Threat Intelligence

Date Text URI
Dec. 3, 2024 Cisco Confirms Active Exploitation of Decade-Old WebVPN Vulnerability in ASA Software https://securityonline.info/cisco-confirms-active-exploitation-of-decade-old-webvpn-vulnerability-in-asa-software/
Dec. 2, 2024 Zero-Day Attack Alert: Corrupted Files Weaponized in New Attacks https://securityonline.info/zero-day-attack-alert-corrupted-files-weaponized-in-new-attacks/
Dec. 2, 2024 Mystery google.com certificate issued by Brazilian CA https://www.reddit.com/r/netsec/comments/1h4h1iy/mystery_googlecom_certificate_issued_by_brazilian/
Nov. 29, 2024 Malicious npm Packages Threaten Crypto Developers: Keylogging and Wallet Theft Revealed https://securityonline.info/malicious-npm-packages-threaten-crypto-developers-keylogging-and-wallet-theft-revealed/
Nov. 29, 2024 Beyond FUD Links: Rockstar PaaS Kit Exploits Trusted Platforms for Phishing https://securityonline.info/beyond-fud-links-rockstar-paas-kit-exploits-trusted-platforms-for-phishing/
Nov. 29, 2024 Godot Engine Compromised: Malware Distributed via GodLoader https://securityonline.info/godot-engine-compromised-malware-distributed-via-godloader/
Nov. 21, 2024 PDFFlex: Analyzing PUA Persistence and Evasion Techniques https://securityonline.info/pdfflex-analyzing-pua-persistence-and-evasion-techniques/
Nov. 21, 2024 Researchers Uncover XenoRAT’s New Tactics Leveraging Excel XLL Files and Advanced Obfuscation https://securityonline.info/researchers-uncover-xenorats-new-tactics-leveraging-excel-xll-files-and-advanced-obfuscation/
Nov. 12, 2024 North Korean hackers create Flutter apps to bypass macOS security https://www.bleepingcomputer.com/news/security/north-korean-hackers-create-flutter-apps-to-bypass-macos-security/
Nov. 12, 2024 HIBP notifies 57 million people of Hot Topic data breach https://www.bleepingcomputer.com/news/security/hibp-notifies-57-million-people-of-hot-topic-data-breach/
Sept. 20, 2024 This Windows PowerShell Phish Has Scary Potential https://krebsonsecurity.com/2024/09/this-windows-powershell-phish-has-scary-potential/
Sept. 9, 2024 Akira Ransomware Exploits SonicWall SSLVPN Flaw (CVE-2024-40766) https://securityonline.info/akira-ransomware-exploits-sonicwall-sslvpn-flaw-cve-2024-40766/
Sept. 9, 2024 Fog Ransomware Group Shifts Focus: Financial Sector Now in Crosshairs https://securityonline.info/fog-ransomware-group-shifts-focus-financial-sector-now-in-crosshairs/
Sept. 9, 2024 Sextortion Scams Now Include Photos of Your Home https://krebsonsecurity.com/2024/09/sextortion-scams-now-include-photos-of-your-home/
Aug. 31, 2024 Local Networks Go Global When Domain Names Collide https://krebsonsecurity.com/2024/08/local-networks-go-global-when-domain-names-collide/
Aug. 31, 2024 When Get-Out-The-Vote Efforts Look Like Phishing https://krebsonsecurity.com/2024/08/when-get-out-the-vote-efforts-look-like-phishing/
Aug. 23, 2024 Google fixes ninth Chrome zero-day tagged as exploited this year https://www.bleepingcomputer.com/news/security/google-fixes-ninth-actively-exploited-chrome-zero-day-in-2024/
Aug. 23, 2024 Hackers steal banking creds from iOS, Android users via PWA apps https://www.bleepingcomputer.com/news/security/hackers-steal-banking-creds-from-ios-android-users-via-pwa-apps/
Aug. 23, 2024 New NGate Android malware uses NFC chip to steal credit card data https://www.bleepingcomputer.com/news/security/new-ngate-android-malware-uses-nfc-chip-to-steal-credit-card-data/
Aug. 8, 2024 ADT confirms data breach after customer info leaked on hacking forum https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-customer-info-leaked-on-hacking-forum/
Aug. 8, 2024 Windows Update downgrade attack "unpatches" fully-updated systems https://www.bleepingcomputer.com/news/microsoft/windows-update-downgrade-attack-unpatches-fully-updated-systems/
Aug. 7, 2024 Data Centers Alert: AMD Addresses SEV-SNP Vulnerabilities in EPYC Processors https://securityonline.info/data-centers-alert-amd-addresses-sev-snp-vulnerabilities-in-epyc-processors/
Aug. 3, 2024 20,000+ Ubiquiti Devices Exposed: Amplification Attacks & Data Leaks https://securityonline.info/20000-ubiquiti-devices-exposed-amplification-attacks-data-leaks/
Aug. 3, 2024 CVE-2024-7339: DVR Vulnerability Exposes Over 400,000 Devices to Hackers https://securityonline.info/cve-2024-7339-dvr-vulnerability-exposes-over-400000-devices-to-hackers/
Aug. 3, 2024 Malicious PyPI Packages Expose User Credentials https://securityonline.info/malicious-pypi-packages-expose-user-credentials/
July 26, 2024 PKfail Secure Boot bypass lets attackers install UEFI malware https://www.bleepingcomputer.com/news/security/pkfail-secure-boot-bypass-lets-attackers-install-uefi-malware/
July 20, 2024 China-Linked GhostEmperor Resurfaces: Enhanced Demodex Rootkit Targets Southeast Asia https://securityonline.info/china-linked-ghostemperor-resurfaces-enhanced-demodex-rootkit-targets-southeast-asia/
July 20, 2024 NHS England Issues Cyber Alert for Exploited CVE-2023-6548 Vulnerability in NetScaler Devices https://securityonline.info/nhs-england-issues-cyber-alert-for-exploited-cve-2023-6548-vulnerability-in-netscaler-devices/
July 17, 2024 Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks https://krebsonsecurity.com/2024/07/researchers-weak-security-defaults-enabled-squarespace-domains-hijacks/
July 17, 2024 Microsoft links Scattered Spider hackers to Qilin ransomware attacks https://www.bleepingcomputer.com/news/security/microsoft-links-scattered-spider-hackers-to-qilin-ransomware-attacks/
July 17, 2024 Rite Aid says June data breach impacts 2.2 million people https://www.bleepingcomputer.com/news/security/rite-aid-says-june-data-breach-impacts-22-million-people/
July 17, 2024 Email addresses of 15 million Trello users leaked on hacking forum https://www.bleepingcomputer.com/news/security/email-addresses-of-15-million-trello-users-leaked-on-hacking-forum/
July 17, 2024 Crooks Steal Phone, SMS Records for Nearly All AT&T Customers https://krebsonsecurity.com/2024/07/hackers-steal-phone-sms-records-for-nearly-all-att-customers/
July 9, 2024 Chinese APT40 hackers hijack SOHO routers to launch attacks https://www.bleepingcomputer.com/news/security/chinese-apt40-hackers-hijack-soho-routers-to-launch-attacks/
