π What's going on in the cyber world today? π¨ #CyberAlerts DragonRank Search Engine Optimization Campaign Targeting IIS Servers Source: Joey Chen via Cisco Talos TrickMo Android Banking Malware Steals Login Credentials Using Advanced Tactics Source: Cleafy Lazarus Group Exploits Fake Coding Tests to Spread Malware Among Developers Source: Karlo Zanki via Reversing Labs GitLab Releases Patches for Severe Vulnerabilities in Multiple Versions Source: GitLab Adobe Releases Patch for Critical Acrob...
Sep 12, 2024β’10 min
π What's trending in cybersecurity today? π¨ #CyberAlerts Microsoft Releases Patches for 79 Flaws Including 3 Actively Exploited Bugs Source: Microsoft Crimson Palace Returns with Expanded Chinese Cyberespionage Campaign Source: Mark Parsons, Morgan Demboski, Sean Gallagher via Sophos CosmicBeetle Partners with RansomHub and Launches ScRansom Ransomware Source: Jakub SouΔek via ESET Ivanti Urgently Releases Updates for Critical Endpoint Manager Vulnerabilities Source: Ivanti RansomHub Exploits ...
Sep 11, 2024β’10 min
π What's the latest in the cyber world today? π¨ #CyberAlerts WhatsApp View Once Flaw Lets Attackers Easily Save Disappearing Media Source: Tal Be'ery via Zengo Earth Preta Upgrades Attack Strategy by Spreading Malware Through Removable Drives Source: Lenart Bermejo, Sunny Lu, Ted Lee via Trend Micro Konni Group Intensify Cyber Espionage Campaigns Against Russia and South Korea Source: Genians Quad7 Botnet Expands Attack Scope to Target SOHO Routers and Media Servers Source: Felix AimΓ©, Pierre-...
Sep 10, 2024β’10 min
π What's happening in cybersecurity today? π¨ #CyberAlerts TIDRONE Espionage Group Targets Taiwan Drone Manufacturers in New Campaign Source: Pierre Lee and Vickie Su via Trend Micro Critical IBM Product Vulnerabilities Allow Exploits and Denial of Service Attacks Source: IBM RAMBO Attack Exploits RAM Radiation to Steal Data from Air-Gapped Computers Source: Mordechai Guri via arXiv New SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys from Android Source: SangRyol Ryu via McAfee G...
Sep 09, 2024β’9 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts Russian Main Intelligence Unit 29155 Linked to Global Cyberattacks Source: CISA Linux Pluggable Authentication Modules Abused to Create Persistent Backdoors Source: Vito Alfano and Nam Le Phuong via Group-IB Apache OFBiz Update Resolves Critical Code Execution Flaw with New Patch Source: Apache Critical Flaw in LiteSpeed Cache Plugin Allows Unauthenticated Account Takeover Source: Patchstack SonicWall Issues Urgent...
Sep 06, 2024β’10 min
π What's going on in the cyber world today? π¨ #CyberAlerts Cross-Platform KTLVdoor Malware Uncovered in Earth Lusca Attack Source: Cedric Pernet, Jaromir Horejsi via Trend Micro Revival Hijack Attack Endangers 22,000 PyPI Packages with Malicious Code Source: Andrey Polkovnichenko and Brian Moussalli via JFrog North Korean Hackers Target Job Seekers with Fake FreeConference App Source: Sharmine Low via Group-IB EUCLEAK Flaw in YubiKey Devices Allows Attackers to Clone Security Keys Source: Ninj...
Sep 05, 2024β’10 min
π What's trending in cybersecurity today? π¨ #CyberAlerts FBI Warns Cryptocurrency Firms of Aggressive Social Engineering Attacks Source: FBI Cybercriminals Exploit MacroPack Red-Teaming Tool to Distribute Malware Source: Vanja Svajcer via Cisco Talos Android September 2024 Update Addresses Critical Local Privilege Flaw Source: Google D-Link Wonβt Patch Critical RCE Flaws in DIR-846W Routers Due to End of Support Source: D-Link Zyxel Alerts to Critical OS Command Injection Flaw in Multiple Rout...
