Vietnamese-Origin Ransomware Operation Mimics WannaCry Traits
An unidentified threat actor, reportedly originating from Vietnam, has been observed engaging in a ransomware campaign that commenced no later...
News
US-CERT Vulnerability Summary for the Week of July 31, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoyunyecms -- yunyecmsSQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to...
Citrix Hypervisor Security Bulletin for CVE-2023-20569, CVE-2023-34319 and CVE-2022-40982
Description of Problem An issue has been discovered in Citrix Hypervisor 8.2 CU1 LTSR that may allow malicious, privileged code...
QakBot Malware Operators Expand C2 Network with 15 New Servers
The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late...
Hackers Abusing Cloudflare Tunnels for Covert Communications
New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and...
New Yashma Ransomware Variant Targets Multiple English-Speaking Countries
An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria,...
LOLBAS in the Wild: 11 Living-Off-The-Land Binaries That Could Be Used for Malicious Purposes
Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to...
Understanding Active Directory Attack Paths to Improve Security
Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning...
Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism
Microsoft on Friday disclosed that it has addressed a critical security flaw impacting Power Platform, but not before it came...
FBI Alert: Crypto Scammers are Masquerading as NFT Developers
The U.S. Federal Bureau of Investigation (FBI) is warning about cyber crooks masquerading as legitimate non-fungible token (NFT) developers to...
Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems
Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware...
MDR: Empowering Organizations with Enhanced Security
Managed Detection and Response (MDR) has emerged as a crucial solution for organizations looking to bolster their security measures. MDR...
New SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers
Vulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that's engineered to...
New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs
A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with...
Enhancing Security Operations Using Wazuh: Open Source XDR and SIEM
In today's interconnected world, evolving security solutions to meet growing demand is more critical than ever. Collaboration across multiple solutions...
New ‘Deep Learning Attack’ Deciphers Laptop Keystrokes with 95% Accuracy
A group of academics has devised a "deep learning-based acoustic side-channel attack" that can be used to classify laptop keystrokes...
North Korean Hackers Targets Russian Missile Engineering Firm
Two different North Korean nation-state actors have been linked to a cyber intrusion against NPO Mashinostroyeniya, a major Russian missile...
Fake VMware vConnector package on PyPI targets IT pros
A malicious package that mimics the VMware vSphere connector module ‘vConnector’ was uploaded on the Python Package Index (PyPI) under...
Google explains how Android malware slips onto Google Play Store
The Google Cloud security team acknowledged a common tactic known as versioning used by malicious actors to slip malware on...
New PaperCut critical bug exposes unpatched servers to RCE attacks
PaperCut recently fixed a critical security vulnerability in its NG/MF print management software that allows unauthenticated attackers to gain remote...
Extended warranty robocallers fined $300 million after 5 billion scam calls
The Federal Communications Commission (FCC) has announced a record-breaking $299,997,000 fine imposed on an international network of companies for placing...
The Week in Ransomware – August 4th 2023 – Targeting VMware ESXi
Ransomware gangs continue to prioritize targeting VMware ESXi servers, with almost every active ransomware gang creating custom Linux encryptors for...
FBI warns of scammers posing as NFT devs to steal your crypto
The FBI warned today of fraudsters posing as Non-Fungible Token (NFT) developers to prey upon NFT enthusiasts and steal their...
UK Government: Cyber-Attacks Could Kill or Maim Thousands
The government has warned that a serious cyber-attack on UK critical infrastructure has a 5–25% chance of happening over the...
