January 20, 2024 at 10:16AM The 3AM ransomware operation is found to have connections with infamous groups like the Conti syndicate and the Royal ransomware gang. They are using new tactics such as sharing data leaks with victims’ social media followers and using bots to reply to high-ranking accounts on X. 3AM also tested a … Read more
January 20, 2024 at 10:16AM Imposters and romance scammers on Instagram are becoming increasingly problematic. Cases of impersonation, like that of “Santiago Scott” using the photos of Thiago Qualhato, reveal a lack of effective action from Instagram despite user reports. The prevalence of such behavior raises concerns about account protection and the need for user … Read more
January 20, 2024 at 07:26AM Instagram has fallen short in addressing the rise of imposters and romance scammers misusing the platform. Instances of fake profiles impersonating real people are being dismissed, even after being reported and appealed, raising concerns about the effectiveness of Instagram’s content review process. Users are advised to take measures to safeguard … Read more
January 20, 2024 at 06:54AM SecurityWeek’s weekly cybersecurity roundup provides a concise overview of significant stories. This week’s highlights include a multimillion-dollar crypto scam, DDoS attacks by a pro-Russian threat actor, new spyware detection methods, macOS infostealers, a malicious campaign targeting Docker hosts, a WhatsApp privacy issue, Drupal and libX11 patches, and reports on AI … Read more
January 20, 2024 at 06:45AM A China-linked cyber espionage group, UNC3886, exploited a zero-day vulnerability (CVE-2023-34048) in VMware vCenter Server, allowing privileged access and deployment of malware. These actions enable further exploitation of VMware flaws. VMware advises users to update to avoid potential threats. Additionally, UNC3886 utilized a Fortinet flaw (CVE-2022-41328) to implant malware, targeting … Read more
January 19, 2024 at 11:57PM The U.S. CISA issued an emergency directive for Federal Civilian Executive Branch agencies to address actively exploited zero-day flaws in Ivanti Connect Secure and Policy Secure products. These vulnerabilities allow threat actors to execute commands and are being exploited, necessitating immediate mitigation. Ivanti is expected to release an update next … Read more
January 19, 2024 at 10:03PM TA866, a threat actor, has returned after a hiatus, launching a large phishing campaign to distribute malware such as WasabiSeed and Screenshotter. The campaign targeted North America with PDFs containing OneDrive URLs that initiate a multi-step infection chain. Other actors, such as TA571, are involved in spam email campaigns to … Read more
January 19, 2024 at 07:54PM Russian government-backed hackers infiltrated Microsoft’s network, accessing senior executives’ emails and attachments in cybersecurity and legal departments. Microsoft’s security team detected the attack in January 2024, tracing it back to November 2023. The intrusion did not exploit vulnerabilities in Microsoft’s products or access customer environments. The company will notify customers … Read more
January 19, 2024 at 07:54PM CISA is pressuring organizations to urgently address critical vulnerabilities in Ivanti Connect Secure VPN. Agencies must apply available mitigations, remove compromised products, and report infected devices. This follows a Chinese government-backed hacking team exploiting the vulnerabilities. The company has released pre-patch mitigations, with comprehensive fixes set to begin rollout on … Read more
January 19, 2024 at 07:49PM The Ivanti Zero-Day vulnerability poses significant real-world impacts, with the need for immediate action to mitigate its effects. The broader concern lies in the pervasive vulnerability of VPNs. An alternative approach, such as Trend Microâ„¢ Zero Trust Secure Access, offers a promising solution to prevent vulnerabilities from escalating into major … Read more