Sep 04, 2024β’10 min
π What's the latest in the cyber world today? π¨ #CyberAlerts Critical VMware Fusion Vulnerability Enables Remote Code Execution Source: Broadcom GlobalProtect VPN Compromised to Deliver WikiLoader Malware via SEO Poisoning Source: Mark Lim and Tom Marsden via Unit42 by Palo Alto Networks SpyNote Malware Campaign Targets Malaysia's Rapidly Expanding Digital Services Source: Broadcom Swan Bitcoin CEO Cory Klippsten Warns Users About Phishing Scam Targeting Platform Source: Cory Klippsten via X G...
Sep 03, 2024β’10 min
π What's happening in cybersecurity today? π¨ #CyberAlerts North Korean Hackers Exploit Chrome Zero-Day to Deploy FudModule Rootkit Source: Microsoft Cicada3301 Ransomware Targets VMware ESXi with Advanced Linux Encryptor Source: Nicklas Keijser and Mattias WΓ₯hlΓ©n via Truesec Godzilla Fileless Backdoor Exploits Atlassian Confluence Vulnerability Source: Abdelrahman Esmail, Sunil Bharti via Trend Micro SQL Injection Flaw Allows Bypass of TSA Security Checks and Cockpit Access Source: Ian Carroll...
Sep 02, 2024β’10 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts North Korean Hackers Exploit Developers in New Malicious npm Packages Campaign Source: Phylum Rocinante Malware Targets Brazilian Banking Customers by Hijacking Android Devices Source: Threat Fabric Cyberattack Targets Chinese-Speaking Businesses Using Cobalt Strike Payloads Source: Den Iuzvyk, Tim Peck via Securonix AVTECH IP Camera Flaw Exploited for Botnet Attacks and Malware Distribution Source: Kyle Lefton, La...
Aug 30, 2024β’10 min
π What's going on in the cyber world today? π¨ #CyberAlerts APT-C-60 Exploits Critical Kingsoft WPS Office Flaw to Deploy SpyGlace Backdoor Source: Romain Dumont via ESET PoorTry Windows Driver Evolves from EDR Disabler to Full-Fledged Wiper Tool Source: Andreas Klopsch via Sophos APT33 Unleashes Tickler Malware to Breach US Government and Defense Systems Source: Microsoft CISA Adds Google Chromium V8 Bug to Known Exploited Vulnerability Catalog Source: CISA Dell BIOS Vulnerability Enables Hack...
Aug 29, 2024β’9 min
π What's trending in cybersecurity today? π¨ #CyberAlerts CISA Flags Critical Apache OFBiz Vulnerability Amid Active Exploitation Reports Source: CISA BlackByte Ransomware Gang Debuts New Encryptor and Advanced Tactics Source: James Nutland, Craig Jackson, Terryn Valikodath via Cisco Talos New QR Code Phishing Campaign Uses Microsoft Sway to Steal Credentials Source: Jan Michael Alcantara via Netskope Eight Mobile Apps Expose Sensitive User Data Through Unencrypted Transmission Source: Symantec...
Aug 28, 2024β’9 min
π What's the latest in the cyber world today? π¨ #CyberAlerts Microsoft Patches ASCII Smuggling Vulnerability in 365 Copilot Source: Microsoft Newly Discovered Greasy Opal Group Provides CAPTCHA Solving Tools to Hackers Source: Arkose Labs Apache Portable Runtime Flaw Exposes Sensitive Data on Unix Systems Souce: Apache WordPress Multilingual Plugin Flaw Exposes 1 Million Sites to Remote Code Execution Source: Wordfence FreeDurov Hacktivist Campaign Launches After Telegram CEO Pavel Durovβs Arr...
Aug 27, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts New Malware Employs Advanced Obfuscation Techniques to Bypass Antivirus Detection Source: Xavier Mertens via Sans Technology Institute Iranian Hackers Target Global Political Figures in WhatsApp Phishing Campaign Source: Meta CISA Adds Versa Director Vulnerability to Known Exploited Vulnerability Catalog Source: CISA Critical Vulnerabilities in Traccar GPS Allow Remote Code Execution Attacks Source: Naveen Sunkavally via Horizon3 PEAKLI...
Aug 26, 2024β’10 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts Cthulhu Stealer Targets macOS Users Worldwide for Crypto Theft Source: Tara Gould via Daco Security Chinese Threat Group Velvet Ant Exploit Cisco Switches for Zero-Day Attack Source: Sygnia Qilin Ransomware Group Steals Chrome Credentials in New Attack Strategy Source: Lee Kirkpatrick, Paul Jacobs, Harshal Gosalia, Robert Weiland via Sophos Cybercriminals Use Google Ads to Distribute Malware via Fake Slack Download...