July 9, 2024 Hackers target WordPress calendar plugin used by 150,000 sites https://www.bleepingcomputer.com/news/security/hackers-target-wordpress-calendar-plugin-used-by-150-000-sites/
July 9, 2024 Fujitsu confirms customer data exposed in March cyberattack https://www.bleepingcomputer.com/news/security/fujitsu-confirms-customer-data-exposed-in-march-cyberattack/
July 8, 2024 Universal Code Execution by Chaining Messages in Browser Extensions https://www.reddit.com/r/netsec/comments/1dxj0wh/universal_code_execution_by_chaining_messages_in/
July 8, 2024 Cybercriminals Escalate Attacks Exploiting Microsoft SmartScreen Flaw (CVE-2024-21412) https://securityonline.info/cybercriminals-escalate-attacks-exploiting-microsoft-smartscreen-flaw-cve-2024-21412/
July 8, 2024 Volcano Demon: New Ransomware Gang Targets Windows & Linux https://securityonline.info/volcano-demon-new-ransomware-gang-targets-windows-linux/
June 30, 2024 InnoLoader Malware Evades Detection Posing as Cracked Software https://securityonline.info/innoloader-malware-evades-detection-posing-as-cracked-software/
June 30, 2024 Avaya IP Office Users Urged to Patch Critical Flaws (CVE-2024-4196 & CVE-2024-4197) https://securityonline.info/avaya-ip-office-users-urged-to-patch-critical-flaws-cve-2024-4196-cve-2024-4197/
June 30, 2024 TeamViewer Confirms Cyberattack by Notorious APT Group https://securityonline.info/teamviewer-confirms-cyberattack-by-notorious-apt-group/
June 30, 2024 MerkSpy Spyware Campaign Exploits Microsoft Office Flaw https://securityonline.info/merkspy-spyware-campaign-exploits-microsoft-office-flaw/
June 23, 2024 PrestaShop Sites Under Attack via Facebook Module Vulnerability (CVE-2024-36680) https://securityonline.info/prestashop-sites-under-attack-via-facebook-module-vulnerability-cve-2024-36680/
June 22, 2024 Ratel RAT targets outdated Android phones in ransomware attacks https://www.bleepingcomputer.com/news/security/ratel-rat-targets-outdated-android-phones-in-ransomware-attacks/
June 22, 2024 CDK Global outage caused by BlackSuit ransomware attack https://www.bleepingcomputer.com/news/security/cdk-global-outage-caused-by-blacksuit-ransomware-attack/
June 21, 2024 Linux version of RansomHub ransomware targets VMware ESXi VMs https://www.bleepingcomputer.com/news/security/linux-version-of-ransomhub-ransomware-targets-vmware-esxi-vms/
June 21, 2024 BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features! http://www.kitploit.com/2024/06/bokuloader-proof-of-concept-cobalt.html
June 21, 2024 UNC3886 hackers use Linux rootkits to hide on VMware ESXi VMs https://www.bleepingcomputer.com/news/security/unc3886-hackers-use-linux-rootkits-to-hide-on-vmware-esxi-vms/
June 13, 2024 Bondnet Threat Actor Still Active, Using Bots as C2 Servers https://securityonline.info/bondnet-threat-actor-still-active-using-bots-as-c2-servers/
June 11, 2024 PHP Vulnerability (CVE-2024-4577) Actively Exploited in TellYouThePass Ransomware Attacks https://securityonline.info/php-vulnerability-cve-2024-4577-actively-exploited-in-tellyouthepass-ransomware-attacks/
June 6, 2024 Check-in terminals used by thousands of hotels leak guest info https://www.bleepingcomputer.com/news/security/check-in-terminals-used-by-thousands-of-hotels-leak-guest-info/
June 6, 2024 New Fog ransomware targets US education sector via breached VPNs https://www.bleepingcomputer.com/news/security/new-fog-ransomware-targets-us-education-sector-via-breached-vpns/
June 6, 2024 Club Penguin fans breached Disney Confluence server, stole 2.5GB of data https://www.bleepingcomputer.com/news/security/club-penguin-fans-breached-disney-confluence-server-stole-25gb-of-data/
June 6, 2024 New Gitloker attacks wipe GitHub repos in extortion scheme https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/
June 3, 2024 Hugging Face Spaces Platform Hit by Unauthorized Access https://securityonline.info/hugging-face-spaces-platform-hit-by-unauthorized-access/
June 3, 2024 CVE-2024-29415: Popular Node.js Package ‘node-ip’ Exposes Millions to Potential SSRF Attacks https://securityonline.info/cve-2024-29415-popular-node-js-package-node-ip-exposes-millions-to-potential-ssrf-attacks/
May 16, 2024 Threat actors misusing Quick Assist in social engineering attacks leading to ransomware https://www.reddit.com/r/netsec/comments/1csqem5/threat_actors_misusing_quick_assist_in_social/
May 9, 2024 Zscaler takes "test environment" offline after rumors of a breach https://www.bleepingcomputer.com/news/security/zscaler-takes-test-environment-offline-after-rumors-of-a-breach/
May 9, 2024 Citrix warns admins to manually mitigate PuTTY SSH client bug https://www.bleepingcomputer.com/news/security/citrix-warns-admins-to-manually-mitigate-putty-ssh-client-bug/
May 9, 2024 Crickets from Chirp Systems in Smart Lock Key Leak https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak/
May 9, 2024 Who Stole 3.6M Tax Records from South Carolina? https://krebsonsecurity.com/2024/04/who-stole-3-6m-tax-records-from-south-carolina/
May 9, 2024 City of Wichita breach claimed by LockBit ransomware gang https://www.bleepingcomputer.com/news/security/city-of-wichita-breach-claimed-by-lockbit-ransomware-gang/
May 9, 2024 FBI warns of gift card fraud ring targeting retail companies https://www.bleepingcomputer.com/news/security/fbi-warns-of-gift-card-fraud-ring-targeting-retail-companies/
May 9, 2024 Ascension healthcare takes systems offline after cyberattack https://www.bleepingcomputer.com/news/security/ascension-healthcare-takes-systems-offline-after-cyberattack/
May 9, 2024 University System of Georgia: 800K exposed in 2023 MOVEit attack https://www.bleepingcomputer.com/news/security/university-system-of-georgia-800k-exposed-in-2023-moveit-attack/
May 9, 2024 Dell warns of data breach, 49 million customers allegedly affected https://www.bleepingcomputer.com/news/security/dell-warns-of-data-breach-49-million-customers-allegedly-affected/
May 5, 2024 NSA warns of North Korean hackers exploiting weak DMARC email policies https://www.bleepingcomputer.com/news/security/nsa-warns-of-north-korean-hackers-exploiting-weak-dmarc-email-policies/
