Category: Uncategorized
-

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks [email protected] (The Hacker News)
A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. “The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec,…
-
The American Water cyberattack: Explaining how it happened
Post ContentRead More
-

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data [email protected] (The Hacker News)
North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks. “In some instances, fraudulent workers demanded ransom payments from their former…
-

The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture [email protected] (The Hacker News)
Picture your company’s data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today’s fast-evolving landscape can feel like an impossible challenge. But there’s a game-changing solution: Data Security Posture Management (DSPM). Think of it…
-

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign [email protected] (The Hacker News)
Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. “Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare andRead More
-

Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign [email protected] (The Hacker News)
Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems. “This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given malicious PowerShell code, finally infecting their systems,” French cybersecurity company…
-

Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser [email protected] (The Hacker News)
Microsoft has disclosed details about a now-patched security flaw in Apple’s Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to get around a user’s privacy preferences and access data. The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part…
-
Veeam Backup and Replication Deserialization Vulnerability (CVE-2024-40711)
What is the Vulnerability?CVE-2024-40711 is a critical unauthenticated Remote Code Execution (RCE) vulnerability in Veeam Backup & Replication software. Threat actors could execute arbitrary code on a vulnerable system without authentication, which poses a significant risk to organizations using Veeam for backup and data protection. The vulnerability has been added to Known Exploited Vulnerabilities Catalog…
-
What is tailgating (piggybacking)?
Post ContentRead More
-

Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant [email protected] (The Hacker News)
The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka SnipBot or RomCom 5.0), said Cisco Talos,…
