July 2, 2024 at 05:18AM Cisco has released patches for a zero-day vulnerability, CVE-2024-20399, in its NX-OS software. The medium-severity flaw allows local attackers to execute arbitrary commands with root privileges. Exploited by a China-linked cyberespionage group, the bug impacts various Cisco switch series. Cybersecurity firm Sygnia discovered and reported the vulnerability and advises updating … Read more
June 27, 2024 at 02:35PM TeamViewer disclosed a breach in its corporate IT environment due to an APT hacking group. They are working with global cybersecurity experts to investigate and address the irregularity. Although there’s no evidence of product or customer data compromise, the breach raises concerns due to TeamViewer’s extensive use in consumer and … Read more
June 25, 2024 at 05:59PM A critical security flaw in Progress Software’s MOVEit Transfer enables attackers to bypass authentication protocols and has been actively exploited shortly after being disclosed. The vulnerability, CVE-2024-5806 with CVSS 7.4, affects specific versions of MOVEit Transfer. Urgent patching is recommended due to the potential for cybercriminal exploitation and compromise of … Read more
June 25, 2024 at 09:44AM Indonesia’s national data center was hacked by a group demanding an $8 million ransom, disrupting over 200 government agencies’ services. Although some services have been restored, efforts continue, and investigations are underway to regain access to the data. The government has made it clear that they will not pay the … Read more
June 20, 2024 at 06:01PM A supply chain cyberattack on CDK Global forced numerous car dealerships to close on a busy sales day. Some dealerships lost online access, while others relied on paper records. CDK took systems offline as a precaution and is conducting tests for restoration. Security experts suspect ransomware and suggest ongoing cyber … Read more
June 11, 2024 at 11:20AM A new Windows malware called ‘Warmcookie’ is being spread through fake job offer phishing campaigns to infiltrate corporate networks. It is capable of machine fingerprinting, screenshot capturing, and deploying additional payloads. The threat actors create new domains weekly and utilize compromised infrastructure to send phishing emails. Warmcookie gathers victim information, … Read more
May 29, 2024 at 07:25PM Cybercriminals have been using Stack Overflow to spread malware, posing as helpful contributors answering users’ questions about a PyPi package named ‘pytoileur’ which actually installs Windows information-stealing malware. This malicious package is part of the ‘Cool package’ campaign and was promoted through typo-squatting and Stack Overflow answers. Developers are urged … Read more
May 25, 2024 at 07:33PM Cybercriminals capitalized on the release of the Arc web browser for Windows by launching a Google Ads malvertising campaign, tricking users into downloading trojanized installers that infect them with malware. The malicious ads led to typo-squatted domains, where users unknowingly downloaded malware through trojanized installers. Malwarebytes recommends caution and verification … Read more
May 20, 2024 at 12:10PM The BiBi Wiper malware’s new variants are targeting Israeli and Albanian systems, linked to an Iranian hacking group named ‘Void Manticore.’ Check Point Research uncovered newer variants and operational overlaps involving another Iranian threat group. The malware is designed to complicate data restoration efforts, significantly extending downtime for targeted victims … Read more
May 17, 2024 at 05:54AM The US government has charged, seized funds, and made arrests in an effort to disrupt a North Korean scheme involving IT workers infiltrating companies. The workers stole identities to secure jobs and diverted their earnings to fund North Korea’s nuclear program. Two individuals have been arrested, with rewards offered for … Read more