March 13, 2024 at 04:59PM MarineMax disclosed a “cybersecurity incident” to the SEC, reporting a third-party’s unauthorized access to its information systems. Despite the disruption, the company stated the incident had not materially impacted its operations, with no sensitive data compromised. The investigation is ongoing, and law enforcement has been notified. The company filed a … Read more
February 29, 2024 at 11:27AM Cybersecurity researchers have unveiled a new attack technique called Silver SAML, a variant of the Golden SAML attack that exploits SAML for unauthorized access to applications like Salesforce. While real-world attacks are rare, the method poses a moderate-severity threat, impacting organizations using identity providers like Microsoft Entra ID. Responsible disclosure … Read more
February 26, 2024 at 10:21AM UnitedHealth Group’s subsidiary Change Healthcare experienced a cyberattack on February 21, allegedly by a state-sponsored threat actor. This prompted a nationwide prescription processing outage as over 100 applications were affected. Change Healthcare is actively working to restore its impacted systems and has not reported a significant impact on its financial … Read more
February 16, 2024 at 06:45AM A Python script called SNS Sender is being utilized to send fraudulent SMS messages through AWS SNS, posing as messages from USPS to trick users into disclosing personal and payment information. The tool leverages AWS SNS to conduct SMS spamming attacks and is linked to a threat actor named ARDUINO_DAS. … Read more
February 14, 2024 at 06:06AM The Bumblebee malware loader, initially linked to ransomware groups, has resurfaced using old-school VBA macros to target US organizations in a new campaign. Its reappearance signals a change in attack tactics, bucking the trend towards more advanced methods. Although this may seem outdated, vigilance and security measures should not be … Read more
February 13, 2024 at 09:39AM The PikaBot malware has evolved with significant changes, simplifying its code and network communications, making it more accessible for threat actors. With ongoing development, it remains a significant cyber threat. Additionally, a cloud account takeover campaign targeting Microsoft Azure environments has compromised hundreds of user accounts. Source: Newsroom Cyber Threat/Malware. … Read more
February 12, 2024 at 02:17PM The French data protection agency, CNIL, is investigating two data breaches at payment processors affecting nearly half of the country’s population. Cyberattackers accessed data for 33 million citizens through phishing attacks. The compromised personally identifiable information includes details often used for social engineering attacks. This highlights the vulnerability of businesses … Read more
February 10, 2024 at 02:21AM A new Rust-based macOS backdoor, codenamed RustDoor, has been targeting users since November 2023. It masquerades as an update for Microsoft Visual Studio, affecting both Intel and Arm architectures. The malware is capable of gathering and exfiltrating information to a command-and-control server, with links to prominent ransomware families. The U.S. … Read more
February 1, 2024 at 12:15PM CERT-UA warns of the PurpleFox malware infecting over 2,000 Ukrainian computers with potential backdoor, DDoS, and downloader capabilities. It utilizes a rootkit to persist and conceal its presence. CERT-UA provides methods to detect and remove the malware, including checking network connections, registry values, event logs, and specific file locations, and … Read more
February 1, 2024 at 04:06AM U.S. officials disrupted a state-backed Chinese cyberattack targeting civilian infrastructure, aiming to cause harm during a potential conflict. FBI Director Wray warned of China’s plans to disrupt American lives. The operation targeted routers and critical infrastructure, with concerns about Chinese hackers infiltrating U.S.-based systems. The U.S. aims to counter such … Read more