October 23, 2023 at 10:09AM Cisco has released a free software update to address two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise over 50,000 IOS XE devices. The first fixed release available is 17.9.4a, with updates for other releases to be disclosed later. The vulnerabilities are in the web UI of Cisco devices … Read more
October 23, 2023 at 09:25AM QNAP has successfully taken down a malicious server used in widespread brute-force attacks on NAS devices with weak passwords. With the help of Digital Ocean, they quickly identified and blocked the command-and-control server within 48 hours. QNAP urges customers to implement security measures, including changing default access port numbers and … Read more
October 23, 2023 at 09:08AM Microsoft is launching the early access program for Security Copilot, an AI cybersecurity tool embedded in the Microsoft 365 Defender XDR platform. The tool aims to save time for security teams by providing step-by-step instructions on managing incidents and offering insights to upskill existing staff. It can generate natural language … Read more
October 23, 2023 at 04:35AM The District of Columbia Board of Elections (DCBOE) announced that a web server operated by DataNet Systems, a hosting provider, was breached, potentially exposing the personal information of registered voters, including driver’s license numbers, birthdates, social security numbers, and contact information. The DCBOE is investigating the breach with the help … Read more
October 22, 2023 at 01:42PM The number of Cisco IOS XE devices hacked with a malicious backdoor implant has dramatically decreased from over 50,000 to only a few hundred. It is unclear why this decline has occurred, with researchers speculating that the threat actors may have deployed an update to hide their presence or a … Read more
October 21, 2023 at 12:41PM Trigona ransomware suffered a data breach after Ukrainian hacktivists exploited a vulnerability in their server. The hackers breached several sites, taking data and defacing the Tor negotiation and data leak sites. Similarly, law enforcement disrupted the RagnarLocker ransomware operation, seizing the group’s dark websites and arresting a malware developer. In … Read more
October 21, 2023 at 10:21AM Europol has successfully taken down the infrastructure associated with the Ragnar Locker ransomware and arrested a key suspect in France. Searches were conducted in Czechia, Spain, and Latvia, resulting in the arrest of the main perpetrator. Five other accomplices were interviewed, and servers and data leak portals were seized in … Read more
October 20, 2023 at 05:48PM Hackers breached Okta’s support case management system and accessed sensitive data that can be used for identity impersonation. The stolen data includes cookies and session tokens, which can be used for further attacks. Okta has taken steps to protect its customers, but recommends sanitizing credentials and tokens before sharing them. … Read more
October 20, 2023 at 02:18PM DarkGate, a remote access trojan (RAT), has been linked to the Vietnamese financial cybercrime operation behind the Ducktail infostealer. Researchers have found similarities in the lure documents and targeting used by both malware. DarkGate is a multifunctional malware that can steal information, distribute malware, and mine cryptocurrency. Understanding connections between … Read more
October 20, 2023 at 11:24AM Law enforcement agencies from multiple countries have seized the dark web site used by the RagnarLocker ransomware group to shame victims. Operating since 2020, the group targeted 52 entities across critical infrastructure sectors. Unlike other ransomware operations, RagnarLocker was not advertised as a service but operated by a private group. … Read more