November 10, 2023 at 02:16PM The recent ransomware attack on the Industrial and Commercial Bank of China (ICBC) may be linked to a vulnerability in Citrix’s NetScaler technology. The vulnerability, known as “CitrixBleed,” allows attackers to steal sensitive information and hijack user sessions. It has a severity score of 9.4 out of 10 and has … Read more
November 7, 2023 at 12:34PM Throughout this year, Israel’s higher education and technology sectors have been targeted by a series of attacks. The attackers, identified as the advanced persistent threat (APT) Agonizing Serpens, associated with Iran, have exploited Web servers and deployed Web shells to gain access to networks. The attacks involve stealing sensitive information, … Read more
October 27, 2023 at 03:15PM Microsoft’s Incident Response and Threat Intelligence team has labeled Octo Tempest, a financially motivated hacking group, as one of the most dangerous criminal groups. The group has been active since early 2022, initially targeting telecom and outsourcing companies with SIM swap attacks. They later shifted to extortion using stolen data … Read more
October 26, 2023 at 04:32AM ServiceNow is issuing a fix for a vulnerability that allows unauthenticated attackers to steal sensitive files. The flaw involves default configurations of ServiceNow’s widgets, which can expose personal data. Despite previous code changes, the default configuration still sets widgets to return specified data, making them accessible to attackers. ServiceNow has … Read more
October 23, 2023 at 04:35AM The District of Columbia Board of Elections (DCBOE) announced that a web server operated by DataNet Systems, a hosting provider, was breached, potentially exposing the personal information of registered voters, including driver’s license numbers, birthdates, social security numbers, and contact information. The DCBOE is investigating the breach with the help … Read more
October 22, 2023 at 01:42PM The TetrisPhantom threat is using compromised secure USB drives to target government systems in the Asia-Pacific region. The attack involves trojanized versions of the UTetris application, which is bundled on unencrypted parts of the USB drives. The attackers use sophisticated tools and techniques, including virtualization-based software obfuscation and self-replicating through … Read more
October 19, 2023 at 11:05AM State-sponsored threat actors from Russia and China are exploiting the WinRAR vulnerability in unpatched systems to deliver malware. Google TAG has observed attacks targeting organizations in Ukraine and Papua New Guinea. The flaw is a known vulnerability in WinRAR, but many systems remain vulnerable. Patching remains a global challenge for … Read more
October 19, 2023 at 08:42AM Google has introduced enhanced malware protection for all Android devices with Google Play Services. Its built-in security feature, Google Play Protect, scans over 100 billion applications daily to prevent malware and unwanted apps from reaching Android devices. The new update includes real-time scanning at the code level, providing additional security … Read more
October 17, 2023 at 09:20AM Attackers have exploited a critical zero-day bug to compromise and infect Cisco IOS XE devices with malicious implants. Threat intelligence company VulnCheck found thousands of compromised hosts. Cisco has advised administrators to disable the vulnerable HTTP server feature and look for breach indicators. A patch is not yet available. Key … Read more
October 16, 2023 at 05:07PM Cyber attackers are using a modified version of the RedAlert application, which warns Israelis of incoming airstrikes, to collect sensitive data from users. The spoofed version gives cybercriminals access to contacts, call logs, SMS details, and other information. Users who installed the Android version of the app from a specific … Read more