September 19, 2024 at 12:00PM The article discusses the security risks associated with onboarding new employees and why they are attractive targets for cybercriminals. It highlights how hackers exploit new employees’ lack of familiarity and eagerness to make a positive impression. The article provides best practices for mitigating these risks, including implementing secure password distribution … Read more
September 19, 2024 at 08:27AM UK human rights activists filed a report with London’s Metropolitan Police against NSO Group, alleging Pegasus spyware infections and attacks by Middle Eastern states. The activists, supported by Global Legal Action Network, claimed their phones were compromised, and accused NSO Group and its associates of violating UK laws. They also … Read more
September 17, 2024 at 09:46AM The US extends sanctions to five individuals and a company connected to Intellexa, a spyware developer. Intellexa’s Predator spyware enables unauthorized access to calls, messages, GPS, and more on iOS and Android devices. The commercial spyware market is worth $12 billion, with Intellexa’s package priced at €8 million. Apple drops … Read more
September 17, 2024 at 08:45AM The U.S. Department of Treasury has imposed sanctions on Intellexa Consortium executives and entities involved in the development and distribution of Predator spyware. The consortium is described as an international network of companies selling invasive spyware. The action follows a resurgence of Predator spyware activity and Apple’s decision to dismiss … Read more
September 16, 2024 at 09:36PM Microsoft has confirmed that a recently patched Internet Explorer vulnerability, CVE-2024-43461, was exploited as a zero-day before it was fixed. The flaw allowed malicious actors to hide the true file-type extension of a downloaded file, enabling the execution of malicious code. This exploit was used by the Void Banshee gang … Read more
September 16, 2024 at 06:11PM Microsoft disclosed a zero-day vulnerability, CVE-2024-43461, in its legacy MSHTML browser engine affecting all supported Windows versions. Remote attackers can exploit it to execute arbitrary code, requiring a victim to visit a malicious site. This flaw, part of an attack chain with CVE-2024-38112, was exploited by the “Void Banshee” group. … Read more
September 13, 2024 at 06:56PM The Port of Seattle, a US government agency, confirmed that the Rhysida ransomware operation was responsible for a recent cyberattack on its systems. This attack has affected the port and airport for the past three weeks. Based on the meeting notes, it seems that the Port of Seattle has confirmed … Read more
September 13, 2024 at 08:15AM Malicious actors are leveraging publicly available proof-of-concept exploits for security flaws in Progress Software WhatsUp Gold, leading to opportunistic attacks shortly after the release. The attacks involved bypassing authentication and exploiting PowerShell scripts to download remote access tools, indicating potential involvement of ransomware actors. This is the second active weaponization … Read more
September 12, 2024 at 11:04AM Transport for London (TfL) is facing a serious cyber incident, with potential access to customer data and bank details. The organization is taking measures to reset 30,000 employee passwords in person and has pulled large parts of its IT infrastructure offline. TfL is contacting affected customers as a precaution and … Read more
September 12, 2024 at 05:04AM Learn about the evolving cybersecurity regulations and their impact on businesses in a critical webinar led by Chris Dale, SANS Principal Instructor, on September 16, 2024. Gain insights on NIS2, DORA, and Tiber-EU, strategic advice, and best practices for achieving cyber resilience. Register now to prepare your organization for the … Read more