May 5, 2024 CISA urges software devs to weed out path traversal vulnerabilities https://www.bleepingcomputer.com/news/security/cisa-urges-software-devs-to-weed-out-path-traversal-vulnerabilities/
May 5, 2024 Android bug leaks DNS queries even when VPN kill switch is enabled https://www.bleepingcomputer.com/news/security/android-bug-leaks-dns-queries-even-when-vpn-kill-switch-is-enabled/
May 4, 2024 Nearly 20% of Docker Hub Repositories were used to spread malware & phishing scams https://www.reddit.com/r/netsec/comments/1cgtztj/nearly_20_of_docker_hub_repositories_were_used_to/
May 2, 2024 Adload Adware Quickly Evades Apple’s Expanded XProtect https://securityonline.info/adload-adware-quickly-evades-apples-expanded-xprotect/
May 2, 2024 New Cuttlefish Malware Evades Detection, Targets SOHO Routers https://securityonline.info/new-cuttlefish-malware-evades-detection-targets-soho-routers/
May 2, 2024 “Goldoon” Botnet Exploits Unpatched D-Link Devices https://securityonline.info/goldoon-botnet-exploits-unpatched-d-link-devices/
April 30, 2024 Millions of Docker repos found pushing malware, phishing sites https://www.bleepingcomputer.com/news/security/millions-of-docker-repos-found-pushing-malware-phishing-sites/
April 30, 2024 Stealthy ‘DarkGate’ Trojan Abuses AutoHotkey, Evades Defender https://securityonline.info/stealthy-darkgate-trojan-abuses-autohotkey-evades-defender/
April 29, 2024 FROZEN#SHADOW Campaign: The Stealthy Advance of SSLoad Malware and Cobalt Strike https://securityonline.info/frozenshadow-campaign-the-stealthy-advance-of-ssload-malware-and-cobalt-strike/
April 29, 2024 US Post Office phishing sites get as much traffic as the real one https://www.bleepingcomputer.com/news/security/us-post-office-phishing-sites-get-as-much-traffic-as-the-real-one/
April 28, 2024 Kaiser Permanente: Data breach may impact 13.4 million patients https://www.bleepingcomputer.com/news/security/kaiser-permanente-data-breach-may-impact-134-million-patients/
April 28, 2024 Okta warns of "unprecedented" credential stuffing attacks on customers https://www.bleepingcomputer.com/news/security/okta-warns-of-unprecedented-credential-stuffing-attacks-on-customers/
April 28, 2024 LA County Health Services: Patients' data exposed in phishing attack https://www.bleepingcomputer.com/news/security/la-county-health-services-thousands-of-patients-data-exposed-in-email-breach/
April 28, 2024 Fake job interviews target developers with new Python backdoor https://www.bleepingcomputer.com/news/security/fake-job-interviews-target-developers-with-new-python-backdoor/
April 26, 2024 Alert: “Brokewell” Malware – New Threat Targets Bank Users with Remote Device Takeover https://securityonline.info/alert-brokewell-malware-new-threat-targets-bank-users-with-remote-device-takeover/
April 26, 2024 Postman users are exposing Thousands of live Passwords/API keys https://www.reddit.com/r/netsec/comments/1cd2s6f/postman_users_are_exposing_thousands_of_live/
April 26, 2024 Beware of Search Results: Hackers Using Fake Websites to Spread Malware https://securityonline.info/beware-of-search-results-hackers-using-fake-websites-to-spread-malware/
April 26, 2024 AI Powers a Phishing Frenzy – Zscaler Report Warns of Unprecedented Threat Wave https://securityonline.info/ai-powers-a-phishing-frenzy-zscaler-report-warns-of-unprecedented-threat-wave/
April 26, 2024 Hackers Employ Advanced Fileless Attack to Implant AgentTesla Malware https://securityonline.info/hackers-employ-advanced-fileless-attack-to-implant-agenttesla-malware/
April 26, 2024 Iranian Hacker Group MuddyWater Abuses Legitimate Atera Software to Target Global Organizations https://securityonline.info/iranian-hacker-group-muddywater-abuses-legitimate-atera-software-to-target-global-organizations/
April 26, 2024 Hanwha Vision Announces Critical Security Updates for NVR and DVR Models https://securityonline.info/hanwha-vision-announces-critical-security-updates-for-nvr-and-dvr-models/
April 24, 2024 Hackers hijack antivirus updates to drop GuptiMiner malware https://www.bleepingcomputer.com/news/security/hackers-hijack-antivirus-updates-to-drop-guptiminer-malware/
April 24, 2024 Nation-State Threat Actors Renew Publications to npm https://www.reddit.com/r/netsec/comments/1cbmeit/nationstate_threat_actors_renew_publications_to/
April 24, 2024 SAP Threat Modeling Tool - Open Source Software https://www.reddit.com/r/netsec/comments/1cbqqp1/sap_threat_modeling_tool_open_source_software/
April 23, 2024 Sharp Stealer: New Malware Targets Gamers’ Accounts and Online Identities https://securityonline.info/sharp-stealer-new-malware-targets-gamers-accounts-and-online-identities/
April 23, 2024 ToddyCat: Unveiling the Stealthy APT Group Targeting Asia-Pacific Governments https://securityonline.info/toddycat-unveiling-the-stealthy-apt-group-targeting-asia-pacific-governments/
April 23, 2024 Russia-Linked Hackers Exploit Windows Zero-Day, Deploy “GooseEgg” to Hijack Networks https://securityonline.info/russia-linked-hackers-exploit-windows-zero-day-deploy-gooseegg-to-hijack-networks/
April 22, 2024 Microsoft: APT28 hackers exploit Windows flaw reported by NSA https://www.bleepingcomputer.com/news/security/microsoft-apt28-hackers-exploit-windows-flaw-reported-by-nsa/
April 22, 2024 Russian Sandworm hackers targeted 20 critical orgs in Ukraine https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-targeted-20-critical-orgs-in-ukraine/
April 22, 2024 GitLab affected by GitHub-style CDN flaw allowing malware hosting https://www.bleepingcomputer.com/news/security/gitlab-affected-by-github-style-cdn-flaw-allowing-malware-hosting/
April 18, 2024 “All Your Secrets Are Belong To Us” — A Delinea Secret Server AuthN/AuthZ Bypass https://www.reddit.com/r/netsec/comments/1c5h4h1/all_your_secrets_are_belong_to_us_a_delinea/
April 17, 2024 Multiple botnets exploiting one-year-old TP-Link flaw to hack routers https://www.bleepingcomputer.com/news/security/multiple-botnets-exploiting-one-year-old-tp-link-flaw-to-hack-routers/
April 17, 2024 Vulnerability in Popular VPN Software Could Lead to Crashes and Service Disruptions https://securityonline.info/vulnerability-in-popular-vpn-software-could-lead-to-crashes-and-service-disruptions/
