Recent Security News
-
In Other News: WhatsApp Privacy Issue, Spying via Ambient Light Sensor, Bigpanzi Botnet
January 20, 2024 at 06:54AM SecurityWeek’s weekly cybersecurity roundup provides a concise overview of significant stories. This week’s highlights include a multimillion-dollar crypto scam, DDoS attacks by a pro-Russian threat actor, new spyware detection methods, macOS infostealers, a malicious campaign targeting Docker hosts, a WhatsApp privacy issue, Drupal and libX11 patches, and reports on AI…
-
Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years
January 20, 2024 at 06:45AM A China-linked cyber espionage group, UNC3886, exploited a zero-day vulnerability (CVE-2023-34048) in VMware vCenter Server, allowing privileged access and deployment of malware. These actions enable further exploitation of VMware flaws. VMware advises users to update to avoid potential threats. Additionally, UNC3886 utilized a Fortinet flaw (CVE-2022-41328) to implant malware, targeting…
-
CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits
January 19, 2024 at 11:57PM The U.S. CISA issued an emergency directive for Federal Civilian Executive Branch agencies to address actively exploited zero-day flaws in Ivanti Connect Secure and Policy Secure products. These vulnerabilities allow threat actors to execute commands and are being exploited, necessitating immediate mitigation. Ivanti is expected to release an update next…
-
Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware
January 19, 2024 at 10:03PM TA866, a threat actor, has returned after a hiatus, launching a large phishing campaign to distribute malware such as WasabiSeed and Screenshotter. The campaign targeted North America with PDFs containing OneDrive URLs that initiate a multi-step infection chain. Other actors, such as TA571, are involved in spam email campaigns to…
-
Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs
January 19, 2024 at 07:54PM Russian government-backed hackers infiltrated Microsoft’s network, accessing senior executives’ emails and attachments in cybersecurity and legal departments. Microsoft’s security team detected the attack in January 2024, tracing it back to November 2023. The intrusion did not exploit vulnerabilities in Microsoft’s products or access customer environments. The company will notify customers…