Aug 23, 2024β’8 min
π What's going on in the cyber world today? π¨ #CyberAlerts 15,000 AWS Apps Vulnerable to ALBeast Attacks Due to Critical Configuration Flaw Source: Daniel Shechter via Miggo Security North Korean Hackers Deploy New MoonPeak Trojan in Expanding Espionage Campaign Source: Asheer Malhotra, Guilherme Venere, Vitor Ventura via Cisco Talos NGate Android Malware Exploits NFC to Facilitate Unauthorized ATM Withdrawals Source: Lukas Stefanko and Jakub Osmani via ESET GitHub Patches Critical Security Fl...
Aug 22, 2024β’9 min
π What's trending in cybersecurity today? π¨ #CyberAlerts Computer Emergency Response Team of Ukraine Warns of New Vermin Phishing Campaign Source: The Computer Emergency Response Team of Ukraine Backdoor in Shanghai Fudan RFID Cards Exposes Millions to Instant Cloning Risks Source: Philippe Teuwen via Quarkslab Critical Apache DolphinScheduler Vulnerability Allows Remote Code Execution Source: Apache New UULoader Malware Exploits Weaponized PDFs to Attack Users Source: Shaul Vilkomir Preisman ...
Aug 21, 2024β’9 min
π What's the latest in the cyber world today? π¨ #CyberAlerts Major Flaw in Microsoft Apps for MacOS Enables Hackers to Spy on Users Source: Francesco Benvenuto via Cisco Talos Iranian Threat Actor TA453 Targets Jewish Leader with AnvilEcho Malware Source: Joshua Miller, Georgi Mladenov, Andrew Northern, Greg Lesnewich via Proofpoint New TLS Bootstrap Attack Exposes Azure Kubernetes Cluster Secrets Source: Mandiant Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor Source: S...
Aug 20, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts Xeon Sender Tool Exploits Cloud APIs to Launch Large-Scale SMS Phishing Campaigns Source: Alex Delamotte via SentinelOne Cybercriminals Use Fake Apps to Target Beneficiaries of India's PM Kisan Yojana initiative Source: Broadcom Researchers Unveil RollingCache to Defend Against Cache Side-Channel Attacks Source: Divya Ohja and Sandhya Dwarkdas via arXiv Linux Kernel Flaw Allows Attackers to Bypass CPU and Write to Memory Source: Linux Q...
Aug 19, 2024β’9 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts RansomHub Unleashes New EDR-Killing Tool to Bypasses Defenses Source: Andreas Klopsch via Sophos New Banshee Stealer Strikes Targeting macOS Browsers and Crypto Wallets Source: Elastic Security Labs Unfixed Microsoft Entra ID Flaw Allows Bypass of Hybrid Identity Authentication Source: Cymulate Russian Hackers Target Eastern Europe NGOs and Media in New Phishing Campaign Source: Natalia Krapiva via Access Now Googl...
Aug 16, 2024β’9 min
π What's going on in the cyber world today? π¨ #CyberAlerts Tokens Leak in GitHub Actions Artifacts Exposes Repositories to Takeover Source : Yaron Avital via Palo Alto Networks' Unit 42 Gafgyt Botnet Exploits Weak SSH Passwords or Crypto Mining Attack Source: Assaf Morag via Aqua SolarWinds Urges Immediate Patch for Critical Web Help Desk RCE Vulnerability Source: SolarWinds Black Basta Linked Campaign Uses AnyDesk for Credential Theft and Malware Dropper Sources: Tyler McGraw via Rapid7 Irani...
Aug 15, 2024β’9 min
π What's trending in cybersecurity today? π¨ #CyberAlerts Microsoft Releases August 2024 Patch Fixing 90 Flaws Including 9 Zero-Days Source: Microsoft Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access Source: Ivanti New CryptoCore Scam Uses Deepfakes to Attack Users and Drain Wallets Source: Avast Threat Labs Adobe Releases Patches for 72 Critical Vulnerabilities Across Key Products Source: Adobe SAP Issues Critical Security Patches for BusinessObjects and Build App...