April 17, 2024 T-Mobile, Verizon workers get texts offering $300 for SIM swaps https://www.bleepingcomputer.com/news/security/t-mobile-verizon-workers-get-texts-offering-300-for-sim-swaps/
April 16, 2024 Cisco warns of large-scale brute-force attacks against VPN services https://www.bleepingcomputer.com/news/security/cisco-warns-of-large-scale-brute-force-attacks-against-vpn-services/
April 14, 2024 Hacker claims Giant Tiger data breach, leaks 2.8M records online https://www.bleepingcomputer.com/news/security/hacker-claims-giant-tiger-data-breach-leaks-28m-records-online/
April 14, 2024 Thread Hijacking: Phishes That Prey on Your Curiosity https://krebsonsecurity.com/2024/03/thread-hijacking-phishes-that-prey-on-your-curiosity/
April 14, 2024 Several vulnerabilities in LG WebOS. Chained, lead to RCE. https://www.reddit.com/r/netsec/comments/1c22m7x/several_vulnerabilities_in_lg_webos_chained_lead/
April 14, 2024 GitHub Search Sabotaged: Malware Hidden in Popular Repositories https://securityonline.info/github-search-sabotaged-malware-hidden-in-popular-repositories/
April 14, 2024 Apple Warns Users of Targeted Spyware Attacks – Here’s How to Stay Safe https://securityonline.info/apple-warns-users-of-targeted-spyware-attacks-heres-how-to-stay-safe/
April 14, 2024 “Coyote” Trojan Strikes Brazil’s Banks, Experts Warn of Next-Gen Threat https://securityonline.info/coyote-trojan-strikes-brazils-banks-experts-warn-of-next-gen-threat/
April 14, 2024 GraphStrike: Cobalt Strike HTTPS beaconing over Microsoft Graph API https://securityonline.info/graphstrike-cobalt-strike-https-beaconing-over-microsoft-graph-api/
April 14, 2024 Roku warns 576,000 accounts hacked in new credential stuffing attacks https://www.bleepingcomputer.com/news/security/roku-warns-576-000-accounts-hacked-in-new-credential-stuffing-attacks/
April 14, 2024 Telegram fixes Windows app zero-day used to launch Python scripts https://www.bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-used-to-launch-python-scripts/
April 14, 2024 Palo Alto Networks zero-day exploited since March to backdoor firewalls https://www.bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/
Feb. 29, 2024 Lazarus Group Suspected in Telegram Phishing Attacks on Investors https://securityonline.info/lazarus-group-suspected-in-telegram-phishing-attacks-on-investors/
Feb. 29, 2024 Rhysida ransomware wants $3.6 million for children’s stolen data https://www.bleepingcomputer.com/news/security/rhysida-ransomware-wants-36-million-for-childrens-stolen-data/
Feb. 29, 2024 Malicious AI models on Hugging Face backdoor users’ machines https://www.bleepingcomputer.com/news/security/malicious-ai-models-on-hugging-face-backdoor-users-machines/
Feb. 11, 2024 Raspberry Robin Keeps Riding The Wave Of Endless 1-days https://research.checkpoint.com/2024/raspberry-robin-keeps-riding-the-wave-of-endless-1-days/
Feb. 11, 2024 Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021 https://www.mandiant.com/resources/blog/chinese-vmware-exploitation-since-2021
Feb. 10, 2024 MacOS data exfiltration malware poses as an update for Visual Studio code editor. https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Feb. 7, 2024 Critical vulnerability affecting most Linux distros allows for bootkits https://arstechnica.com/security/2024/02/critical-vulnerability-affecting-most-linux-distros-allows-for-bootkits/
Dec. 28, 2023 LogoFAIL attack: using image files to attack computers https://www.kaspersky.com/blog/logofail-uefi-vulnerabilities/50160/
Dec. 21, 2023 Double Extortion Attack Analysis https://www.reliaquest.com/blog/double-extortion-attack-analysis/
Dec. 11, 2023 Unmasking the Enigma: A Historical Dive into the World of PlugX Malware https://www.splunk.com/en_us/blog/security/unmasking-the-enigma-a-historical-dive-into-the-world-of-plugx-malware.html
Dec. 1, 2023 Deep Analysis of Vidar Stealer https://m4lcode.github.io/malware%20analysis/vidar/
Nov. 29, 2023 Ransomware gangs and Living Off the Land (LOTL) attacks: A deep dive https://www.malwarebytes.com/blog/business/2023/11/ransomware-gangs-and-living-off-the-land-lotl-attacks-a-deep-dive/amp
Nov. 24, 2023 GootBot – Gootloader’s new approach to post-exploitation https://securityintelligence.com/x-force/gootbot-gootloaders-new-approach-to-post-exploitation/
Nov. 21, 2023 DarkGate and Pikabot malware emerge as Qakbot’s successors https://www.bleepingcomputer.com/news/security/darkgate-and-pikabot-malware-emerge-as-qakbots-successors/#google_vignette
Nov. 15, 2023 Opensea (Seaport) Exploit Details: Check if your address is affected https://revoketokens.io/exploits/opensea-11-14/
Nov. 9, 2023 Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology
Oct. 27, 2023 Hackers can force iOS and macOS browsers to divulge passwords and much more https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/
Oct. 21, 2023 Hackers Stole Access Tokens from Okta’s Support Unit https://krebsonsecurity.com/2023/10/hackers-stole-access-tokens-from-oktas-support-unit/
Oct. 18, 2023 Security Vulnerabilities in CasaOS https://www.sonarsource.com/blog/security-vulnerabilities-in-casaos/
Oct. 18, 2023 Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/
Oct. 10, 2023 CVE-2023-22515 - Broken Access Control Vulnerability in Confluence Data Center and Server https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html
Oct. 6, 2023 MGM Resorts ransomware attack led to $100 million loss, data theft https://www.bleepingcomputer.com/news/security/mgm-resorts-ransomware-attack-led-to-100-million-loss-data-theft/
Oct. 3, 2023 Motel One Group’s Swift Response Thwarts Ransomware Attack https://www.hackread.com/motel-one-groups-thwarts-ransomware-attack/
Oct. 3, 2023 Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. https://securityaffairs.com/151869/malware/bunnyloader-maas.html?amp=1
Sept. 23, 2023 New stealthy and modular Deadglyph malware used in govt attacks https://www.bleepingcomputer.com/news/security/new-stealthy-and-modular-deadglyph-malware-used-in-govt-attacks/
