Monthly Archives: July 2023

Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks

Two more security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software...

20
Jul
Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could...

20
Jul
North Korean State-Sponsored Hackers Suspected in JumpCloud Supply Chain Attack

An analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack has uncovered...

20
Jul
A Few More Reasons Why RDP is Insecure (Surprise!)

If it seems like Remote Desktop Protocol (RDP) has been around forever, it’s because it...

20
Jul
Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector

The defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based...

20
Jul
New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems

Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis...

20
Jul
Microsoft Expands Cloud Logging to Counter Rising Nation-State Cyber Threats

Microsoft on Wednesday announced that it’s expanding cloud logging capabilities to help organizations investigate cybersecurity...

20
Jul
Adobe Rolls Out New Patches for Actively Exploited ColdFusion Vulnerability

Adobe has released a fresh round of updates to address an incomplete fix for a...

20
Jul
Home working: preparing your organisation and staff
July 19, 2023

How to make sure your organisation is prepared for home working....

How to Manage Your Attack Surface?

Attack surfaces are growing faster than security teams can keep up. To stay ahead, you...

19
Jul
CISA and NSA Issue New Guidance to Strengthen 5G Network Slicing Against Threats

U.S. cybersecurity and intelligence agencies have released a set of recommendations to address security concerns with 5G...

19
Jul
Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware

The prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented...

19
Jul
HCA Healthcare data breach impacts 11 million patients
July 19, 2023

The data of 11 million patients was stolen and posted online...

Exploring the Dark Side: OSINT Tools and Techniques for Unmasking Dark Web Operations

On April 5, 2023, the FBI and Dutch National Police announced the takedown of Genesis Market,...

19
Jul
Bad.Build Flaw in Google Cloud Build Raises Concerns of Privilege Escalation

Cybersecurity researchers have uncovered a privilege escalation vulnerability in Google Cloud that could enable malicious...

19
Jul
U.S. Government Blacklists Cytrox and Intellexa Spyware Vendors for Cyber Espionage

The U.S. government on Tuesday added two foreign commercial spyware vendors, Cytrox and Intellexa, to...

19
Jul
Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway

Citrix is alerting users of a critical security flaw in NetScaler Application Delivery Controller (ADC) and Gateway...

19
Jul
Pakistani Entities Targeted in Sophisticated Attack Deploying ShadowPad Malware

An unidentified threat actor compromised an application used by multiple entities in Pakistan to deliver ShadowPad,...

18
Jul
Identity Theft: Increasing in Numbers in 2023

In 2021, AARP found that identify theft had affected more than 42 million U.S. consumers....

18
Jul
VirusTotal Data Leak Exposes Some Registered Customers’ Details

Data associated with a subset of registered customers of VirusTotal, including their names and email...

18
Jul
Go Beyond the Headlines for Deeper Dives into the Cybercriminal Underground

Discover stories about threat actors’ latest tactics, techniques, and procedures from Cybersixgill’s threat experts each...

18
Jul
FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks

The financially motivated threat actor known as FIN8 has been observed using a “revamped” version...

18
Jul
Owner of BreachForums Pleads Guilty to Cybercrime and Child Pornography Charges

Conor Brian Fitzpatrick, the owner of the now-defunct BreachForums website, has pleaded guilty to charges...

18
Jul
Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites

Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments...

18
Jul
JumpCloud Blames ‘Sophisticated Nation-State’ Actor for Security Breach

A little over a week after JumpCloud reset API keys of customers impacted by a security incident,...

18
Jul
Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps

Threat actors are taking advantage of Android’s WebAPK technology to trick unsuspecting users into installing malicious web...

17
Jul
These 6 Questions Will Help You Choose the Best Attack Surface Management Platform

The hype around different security categories can make it difficult to discern features and capabilities...

17
Jul
Malicious USB Drives Targetinging Global Targets with SOGU and SNOWYDRIVE Malware

Cyber attacks using infected USB infection drives as an initial access vector have witnessed a...

17
Jul
Microsoft hack sees emails stolen from US agencies
July 17, 2023

Microsoft said that a “China-based threat actor with espionage objectives” was responsible for the hack...

Microsoft hack sees emails stolen from US agencies
July 17, 2023

Microsoft said that a “China-based threat actor with espionage objectives” was responsible for the hack...