Xynik January 11, 2024 at 09:00AM The article highlights the growing threat of phishing-driven ransomware, with the rise of Generative Artificial Intelligence (GenAI) making it more difficult to detect and defend against phishing attacks. To counter this, companies are advised to upgrade to next-generation multi-factor authentication (MFA) solutions, such as Token Ring, to protect against sophisticated … Read more
January 11, 2024 at 09:00AM Cybersecurity researchers have found an enhanced version of the macOS information stealer, Atomic (AMOS), with updated capabilities, including payload encryption to bypass detection rules. Its cost has risen to $3,000/month with a festive promotion. Malvertising campaigns impersonating Slack and TradingView are used to distribute the malware. Caution is advised when … Read more
January 11, 2024 at 04:01AM Mandiant’s X account was compromised by a brute-force attack, enabling the intruder to spread a cryptocurrency drainer called CLINKSINK. The attack targeted Solana cryptocurrency users and utilized phishing pages to redirect victims to approve fraudulent transactions. This incident reflects a growing trend of financially motivated threat actors targeting cryptocurrency assets … Read more
January 11, 2024 at 04:01AM A pair of zero-day flaws in Ivanti Connect Secure (ICS) and Policy Secure have been exploited by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity identified the activity and attributed it to a hacking group it tracks under the name UTA0178. Patches are expected to … Read more
January 11, 2024 at 04:01AM Cisco has issued software updates to address a critical security flaw (CVE-2024-20272 – CVSS score: 7.3) in Unity Connection, allowing arbitrary file upload and execution of commands. Users are advised to update to patched versions to mitigate potential threats. Additionally, 11 medium-severity vulnerabilities have been resolved across Cisco software. Cisco … Read more
January 11, 2024 at 03:19AM The text emphasizes the importance of securing staging environments to protect sensitive data and minimize security risks. It highlights the need for environmental parity, authentication mechanisms, VPNs, WAFs, and Identity-Aware Proxy for enhanced protection. The goal is to ensure smooth and predictable deployments while preserving asset security and integrity. After … Read more
January 10, 2024 at 08:03PM Volexity warned of Chinese hackers exploiting zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-21887) in Ivanti Connect Secure VPN. It affected fully patched appliances, with pre-patch mitigations provided. The attackers used these exploits to execute commands, steal data, and gain access to network systems. Volexity discovered and described the attacker’s methods. From the … Read more
January 10, 2024 at 08:03PM Seattle-based network detection and response firm ExtraHop raises $100 million in growth funding and expands its executive team. Source: SecurityWeek. Based on the meeting notes, it seems that the Seattle network detection and response firm, ExtraHop, has successfully secured $100 million in growth funding. Additionally, the firm has added new … Read more
January 10, 2024 at 08:03PM French hacker Sebastien Raoult, a member of the ShinyHunters gang, was jailed in the US for creating fake login pages to steal personal and financial data from millions. The 22-year-old was motivated by greed and pleaded guilty to conspiracy to commit wire fraud and identity theft. He received a three-year … Read more
January 10, 2024 at 06:26PM Adversary exploiting two known misconfigurations in big data technologies to deploy Monero cryptominer. Based on the meeting notes, the key takeaways are: – The adversary is taking advantage of two known misconfigurations in big data technologies – The purpose of this exploitation is to deploy a Monero cryptominer Full Article