October 10, 2023 at 04:33AM A study conducted by Secureworks revealed that cyber attackers are now deploying ransomware within 24 hours of gaining initial access to a victim’s environment. In nearly two-thirds of cases, ransomware was deployed within a day, and in over 10% of incidents, it was deployed within five hours. This marks a … Read more
October 10, 2023 at 03:06AM A security flaw in the libcue library affects GNOME Linux systems, allowing remote code execution (RCE) when a user downloads a malicious .cue file. The vulnerability (CVE-2023-43641) is caused by memory corruption in libcue versions 2.2.1 and earlier. Detailed technical information has been withheld to give users time to update. … Read more
October 10, 2023 at 02:18AM Threat actors are exploiting a critical flaw in Citrix NetScaler ADC and Gateway devices to conduct a credential harvesting campaign. The flaw, CVE-2023-3519, allows for remote code execution. Attackers are inserting a malicious script into the authentication web page and capturing user credentials. IBM X-Force has identified at least 600 … Read more
October 9, 2023 at 10:38PM The Exercise Cyber Star program, organized by the Cyber Security Agency of Singapore (CSA) and the SANS Institute, aims to improve Singapore’s ability to respond to cyber attacks. The fifth edition brought together participants from various sectors for workshops on threats like ransomware and insider threats. It also featured a … Read more
October 9, 2023 at 10:26PM The electric power industry is facing increasing cyber threats due to digitalization and the interconnectedness of IT and OT systems. A webinar by Trend Micro discussed these challenges and provided solutions, including improving employee security awareness, job rotation between IT and OT departments, and automation of incident response. The webinar … Read more
October 9, 2023 at 05:56PM The D-Link DAP-X1860 WiFi 6 range extender has a vulnerability that allows for denial of service attacks and remote command injection. Despite being notified multiple times, D-Link has not released any fixes. Attackers can exploit the flaw by creating an SSID with a tick symbol and executing commands. Owners are … Read more
October 9, 2023 at 05:36PM Cybercrime groups originally focused on the war in Ukraine have now turned their attention to the Middle East in the wake of the Hamas strikes against Israel. Multiple threat groups, including Killnet, Anonymous Sudan, Team Insane, Mysterious Team Bangladesh, and Indian Cyber Force, have declared their intention to launch disruptive … Read more
October 9, 2023 at 05:35PM The ALPHV (BlackCat) ransomware gang recently attacked state courts in Northwest Florida. Personal details of employees, including judges, were acquired. The gang claims to have a network map of the court’s systems and threatens to leak stolen data online if their demands are not met. The court has not confirmed … Read more
October 9, 2023 at 04:11PM Proof-of-concept (PoC) exploits for the critical buffer overflow vulnerability in the GNU C Library (glibc) have been developed, putting Linux systems at risk. The flaw, disclosed by Qualys researchers, could lead to unauthorized data access and system alterations, potentially granting attackers root privileges. Linux root takeovers are highly dangerous as … Read more
October 9, 2023 at 03:49PM The recent surge in Predator spyware is attributed to Intellexa, an alliance of intelligence systems providers. The analysis by Amnesty International reveals that Intellexa operates an industrial-scale operation that trades surveillance tools across the globe. The report highlights numerous technologies Intellexa uses to intercept and subvert mobile networks, including network … Read more