Sept. 23, 2023 0-days exploited by commercial surveillance vendor in Egypt https://blog.google/threat-analysis-group/0-days-exploited-by-commercial-surveillance-vendor-in-egypt/
Sept. 23, 2023 Ahmed Eltantawy Targeted with Predator Spyware After Announcing Presidential Ambitions https://citizenlab.ca/2023/09/predator-in-the-wires-ahmed-eltantawy-targeted-with-predator-spyware-after-announcing-presidential-ambitions/
Sept. 22, 2023 Chinese hackers have unleashed a never-before-seen Linux backdoor https://arstechnica.com/security/2023/09/never-before-seen-linux-backdoor-is-a-windows-malware-knockoff/
Sept. 21, 2023 Chinese hackers have unleashed a never-before-seen Linux backdoor https://arstechnica.com/security/2023/09/never-before-seen-linux-backdoor-is-a-windows-malware-knockoff/
Sept. 20, 2023 Attacks on 5G Infrastructure From Users’ Devices https://www.trendmicro.com/en_us/research/23/i/attacks-on-5g-infrastructure-from-users-devices.html
Sept. 19, 2023 DHS: Ransomware attackers headed for second most profitable year https://therecord.media/dhs-ransomware-headed-for-second-profits
Sept. 12, 2023 Redfly: Espionage Actors Continue to Target Critical Infrastructure https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/critical-infrastructure-attacks
Sept. 10, 2023 “MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts https://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d
Sept. 5, 2023 4,500 of the Top 1 Million Websites Leaked Source Code, Secrets https://trufflesecurity.com/blog/4500-of-the-top-1-million-websites-leaked-source-code-secrets/
Sept. 3, 2023 Government Agencies Report New Russian Malware Targets Ukrainian Military https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3511738/government-agencies-report-new-russian-malware-targets-ukrainian-military/
Aug. 30, 2023 BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps https://www.welivesecurity.com/en/eset-research/badbazaar-espionage-tool-targets-android-users-trojanized-signal-telegram-apps/
Aug. 29, 2023 FBI Dismantles a Malware System That Took Millions in Ransom https://www.msn.com/en-us/money/markets/fbi-dismantles-a-malware-system-that-took-millions-in-ransom/ar-AA1fWQVA
Aug. 29, 2023 Meta Cripples China's Signature 'Spamouflage' Influence Op https://www.darkreading.com/application-security/meta-vs-china-social-giant-cripples-chinese-disinformation-apt
Aug. 28, 2023 Microsoft Releases Mitigation Notes for Windows Downfall Vulnerability https://securityonline.info/microsoft-releases-mitigation-notes-for-windows-downfall-vulnerability/
Aug. 25, 2023 Flax Typhoon using legitimate software to quietly access Taiwanese organizations https://www.microsoft.com/en-us/security/blog/2023/08/24/flax-typhoon-using-legitimate-software-to-quietly-access-taiwanese-organizations/
Aug. 23, 2023 TP-Link Smart Bulb Vulns Expose Households To Hacker Attacks https://www.securityweek.com/tp-link-smart-bulb-vulnerabilities-expose-households-to-hacker-attacks/
Aug. 22, 2023 Uncle Sam: Rest of the world would love to steal our space blueprints – don't let 'em https://www.theregister.com/2023/08/21/us_satellite_hacking/
Aug. 19, 2023 GitLab vulnerability leveraged in LABRAT cryptojacking, proxyjacking operation https://www.scmagazine.com/brief/gitlab-vulnerability-leveraged-in-labrat-cryptjacking-proxyjacking-operation
Aug. 19, 2023 LinkedIn Suffers 'Significant' Wave of Account Hacks https://www.darkreading.com/attacks-breaches/linkedin-suffers-significant-wave-of-account-hacks
Aug. 19, 2023 Phishing campaign steals accounts for Zimbra email servers worlwide https://www.bleepingcomputer.com/news/security/phishing-campaign-steals-accounts-for-zimbra-email-servers-worlwide/
Aug. 19, 2023 LABRAT: Stealthy Cryptojacking and Proxyjacking Campaign Targeting GitLab https://sysdig.com/blog/labrat-cryptojacking-proxyjacking-campaign/
Aug. 19, 2023 The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack https://thehackernews.com/2023/08/the-vulnerability-of-zero-trust-lessons.html?m=1
Aug. 18, 2023 Fake Airplane Mode: A mobile tampering technique to maintain connectivity https://www.jamf.com/blog/fake-airplane-mode-a-mobile-tampering-technique-to-maintain-connectivity/
Aug. 15, 2023 Discord.io confirms breach after hacker steals data of 760K users https://www.bleepingcomputer.com/news/security/discordio-confirms-breach-after-hacker-steals-data-of-760k-users/
Aug. 15, 2023 Ford SYNC 3 infotainment vulnerable to drive-by Wi-Fi hijacking https://www.theregister.com/2023/08/14/ford_sync_vulnerability/
Aug. 13, 2023 One of the world's largest crypto payment processors CoinsPaid loses $37M in hack https://x.com/bitcoinnewscom/status/1690809194146897920
Aug. 13, 2023 DoubleDrive: fully-undetectable ransomware that utilizes OneDrive to encrypt target files https://github.com/SafeBreach-Labs/DoubleDrive
Aug. 11, 2023 Proxy-capable backdoor deployed in South African nation’s critical infrastructure https://securelist.com/focus-on-droxidat-systembc/110302/
Aug. 11, 2023 Electoral Commission had internet-facing server with unpatched vuln https://www.theregister.com/2023/08/11/electoral_commission_vulnerability/
Aug. 11, 2023 Widespread file exposure possible with Western Digital, Synology NAS flaws https://www.scmagazine.com/brief/widespread-file-exposure-possible-with-western-digital-synology-nas-flaws
Aug. 10, 2023 Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack https://www.hackread.com/rust-injector-xworm-remcos-rat-multi-stage-attack/
Aug. 7, 2023 New acoustic attack steals data from keystrokes with 95% accuracy https://www.bleepingcomputer.com/news/security/new-acoustic-attack-steals-data-from-keystrokes-with-95-percent-accuracy/
Aug. 5, 2023 Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems https://asec.ahnlab.com/en/55785/
Aug. 4, 2023 Salesforce Zero-Day Exploited to Phish Facebook Credentials https://www.darkreading.com/application-security/salesforce-zero-day-exploited-phish-facebook-credentials
Aug. 3, 2023 Midnight Blizzard conducts targeted social engineering over Microsoft Teams https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/
Aug. 3, 2023 Russian APT 'BlueCharlie' Swaps Infrastructure to Evade Detection https://www.darkreading.com/attacks-breaches/russian-apt-bluecharlie-swaps-infrastructure-to-evade-detection
