UK organizations lost billions in data breaches between 2019 and 2022, with hundreds of millions of their customers suffering compromise...
Tampa General Hospital Sued Over Data Breach
Law firm Morgan & Morgan has lodged a class-action lawsuit against Tampa General Hospital on behalf of three victims affected...
UK Voters’ Data Exposed in Electoral Commission Cyber-Attack
The UK’s Electoral Commission has revealed it has been the victim of a “complex cyber-attack,” exposing the personal details of...
#BHUSA: Ransomware Threat Activity Cluster Uncovered
Sophos X-Ops has exposed a new connection between seemingly unrelated ransomware attacks. The findings, based on several ransomware attacks in the...
Vietnamese-Origin Ransomware Operation Mimics WannaCry Traits
An unidentified threat actor, reportedly originating from Vietnam, has been observed engaging in a ransomware campaign that commenced no later...
US-CERT Vulnerability Summary for the Week of July 31, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoyunyecms -- yunyecmsSQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to...
Citrix Hypervisor Security Bulletin for CVE-2023-20569, CVE-2023-34319 and CVE-2022-40982
Description of Problem An issue has been discovered in Citrix Hypervisor 8.2 CU1 LTSR that may allow malicious, privileged code...
QakBot Malware Operators Expand C2 Network with 15 New Servers
The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late...
Hackers Abusing Cloudflare Tunnels for Covert Communications
New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and...
New Yashma Ransomware Variant Targets Multiple English-Speaking Countries
An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria,...
LOLBAS in the Wild: 11 Living-Off-The-Land Binaries That Could Be Used for Malicious Purposes
Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to...
Understanding Active Directory Attack Paths to Improve Security
Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning...
FBI Alert: Crypto Scammers are Masquerading as NFT Developers
The U.S. Federal Bureau of Investigation (FBI) is warning about cyber crooks masquerading as legitimate non-fungible token (NFT) developers to...
Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems
Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware...