Aug 14, 2024β’9 min
π What's the latest in the cyber world today? π¨ #CyberAlerts Russia-Linked Phishing Campaign Targets Ukrainian Government with MESHAGENT Source: Computer Emergency Response Team of Ukraine DeathGrip Ransomware Expands Services Through Ransomware-as-a-Service Platform Source: Broadcom New Windows 10 and 11 Blue Screen of Death Vulnerability Exposed Source: Fortra Grayfly Expands Global Reach with New Loaders and Evolving Attack Tactics Source: Broadcom Phishing Scam Masquerades as Google Safety...
Aug 13, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts Severe AWS Flaws Discovered Leading to Remote Code Execution and Data Theft Source: Yakir Kadkoda, Ofek Itach, Michael Katchinskiy via Aqua Microsoft Office Spoofing Vulnerability Exposes Sensitive Data Source: Microsoft Earth Baku Expands Its Cyber Campaign to Europe Middle East and Africa Source: Trend Micro AMD Faces Security Crisis with Sinkclose Vulnerability Affecting Older Chips Source: AMD Critical Vulnerabilities in Ewon Cosy+ ...
Aug 12, 2024β’9 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts CISA Alerts on Legacy Cisco Smart Install Exploits and Network Vulnerabilities Source: Cybersecurity Infrastructure Security Agency Critical MongoDB Vulnerability Exposes Windows Systems to Attackers Source: MongoDB New Windows Downgrade Attack Bypass Exposes Patched Vulnerabilities Source: Alon Leviev via SafeBreach North Korean APT Kimsuky Launches Phishing Attacks on Global Universities Source: Resilience STAC64...
Aug 09, 2024β’8 min
π What's going on in the cyber world today? π¨ #CyberAlerts Critical Flaw in Microsoft Entra ID Allows Privilege Escalation Source: Eric Woodruff via BlackHat New Phishing Scam Exploits Google Drawings and WhatsApp Links to Steal Data Source: Ashwin Vamshi via Menlo Security 18 Year Old Vulnerability Lets Attackers Bypass Major Browser Security Controls Source: Avi Lumelsky via Oligo Major Jenkins Vulnerabilities Allow Remote Code Execution and File Reading Source: Jenkins Remote Code Execution...
Aug 08, 2024β’9 min
π What's trending in cybersecurity today? π¨ #CyberAlerts CISA Ads Microsoft COM Vulnerability to Known Exploited Vulnerabilities List Source: CISA Firefox 129.0 Released with Enhanced Security Fixes and Improvements Source: Mozilla Chameleon Trojan Uses Fake CRM App to Target Users in Canada and Europe Source: Threat Fabric Critical Kibana Flaw Exposes Systems to Arbitrary Code Execution Source: Rodrigo Silva via Elastic Attackers Use LNK Stomping to Bypass Reputation-Based Security Controls S...
Aug 07, 2024β’9 min
π What's the latest in the cyber world today? π¨ #CyberAlerts Google Releases August Security Update Addressing Critical Zero-Days Source: Google Apache OFBiz Zero-Day Vulnerability Allows Unauthenticated Remote Code Execution Source: Hasib Vhora via SonicWall Hunters International Deploys SharpRhino RAT Targeting IT Workers Source: Michael Forret via Quorum Cyber North Korean Hackers Hit South Korean Construction Sector with Supply Chain Attack Source: Shreyas Reddy via NK News Russian Hackers...
Aug 06, 2024β’9 min
π What's happening in cybersecurity today? π¨ #CyberAlerts Critical Code Execution Bug Threatens Apache InLong Users Worldwide Source: Apache New Panamorfi Campaign Exploits Jupyter Notebooks and Discord for DDoS Attacks Source: Assaf Morag via Aqua Major Flaw in Rockwell Automation Devices Allows Unauthorized Command Execution Source: Cybersecurity Infrastructure Security Agency Critical Flaw in DVRs Exposes 400,000 Devices to Unauthorized Access and Attacks Source: NetSecFish New Android Troj...
Aug 05, 2024β’9 min
π What are the latest cybersecurity alerts, incidents, and news? π¨ #CyberAlerts Bitdefender GravityZone Vulnerability Exposes Servers to SSRF Attacks Source: Bitdefender Attackers Hijack Facebook Pages and Spread Lumma Stealer via Photo Editor App Source: Trend Micro Microsoft Edge Patches Critical Vulnerability Allowing Arbitrary Code Execution Source: Microsoft New BITSLOTH Backdoor Exploits Windows BITS for Stealthy Command and Control Source: Elastic Security Labs Threat Actors Exploit Clo...
Aug 02, 2024β’9 min