Aug. 3, 2023 Microsoft Flags Growing Cybersecurity Concerns for Major Sporting Events https://www.microsoft.com/en-us/security/business/security-insider/reports/cyber-signals/cyber-signals-issue-5-cyberthreats-increasingly-target-the-worlds-biggest-event-stages/
July 31, 2023 Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks https://www.securityweek.com/second-ivanti-epmm-zero-day-vulnerability-exploited-in-targeted-attacks/
July 31, 2023 SpyNote continues to attack financial institutions | Cleafy Labs https://www.reddit.com/r/netsec/comments/15ebsh4/spynote_continues_to_attack_financial/
July 31, 2023 Kenya cyber-attack: Why is eCitizen down? https://www.bbc.com/news/world-africa-66337573
July 31, 2023 Hackers exploit BleedingPipe RCE to target Minecraft servers, players https://www.bleepingcomputer.com/news/security/hackers-exploit-bleedingpipe-rce-to-target-minecraft-servers-players/
July 31, 2023 Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor https://medium.com/@knownsec404team/patchworks-new-assault-weapons-report-eyeshell-weapons-disclosure-181833f434be
July 31, 2023 Canon warns of Wi-Fi security risks when discarding inkjet printers https://www.bleepingcomputer.com/news/security/canon-warns-of-wi-fi-security-risks-when-discarding-inkjet-printers/
July 31, 2023 TelegramRAT - Cross Platform Telegram Based RAT That Communicates Via Telegram To Evade Network Restrictions https://www.kitploit.com/2023/07/telegramrat-cross-platform-telegram.html?m=1
July 31, 2023 Air-Gapped ICS Systems Targeted by Sophisticated Malware https://www.darkreading.com/ics-ot/air-gapped-ics-systems-targeted-sophisticated-malware
July 31, 2023 Cado Security Labs Encounter Novel Malware, Redis P2Pinfect https://www.cadosecurity.com/redis-p2pinfect/
July 30, 2023 Now Abyss Locker also targets VMware ESXi servers https://securityaffairs.com/148933/malware/abyss-locker-vmware-esxi.html?amp=1
July 28, 2023 CISA Releases Malware Analysis Reports on Barracuda Backdoors https://www.cisa.gov/news-events/alerts/2023/07/28/cisa-releases-malware-analysis-reports-barracuda-backdoors
July 28, 2023 Android malware steals user credentials using optical character recognition https://arstechnica.com/security/2023/07/android-malware-uses-ocr-to-capture-credentials-displayed-on-phone-screens/?utm_brand=arstechnica&utm_source=twitter&utm_social-type=owned&utm_medium=social
July 28, 2023 Hackers are infecting Call of Duty players with a self-spreading malware https://techcrunch.com/2023/07/27/hackers-are-infecting-call-of-duty-players-with-a-self-spreading-malware/
July 27, 2023 60,000 Androids have stalkerware-type app Spyhide installed https://www.malwarebytes.com/blog/news/2023/07/60000-androids-have-stalkerware-type-app-spyhide-installed
July 27, 2023 AXIS A1001 Network Door Controller Flaw Exposes Secure Facilities https://www.hackread.com/axis-a1001-flaw-facilities-unauthorized-access/
July 27, 2023 Ransomware groups claim responsibility for double-attack on Yamaha https://www.malwarebytes.com/blog/news/2023/07/ransomware-groups-claim-responsibility-for-double-attack-on-yamaha
July 26, 2023 Chinese hacking group APT31 uses mesh of home routers to disguise attacks https://therecord.media/chinese-hacking-group-apt31-uses-mesh-of-home-routers-to-disguise-attacks
July 26, 2023 VMware fixes bug exposing CF API admin credentials in audit logs https://www.bleepingcomputer.com/news/security/vmware-fixes-bug-exposing-cf-api-admin-credentials-in-audit-logs/
July 26, 2023 Super Admin elevation bug puts 900,000 MikroTik devices at risk https://www.bleepingcomputer.com/news/security/super-admin-elevation-bug-puts-900-000-mikrotik-devices-at-risk/
July 26, 2023 Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets https://iamdeadlyz.gitbook.io/malware-research/july-2023/fake-blockchain-games-deliver-redline-stealer-and-realst-stealer-a-new-macos-infostealer-malware
July 26, 2023 Advisory: Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability https://www.mnemonic.io/resources/blog/ivanti-endpoint-manager-mobile-epmm-authentication-bypass-vulnerability/
July 24, 2023 ALPHV ransomware group now provides an API for their ransomware leak site. https://twitter.com/vxunderground/status/1683479796917891075?s=20
July 24, 2023 Google half-patches Cloud Build permissions exploit, the rest is on you https://www.theregister.com/2023/07/24/infosec_in_brief/
July 24, 2023 Experts warn of OSS supply chain attacks against the banking sector https://securityaffairs.com/148757/cyber-crime/supply-chain-attack-banking-sector.html?amp=1
July 24, 2023 Deconstructing PowerShell Obfuscation in Malspam Campaigns https://www.sentinelone.com/blog/deconstructing-powershell-obfuscation-in-malspam-campaigns/
July 24, 2023 Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks https://www.mandiant.com/resources/blog/privileges-third-party-windows-installers
July 24, 2023 North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack https://www.mandiant.com/resources/blog/north-korea-supply-chain
July 24, 2023 Lookout Attributes Advanced Android Surveillanceware to Chinese Espionage Group APT41 https://www.lookout.com/threat-intelligence/article/wyrmspy-dragonegg-surveillanceware-apt41
July 23, 2023 BMC Firmware Flaw Affecting Millions Gives Superuser Access https://arstechnica.com/security/2023/07/millions-of-servers-inside-data-centers-imperiled-by-flaws-in-ami-bmc-firmware/
July 23, 2023 Shadowserver Reported That +15k Citrix Servers Are Likely Vulnerable To Attacks Exploiting The Flaw Cve-2023-3519 https://securityaffairs.com/148735/hacking/15k-citrix-servers-vulnerable-cve-2023-3519.html?amp=1
July 23, 2023 Roblox Pwned https://haveibeenpwned.com/PwnedWebsites#Roblox
July 23, 2023 NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data https://www.scmagazine.com/news/critical-infrastructure/netscaler-rce-bug-critical-infrastructure-active-directory-data
July 22, 2023 Phishers Exploiting Google Docs to Harvest Crypto Credentials https://www.hackread.com/phishers-google-docs-harvest-crypto-credentials/
