August 2024

Cyberattackers Exploit Google Sheets for Malware Control in Global Espionage Campaign

Cyberattackers Exploit Google Sheets for Malware Control in Global Espionage Campaign 2024-08-30 at 16:47 By Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal […]

Cyberattackers Exploit Google Sheets for Malware Control in Global Espionage Campaign Read More »

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices 2024-08-30 at 16:31 By dakshsharma16 Key Takeaways Overview Cyble’s weekly vulnerability report for August 21-27 found the highest number of exposed vulnerable assets in nearly three months, since a widespread PHP vulnerability was found in early June. Cyble researchers found more

Weekly IT Vulnerability Report: Cyble Researchers Find Nearly 1 Million Exposed Fortinet, SonicWall Devices Read More »

Critical Advisory on RansomHub Ransomware: A Comprehensive Analysis and Mitigation Guide

Critical Advisory on RansomHub Ransomware: A Comprehensive Analysis and Mitigation Guide 2024-08-30 at 16:16 By dakshsharma16 Key Takeaways Overview On August 29, 2024, a joint advisory was issued by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Department of Health and Human

Critical Advisory on RansomHub Ransomware: A Comprehensive Analysis and Mitigation Guide Read More »

In Other News: Automotive CTF, Deepfake Scams, Singapore’s OT Security Masterplan

In Other News: Automotive CTF, Deepfake Scams, Singapore’s OT Security Masterplan 2024-08-30 at 16:01 By SecurityWeek News Noteworthy stories that might have slipped under the radar: automotive CTF with $100k in prizes, deepfake scams, and Singapore’s OT security masterplan for 2024. The post In Other News: Automotive CTF, Deepfake Scams, Singapore’s OT Security Masterplan appeared

In Other News: Automotive CTF, Deepfake Scams, Singapore’s OT Security Masterplan Read More »

California Advances Landmark Legislation to Regulate Large AI Models

California Advances Landmark Legislation to Regulate Large AI Models 2024-08-30 at 16:01 By Associated Press Efforts in California to establish first-in-the-nation safety measures for the largest artificial intelligence systems cleared an important vote. The post California Advances Landmark Legislation to Regulate Large AI Models appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

California Advances Landmark Legislation to Regulate Large AI Models Read More »

BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests

BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests 2024-08-30 at 16:01 By Kevin Townsend Cisco Talos has a blog post on the BlackByte ransomware group’s continuing evolution and new TTPs. The post BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests appeared first on SecurityWeek. This article is

BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests Read More »

How RansomHub went from zero to 210 victims in six months

How RansomHub went from zero to 210 victims in six months 2024-08-30 at 15:16 By Zeljka Zorz RansomHub, a ransomware-as-a-service (RaaS) outfit that “popped up” earlier this year, has already amassed at least 210 victims (that we know of). Its affiliates have hit government services, IT and communication companies, healthcare institutions, financial organizations, emergency services,

How RansomHub went from zero to 210 victims in six months Read More »

ManticoraLoader: New Loader Announced from the Developers of AresLoader

ManticoraLoader: New Loader Announced from the Developers of AresLoader 2024-08-30 at 15:01 By rohansinhacyblecom Cyble Research & Intelligence Labs (CRIL) has discovered the announcement of a new malware-as-a-service named ‘ManticoraLoader’ in the underground. The threat actors behind the group DeadXInject have been offering the service in underground forums and on their Telegram channel since August

ManticoraLoader: New Loader Announced from the Developers of AresLoader Read More »

Fortra Patches Critical Vulnerability in FileCatalyst Workflow

Fortra Patches Critical Vulnerability in FileCatalyst Workflow 2024-08-30 at 14:31 By Ionut Arghire Fortra limits access to FileCatalyst Workflow database after vendor knowledgebase article leaks default credentials. The post Fortra Patches Critical Vulnerability in FileCatalyst Workflow appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Fortra Patches Critical Vulnerability in FileCatalyst Workflow Read More »

US Government Issues Advisory on Ransomware Group Blamed for Halliburton Cyberattack

US Government Issues Advisory on Ransomware Group Blamed for Halliburton Cyberattack 2024-08-30 at 14:31 By Eduard Kovacs The RansomHub ransomware group, which has made at least 210 victims, is believed to be behind the attack on oil giant Halliburton.  The post US Government Issues Advisory on Ransomware Group Blamed for Halliburton Cyberattack appeared first on

US Government Issues Advisory on Ransomware Group Blamed for Halliburton Cyberattack Read More »

Iranian Hackers Set Up New Network to Target U.S. Political Campaigns

Iranian Hackers Set Up New Network to Target U.S. Political Campaigns 2024-08-30 at 14:31 By Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future’s Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie,

Iranian Hackers Set Up New Network to Target U.S. Political Campaigns Read More »

Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals

Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals 2024-08-30 at 14:31 By The most dangerous vulnerability you’ve never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within

Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals Read More »

Microsoft PC accessories rise from the grave just in time for Christmas

Microsoft PC accessories rise from the grave just in time for Christmas 2024-08-30 at 14:01 By Richard Speed Incase revives Windows giant’s abandoned peripherals range Microsoft’s line of PC peripherals is being revived in time for the incoming festive season, with a range reintroduced under the “Designed by Microsoft” brand.… This article is an excerpt

Microsoft PC accessories rise from the grave just in time for Christmas Read More »

New Malware Masquerades as Palo Alto VPN Targeting Middle East Users

New Malware Masquerades as Palo Alto VPN Targeting Middle East Users 2024-08-30 at 13:46 By Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool. “The malware can execute remote PowerShell commands, download and exfiltrate

New Malware Masquerades as Palo Alto VPN Targeting Middle East Users Read More »

Faulty valve sent Astrobotic’s Peregrine lander straight back to Earth’s atmosphere

Faulty valve sent Astrobotic’s Peregrine lander straight back to Earth’s atmosphere 2024-08-30 at 12:46 By Richard Speed What goes up must come down – just not always on the Moon Astrobotic has continued its policy of transparency with a report into the failings that resulted in its Peregrine lander burning up in Earth’s atmosphere rather

Faulty valve sent Astrobotic’s Peregrine lander straight back to Earth’s atmosphere Read More »

Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals

Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals 2024-08-30 at 12:46 By The most dangerous vulnerability you’ve never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within

Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals Read More »

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence 2024-08-30 at 12:16 By Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor. This article is an excerpt from Trend Micro Research, News and Perspectives View Original Source

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence Read More »

Scroll to Top