The Kinsing threat actors recently started exploiting a critical security flaw in vulnerable Apache ActiveMQ servers (CVE-2023-46604). This strategic move allows them to infect Linux systems, deploying cryptocurrency miners and rootkits for illicit gains. The Adaptable Kinsing Threat Group Trend…
In a recent report, cybersecurity experts at Unciphered have exposed a new exploit called Randstorm, which poses a threat to Bitcoin wallets created between 2011 and 2015. This exploit allows for the potential recovery of passwords, leading to unauthorized access…
Researchers from Cisco Talos recently shed light on the latest ransomware activities orchestrated by the 8Base ransomware group. Leveraging a new variant of the notorious Phobos ransomware, these threat actors have been intensifying their financially motivated attacks, prompting cybersecurity experts…
In a recent revelation by the Google Threat Analysis Group (TAG), a critical zero-day flaw in the Zimbra Collaboration email software has become the focal point of real-world cyber attacks. Exploited by four distinct threat actors, these attacks aimed at…
VMware has issued a warning about a critical and unpatched vulnerability, tracked as CVE-2023-34060, in its Cloud Director platform. The flaw, with a severity score of 9.8 (CVSS), poses a significant risk by allowing a malicious actor to circumvent authentication…
The cybersecurity community is on high alert as the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) jointly issue an advisory on the growing threat posed…
Microsoft has released its November 2023 Patch Tuesday, addressing a total of 63 security vulnerabilities in its software. This comprehensive update includes fixes for three actively exploited vulnerabilities, emphasizing the company’s commitment to thwarting cyber threats. November 2023 Patch Tuesday:…
Intel has just addressed a high-severity CPU vulnerability codenamed Reptar (CVE-2023-23583), earning a CVSS score of 8.8. This flaw, capable of allowing escalation of privilege, information disclosure, and denial of service through local access, has prompted a rapid response from…
A new ransomware player, called Hunters International, has recently been discovered. What makes this group distinct is its origin story – it has inherited the source code and infrastructure from the dismantled Hive ransomware operation, a ransomware-as-a-service (RaaS) entity that…
The Industrial & Commercial Bank of China (ICBC), the world’s largest commercial bank by revenue, has fallen victim to a ransomware attack. The attack disrupted the U.S. Treasury market, leading to equities clearing issues and prompting emergency responses from financial…
Threat actors have exploited a zero-day vulnerability in SysAid, a leading IT Service Management (ITSM) solution, to compromise corporate servers for data theft and deploy the notorious Clop ransomware. This breach, identified as CVE-2023-47246, highlights the increasing sophistication of cyber…
In a series of relentless distributed denial-of-service attacks over the last 24 hours, OpenAI has grappled with intermittent outages affecting its API and ChatGPT services. While the company is actively working to mitigate the disruptions, the root cause remains undisclosed.…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently identified and cataloged a high-severity flaw in the Service Location Protocol (SLP), underscoring the urgency for organizations to take immediate action. Tracked as CVE-2023-29552 with a CVSS score of 7.5, this…
Cybersecurity researchers have uncovered a new macOS malware strain, ObjCShellz, attributing it to the North Korea-linked nation-state group known as BlueNoroff. This threat actor has been connected to five ransomware-as-a-service (RaaS) programs over the past four years, showcasing a broad…
In a groundbreaking revelation, cybersecurity researchers have identified a major threat actor known as farnetwork, a key player linked to five distinct ransomware-as-a-service (RaaS) programs over the past four years. Insights from a Unique “Job Interview” Process Singapore-based Group-IB, in…
Multiple ransomware collectives are actively capitalizing on recently unveiled vulnerabilities in Atlassian Confluence and Apache ActiveMQ, according to cybersecurity firm Rapid7. CVE-2023-22518, CVE-2023-22515 The observed exploitation of CVE-2023-22518 and CVE-2023-22515 in various customer environments has resulted in the deployment of…
Veeam has swiftly responded to security concerns by releasing updates that target four vulnerabilities in its ONE IT monitoring and analytics platform, two of which hold critical severity ratings. Veeam Vulnerabilities: CVE-2023-38547, CVE-2023-38548, CVE-2023-38549, CVE-2023-41723 The identified vulnerabilities are: CVE-2023-38547…
A covert and sophisticated strain of malware named StripedFly has silently navigated the digital realm, eluding detection for over half a decade. Kaspersky, the renowned Russian cybersecurity vendor, has unveiled the inner workings of this insidious malware. The StripedFly malware…
Social media platforms, often seen as arenas for connection and expression, have become breeding grounds for financially motivated threat actors orchestrating large-scale attacks. Bitdefender Labs has been vigilant in monitoring a growing trend where cybercriminals exploit social media networks for…
Researchers from VMware Carbon Black have unearthed a concerning revelation — 34 unique Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers are susceptible to exploitation by non-privileged threat actors. The repercussions are dire, allowing malevolent entities to seize…