July 21, 2023 Band-aid on a… corpse: Microsoft patches IE — again https://www.kaspersky.com/blog/microsoft-patch-tuesday-july-2023/48606/
July 21, 2023 Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks https://www.hackread.com/global-cdn-service-jsdelivr-phishing-attacks/
July 20, 2023 New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems https://thehackernews.com/2023/07/new-p2pinfect-worm-targeting-redis.html?m=1
July 20, 2023 AVrecon RAT hidden in SOHO routers infected 70,000 devices in 20 countries in two years https://securityonline.info/avrecon-rat-hidden-in-soho-routers-infected-70000-devices-in-20-countries-in-two-years/
July 20, 2023 Critical AMI MegaRAC bugs can let hackers brick vulnerable servers https://www.bleepingcomputer.com/news/security/critical-ami-megarac-bugs-can-let-hackers-brick-vulnerable-servers/
July 20, 2023 Mallox Ransomware Exploits Weak MS-SQL Servers to Breach Networks https://thehackernews.com/2023/07/mallox-ransomware-exploits-weak-ms-sql.html
July 20, 2023 Apache OpenMeetings Wide Open to Account Takeover, Code Execution https://www.darkreading.com/remote-workforce/apache-openmeetings-account-takeover-code-execution
July 19, 2023 Microsoft has identified targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard (KRYPTON, UAC-0003) leveraging DeliveryCheck, a novel .NET backdoor used to deliver a variety of second stage payloads. https://twitter.com/msftsecintel/status/1681695399084539908
July 19, 2023 Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware https://thehackernews.com/2023/07/chinese-apt41-hackers-target-mobile.html?m=1
July 19, 2023 Ukraine takes down massive bot farm, seizes 150,000 SIM cards https://www.bleepingcomputer.com/news/security/ukraine-takes-down-massive-bot-farm-seizes-150-000-sim-cards/
July 19, 2023 American Airlines Hacked by Cl0P Gang, MOVEit Involved https://gridinsoft.com/blogs/american-airlines-hack-cl0p/
July 19, 2023 FakeSG enters the 'FakeUpdates' arena to deliver NetSupport RAT https://www.malwarebytes.com/blog/threat-intelligence/2023/07/socgholish-copycat-delivers-netsupport-rat
July 18, 2023 Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites https://thehackernews.com/2023/07/cybercriminals-exploiting-woocommerce.html
July 18, 2023 New breach: 4k records from the 2017-2020 Roblox Developers Conferences https://twitter.com/haveibeenpwned/status/1681414153494470656
July 18, 2023 Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks Surge https://www.darkreading.com/attacks-breaches/sogu-snowydrive-malware-usb-based-cyberattacks-surge
July 18, 2023 Freemius WordPress SDK used by 7M sites is vulnerable to XSS attack (CVE-2023-33999) https://securityonline.info/freemius-wordpress-sdk-used-by-7m-sites-is-vulnerable-to-xss-attack-cve-2023-33999/
July 18, 2023 FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks https://thehackernews.com/2023/07/fin8-group-using-modified-sardonic.html?m=1
July 18, 2023 Pakistani Entities Targeted in Sophisticated Attack Deploying ShadowPad Malware https://thehackernews.com/2023/07/pakistani-entities-targeted-in.html?m=1
July 18, 2023 Critical ColdFusion flaws exploited in attacks to drop webshells https://www.bleepingcomputer.com/news/security/critical-coldfusion-flaws-exploited-in-attacks-to-drop-webshells/
July 18, 2023 Google Cloud Build bug lets hackers launch supply chain attacks https://www.bleepingcomputer.com/news/security/google-cloud-build-bug-lets-hackers-launch-supply-chain-attacks/
July 18, 2023 Microsoft Exchange Online hit by new outage blocking emails https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-hit-by-new-outage-blocking-emails/
July 17, 2023 WINTAPIX: A New Kernel Driver Targeting Countries in The Middle East https://www.fortinet.com/blog/threat-research/wintapix-kernal-driver-middle-east-countries
July 17, 2023 Adobe warns of critical Colfdusion RCE bug exploited in attacks https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-colfdusion-rce-bug-exploited-in-attacks/
July 17, 2023 JumpCloud discloses breach by state-backed APT hacking group https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/
July 17, 2023 A Spelling Mistake Is Causing Thousands of Sensitive Pentagon Documents to Be Leaked to a Russian Ally https://themessenger.com/news/thousands-of-sensitive-military-documents-are-being-leaked-to-russian-ally-because-of-spelling-mistake
July 17, 2023 Thousands of images on Docker Hub leak auth secrets, private keys https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/
July 15, 2023 Fake TeamViewer Installer Used to Deliver njRAT Malware https://www.hackread.com/fake-teamviewer-installer-njrat-malware/
July 14, 2023 TeamTNT's Cloud Credential Stealing Campaign Now Targets Azure and Google Cloud https://thehackernews.com/2023/07/teamtnts-cloud-credential-stealing.html
July 13, 2023 SonicWall warns admins to patch critical auth bypass bugs immediately https://www.bleepingcomputer.com/news/security/sonicwall-warns-admins-to-patch-critical-auth-bypass-bugs-immediately/
July 13, 2023 The Turkish Government Masqueraded Site Distributing Android RAT https://blog.cyble.com/2023/07/10/the-turkish-government-masqueraded-site-distributing-android-rat/
July 13, 2023 CL0P HACKER OPERATING FROM RUSSIA-UKRAINE WAR FRONT LINE https://securityaffairs.com/148399/cyber-crime/cl0p-hacker-operating-from-russia-ukraine.html?amp=1
July 13, 2023 USB drive malware attacks spiking again in first half of 2023 https://www.bleepingcomputer.com/news/security/usb-drive-malware-attacks-spiking-again-in-first-half-of-2023/
July 13, 2023 New PyLoose Linux malware mines crypto directly from memory https://www.bleepingcomputer.com/news/security/new-pyloose-linux-malware-mines-crypto-directly-from-memory/
July 13, 2023 Russian state hackers lure Western diplomats with BMW car ads https://www.bleepingcomputer.com/news/security/russian-state-hackers-lure-western-diplomats-with-bmw-car-ads/
July 12, 2023 Novel RedDriver tool used in attacks against Chinese Microsoft users https://www.scmagazine.com/brief/device-security/novel-reddriver-tool-used-in-attacks-against-chinese-microsoft-users
