Category: Security Affairs

The U.S. Department of Justice has sued TikTok and its parent company, ByteDance, for extensive violations of children’s privacy laws. The Justice Department and the Federal Trade Commission (FTC) filed a civil lawsuit in the U.S. District Court for the…

Read more →

A Russia-linked APT used a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. Palo Alto researchers reported that a Russia-linked threat actor known as Fighting Ursa (also identified as APT28, Fancy Bear, or Sofacy)…

Read more →

Investors have sued CrowdStrike because the cybersecurity firm made false claims about its Falcon platform. Investors have sued CrowdStrike because the company made false and misleading claims on the testing of its Falcon platform. In July, a faulty update released…

Read more →

CISA warned that an Avtech camera vulnerability, which is still unpatched, is being actively exploited in the wild. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn of a vulnerability, tracked as CVE-2024-7029 (CVSS base score of…

Read more →

Today, 24 prisoners were released in an international swap between Russia and Western countries, including convicted  Russian cybercriminals. In the recent international prisoner swap two notorious Russian cybercriminals, Roman Seleznev (40) and Vladislav Klyushin (42), are among those released. In…

Read more →

Researchers warn of an attack vector in the DNS, called the Sitting Ducks, that exposes over a million domains to hackers’ takeover. Researchers from Eclypsium and Infoblox have identified an attack vector in the domain name system (DNS), dubbed the Sitting…

Read more →

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Researchers at the Shadowserver Foundation reported that approximately 20,000 VMware ESXi servers exposed online appear impacted by the exploited vulnerability CVE-2024-37085. Microsoft…

Read more →

Pharma company Cencora confirmed the theft of personal and health information following the February 2024 data breach. Pharmaceutical giant Cencora confirmed that the threat actors had access to personally identifiable information (PII) and protected health information (PHI) following the February…

Read more →

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts. The…

Read more →

OneBlood, a non-profit blood bank serving over 300 U.S. hospitals, suffered a ransomware attack that disrupted its medical operations. OneBlood is a non-profit organization that provides blood and blood products to over 300 hospitals and medical facilities across the U.S.…

Read more →

Apple has issued security updates to address multiple vulnerabilities across iOS, macOS, tvOS, visionOS, watchOS, and Safari. Apple released security updates to address multiple vulnerabilities in iOS, macOS, tvOS, visionOS, watchOS, and Safari. The IT giant released iOS 17.6 and…

Read more →

Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishing campaigns targeting SMBs in Poland in May 2024, distributing various malware families like Agent Tesla, Formbook, and Remcos RAT.…

Read more →

Zscaler researchers revealed that a company paid a record-breaking $75 million ransom to the Dark Angels ransomware group. Zscaler discovered a record-breaking ransom payment of US$75 million made by a company to the Dark Angels ransomware group. Zscaler did not…

Read more →

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a VMware ESXi bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an authentication bypass VMware ESXi vulnerability, tracked as CVE-2024-37085 (CVSS score of 6.8), to…

Read more →

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five…

Read more →

The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly…

Read more →

Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. Threat actors rely…

Read more →

Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) in VMware ESXi flaw. “Microsoft researchers have…

Read more →

Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. Acronis is warning of a critical vulnerability, tracked as CVE-2023-45249 (CVSS score of 9.8), in its Acronis Cyber Infrastructure…

Read more →

Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious payloads. The Ukrainian Government’s Computer Emergency Response Team (CERT-UA) reported a surge in activity associated with the APT group UAC-0057 (aka…

Read more →