January 16, 2024 at 10:23AM The FBI and CISA have issued a joint Cybersecurity Advisory (CSA) outlining indicators of compromise (IOCs) and tactics related to Androxgh0st malware. The advisory includes specific recommendations for mitigating cybersecurity incidents caused by Androxgh0st infections. The malware targets websites using Laravel and Apache HTTP Server, and allows threat actors to … Read more
January 14, 2024 at 04:51AM Forescout’s recent findings reveal that the cyber attacks on Denmark’s energy sector in 2023, involving Zyxel firewall vulnerability and Mirai botnet, were not linked to the Russia-based Sandworm group. The attacks consisted of two separate waves and targeted multiple entities across Europe and the U.S., posing ongoing threats to critical … Read more
January 11, 2024 at 11:07AM Anonymous Sudan launched a “massive cyberattack” on Sudachad, a telecommunications provider in Chad. The attack targeted critical infrastructure, leading to a collapse in Internet connectivity on Jan. 10. The group cited Chad’s support for the paramilitary group Rapid Support Forces as the motive. Sudachad holds a 20-year concession agreement for … Read more
January 11, 2024 at 10:21AM Cybersecurity researchers have developed a proof-of-concept code exploiting a critical flaw in Apache OFBiz, allowing memory-resident payload execution. Despite a fix in version 18.12.11, threat actors attempt to exploit the flaw, aiming at vulnerable instances. The CVE-2023-51467 allows remote code execution, posing a serious threat despite security guardrails. Based on … Read more
January 10, 2024 at 03:46PM Fidelity National Financial confirmed a cyberattack by the BlackCat ransomware gang on November 19, 2023, affecting 1.3 million customers. The attack prompted containment measures and data exfiltration from breached systems. FNF is providing affected customers with credit monitoring and identity theft services and is prepared to defend against potential lawsuits. … Read more
January 9, 2024 at 04:05PM Ukraine media reported a cyberattack by the Blackjack cyber group, allegedly linked to the Security Service of Ukraine, targeting Moscow ISP M9 Telecom. Sources claim it was in retaliation for the Russia-backed breach of Kyivstar and may be a prelude to further “serious revenge.” The group also took credit for … Read more
January 9, 2024 at 01:42PM Cybercriminals are targeting Microsoft’s database, with the specific threat group behind these attacks remaining unidentified. These security breaches were discovered due to an unintentional operational security lapse. It appears that Microsoft’s database is facing continued cybercriminal attention, with the threat group behind the attacks currently unknown. These attacks were only … Read more
January 9, 2024 at 12:38PM A critical vulnerability in Cacti’s web-based open source framework for monitoring network performance allows attackers to disclose its entire database. Exploiting this, along with a previously disclosed vulnerability, could lead to remote code execution. The severity of this issue is rated 8.8 out of 10. It’s not widespread but poses … Read more
January 9, 2024 at 11:33AM The Paraguay military issued a warning about Black Hunt ransomware after Tigo Business experienced a cyberattack affecting hosting and cloud services. Reportedly, over 330 servers were encrypted, and the backups were compromised. Black Hunt ransomware has been targeting companies in South America, using various techniques to disable systems and encrypt … Read more
January 9, 2024 at 11:24AM A new report from cybersecurity firm Securonix warns that financially motivated threat actors based in Turkey have been targeting Microsoft SQL Server databases with ransomware attacks. The campaign, primarily aimed at organizations in the US, Europe, and Latin America, involves various malicious activities including brute-forcing credentials, executing shell commands, and … Read more