September 27, 2024 at 12:42PM Progress Software has addressed six security flaws in WhatsUp Gold, including two critical vulnerabilities, through updates in version 24.0.1. The CVE identifiers for the flaws and their respective CVSS scores have been listed. Security researcher Sina Kheirkhah and others have been credited with discovering and reporting the flaws. Users are … Read more
September 27, 2024 at 10:21AM Government agencies from the Five Eyes countries have provided guidance on threat actor techniques targeting Microsoft Active Directory. These techniques exploit the directory’s vulnerabilities, making it a prime target for bad actors. The guidance recommends prioritizing privileged access security and implementing a tiered model. It also outlines common compromise techniques … Read more
September 26, 2024 at 08:25AM Threat actors have leveraged generative artificial intelligence (GenAI) to create and spread malicious code, using it to write VBScript and JavaScript for the distribution of the AsyncRAT. The attackers’ use of GenAI was identified by researchers from HP Wolf Security, signifying a concerning advancement in attackers’ methods. This technological development … Read more
September 26, 2024 at 07:55AM Threat actors are targeting transportation and shipping organizations in North America, compromising email accounts to deliver various malware families like Arechclient2, DanaBot, Lumma Stealer, NetSupport, and StealC. The attacks involve injecting malicious content into compromised inboxes and using Google Drive links or URL files to deliver malware. Proofpoint advises caution … Read more
September 26, 2024 at 12:57AM Nation-state threat actors backed by Beijing penetrated several U.S. internet service providers as part of a cyber espionage campaign, aimed at accessing sensitive information and gaining persistent access to target networks. The attacks, attributed to a group known as GhostEmperor, targeted Southeast Asian entities and an unnamed client compromised in … Read more
September 25, 2024 at 10:21AM Cybersecurity researchers discovered a new post-exploitation tool, Splinter, with features commonly found in penetration testing tools, developed in Rust. While not as advanced as others, it poses a threat if misused. No threat actor activity has been detected, but its large size suggests potential for cloud and data compromise. This … Read more
September 24, 2024 at 03:58PM Telegram updates privacy policy, stating intent to disclose user information to authorities in cases of suspected criminal activity violating terms of service. CEO’s arrest in France raises concerns about platform as a harbor for illegal activity. Changes include enhanced content moderation and reporting system for illegal search terms. New era … Read more
September 23, 2024 at 03:30AM Threat actors linked to North Korea have been using poisoned Python packages to distribute a new malware called PondRAT, part of an ongoing campaign. The attacks are part of an operation known as Operation Dream Job and aim to compromise supply chain vendors and their customers. The attackers have been … Read more
September 21, 2024 at 12:51PM A cybercriminal group named “Marko Polo” has executed a large-scale infostealer malware campaign, impacting thousands and potentially causing millions in financial losses. Using various distribution channels and targeting high-value individuals, the group distributes malicious software under legitimate guises, compromising both Windows and macOS systems. Mitigating these threats involves cautious online … Read more
September 20, 2024 at 02:37PM The Walt Disney Company is moving away from Slack due to a data breach that exposed over 1TB of confidential messages and files. They are transitioning to new collaboration tools after the breach by threat actor ‘NullBulge.’ The move follows a previous data breach from the company’s Confluence server, raising … Read more