July 12, 2023 Behind the Scenes: Unveiling the Hidden Workings of Earth Preta APT https://www.trendmicro.com/en_us/research/23/f/behind-the-scenes-unveiling-the-hidden-workings-of-earth-preta.html
July 12, 2023 Hackers Exploit Policy Loophole in Windows Kernel Drivers https://www.darkreading.com/endpoint/hackers-exploit-policy-loophole-windows-kernel-drivers
July 7, 2023 CISA warns govt agencies to patch actively exploited Android driver https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-patch-actively-exploited-android-driver/
July 7, 2023 Global Translation Service Exposed Highly Sensitive Records Online https://www.hackread.com/global-translation-service-exposed-records/
July 7, 2023 Cisco warns of a flaw in Nexus 9000 series switches that allows modifying encrypted traffic https://securityaffairs.com/148235/security/cisco-nexus-9000-series-flaw.html?amp=1
July 7, 2023 China-Linked Spyware Found in Google Play Store Apps, 2m Downloads https://www.hackread.com/china-spyware-google-play-store-apps/
July 7, 2023 JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident https://thehackernews.com/2023/07/jumpcloud-resets-api-keys-amid-ongoing.html?m=1
July 6, 2023 Botnets Send Exploits Within Days to Weeks After Published PoC https://www.darkreading.com/vulnerabilities-threats/botnets-send-exploits-only-day-to-weeks-after-published-poc
July 5, 2023 Understanding Malware-as-a-Service https://securelist.com/malware-as-a-service-market/109980
July 5, 2023 SmugX: Chinese Hackers Targeting Embassies in Europe https://www.hackread.com/smugx-attack-chinese-hackers-europe/
July 4, 2023 CVE-2023-27997 Is Exploitable, and 69% of FortiGate Firewalls Are Vulnerable https://bishopfox.com/blog/cve-2023-27997-exploitable-and-fortigate-firewalls-vulnerable?utm_campaign=awareness&utm_medium=social&utm_source=twitter&utm_term=blog
July 3, 2023 Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs https://www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-ultimate-member-wordpress-plugin-with-200k-installs/
July 3, 2023 Neo_Net | The Kingpin of Spanish eCrime https://www.sentinelone.com/blog/neo_net-the-kingpin-of-spanish-ecrime/
July 3, 2023 New proxyjacking attacks monetize hacked SSH servers’ bandwidth https://www.bleepingcomputer.com/news/security/new-proxyjacking-attacks-monetize-hacked-ssh-servers-bandwidth/
July 3, 2023 Us, hacked by LockBit? No, says TSMC, that would be our IT supplier https://www.theregister.com/2023/06/30/tsmc_supplier_lockbit_breach/
July 3, 2023 New 'RustBucket' Malware Variant Targeting macOS Users https://thehackernews.com/2023/07/beware-new-rustbucket-malware-variant.html
June 30, 2023 Iran-linked Charming Kitten Apt Enhanced Its Powerstar Backdoor https://securityaffairs.com/147995/apt/charming-kitten-powerstar-backdoor.html?amp=1
June 30, 2023 MOVEit Hackers Find Simpler Business Model Than Ransomware https://www.scmagazine.com/analysis/third-party-risk/moveit-hackers-may-have-found-simpler-business-model-beyond-ransomware
June 29, 2023 From Group to Individual: Modeling InformNapalm’s Article on Sergey Morgachev of APT28 https://vertex.link/blogs/doxed-gru-officer/
June 28, 2023 New Mockingjay process injection technique evades EDR detection https://www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/
June 28, 2023 Warning: JavaScript registry npm vulnerable to 'manifest confusion' abuse https://www.theregister.com/2023/06/27/javascript_registry_npm_vulnerable/
June 28, 2023 Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution https://thehackernews.com/2023/06/critical-sql-injection-flaws-expose.html?m=1
June 24, 2023 Chinese Espionage Malware Targets European Healthcare via USB Drives https://www.hackread.com/china-espionage-malware-usb-drives-europe/
June 24, 2023 New strain of JavaScript dropper delivers Bumblebee and IcedID malware https://www.scmagazine.com/news/malware/new-strain-of-javascript-dropper-delivers-bumblebee-and-icedid-malware
June 23, 2023 UK cyberspies warn ransomware crews targeting law firms https://www.theregister.com/2023/06/23/ransomware_law_firms/
June 22, 2023 20-Year-Old Chinese APT15 Finds New Life in Foreign Ministry Attacks https://www.darkreading.com/vulnerabilities-threats/20-year-old-chinese-apt15-new-life-foreign-ministry-attacks
June 22, 2023 AWS WAF Clients Left Vulnerable to SQL Injection Due to Unorthodox MSSQL Design Choice https://www.gosecure.net/blog/2023/06/21/aws-waf-clients-left-vulnerable-to-sql-injection-due-to-unorthodox-mssql-design-choice/
June 22, 2023 eSentire Threat Intelligence Malware Analysis: Resident Campaign https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-resident-campaign
June 22, 2023 US Military Personnel Targeted by Unsolicited Smartwatches Linked to Data Breaches https://www.hackread.com/us-military-unsolicited-smartwatches-data-breach/
June 22, 2023 Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites https://thehackernews.com/2023/06/critical-flaw-found-in-wordpress-plugin.html?m=1
June 22, 2023 APT37 hackers deploy new FadeStealer eavesdropping malware https://www.bleepingcomputer.com/news/security/apt37-hackers-deploy-new-fadestealer-eavesdropping-malware/
June 22, 2023 Advisory: IDOR in Microsoft Teams Allows for External Tenants to Introduce Malware https://labs.jumpsec.com/advisory-idor-in-microsoft-teams-allows-for-external-tenants-to-introduce-malware/
June 21, 2023 Silent Push Launches with $10M in Total Funding to Bring Detection Focused Threat Intelligence to the Market https://www.prnewswire.com/news-releases/silent-push-launches-with-10m-in-total-funding-to-bring-detection-focused-threat-intelligence-to-the-market-301850019.html
June 21, 2023 eSentire Threat Intelligence Malware Analysis: Aurora Stealer https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-aurora-stealer
June 20, 2023 AI suggested 40,000 new possible chemical weapons in just six hours https://www.theverge.com/2022/3/17/22983197/ai-new-possible-chemical-weapons-generative-models-vx
June 20, 2023 ASUS Product Security Advisory - Patch Now! https://www.asus.com/content/asus-product-security-advisory/
June 20, 2023 100K+ Compromised ChatGPT Accounts on Dark Web Marketplaces https://www.group-ib.com/media-center/press-releases/stealers-chatgpt-credentials/