Security Affairs newsletter Round 381
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
News
New Agenda Ransomware appears in the threat landscape
Trend Micro researchers warn of a new ransomware family called Agenda, which has been used in attacks on organizations in...
Twilio hackers also breached the food delivery firm DoorDash
Twilio hackers also compromised the food delivery firm DoorDash, the attackers had access to company data, including customer and employee...
Unprecedented cyber attack hit State Infrastructure of Montenegro
The state Infrastructure of Montenegro was hit by a massive and “unprecedented” cyber attack, authorities announced. An unprecedented cyber attack...
Threat actor abuses Genshin Impact Anti-Cheat driver to disable antivirus
Threat actors abused a vulnerable anti-cheat driver for the Genshin Impact video game to disable antivirus software. Threat actors abused...
Critical flaw impacts Atlassian Bitbucket Server and Data Center
Atlassian addressed a critical vulnerability in Bitbucket Server and Data Center that could lead to malicious code execution on vulnerable instances. Atlassian...
Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access
An Iran-linked Mercury APT group exploited the Log4Shell vulnerability in SysAid applications for initial access to the targeted organizations. The Log4Shell...
GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique
The North Korea-linked Kimsuky APT is behind a new campaign, tracked as GoldDragon, targeting political and diplomatic entities in South...
0ktapus phishing campaign: Twilio hackers targeted other 136 organizations
The threat actors behind Twilio and Cloudflare attacks have been linked to a phishing campaign that targeted other 136 organizations. The threat actors...
LastPass data breach: threat actors stole a portion of source code
Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. Password...
ZTNA vs VPN: Secure Remote Work & Access – SASE Part 2
Explore the drivers behind switching from VPN to Zero Trust Network Access (ZTNA) for any device access from anywhere. If...
Unlocking Serverless with AWS Lambda and IAM
Learn how Lambda and IAM unlock the power and versatility of the cloud by implementing a serverless User API that...
New Golang Ransomware Agenda Customizes Attacks
A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and...
LastPass Security Alert Compromised Development Area
LastPass have released the below statement regarding a compromise to the development environment. Dear valued customer,We are writing to inform...
Nobelium APT uses new Post-Compromise malware MagicWeb
Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered...
GAIROSCOPE attack allows to exfiltrate data from Air-Gapped systems via ultrasonic tones
GAIROSCOPE: An Israeli researcher demonstrated how to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The popular...
Threat actors are using the Tox P2P messenger as C2 server
Threat actors are using the Tox peer-to-peer instant messaging service as a command-and-control server, Uptycs researchers reported. Tox is a...
Kimsuky’s GoldDragon cluster and its C2 operations
Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related...
Ransomware updates & 1-day exploits
Introduction In our crimeware reporting service, we analyze the latest crime-related trends we come across. Last month, we again posted...
Plex discloses data breach and urges password reset
The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database....
Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused...
AiTM phishing campaign also targets G Suite users
The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign now target Google G Suite users The threat actors behind a large-scale...
VMware fixed a privilege escalation issue in VMware Tools
VMware this week released patches to address an important-severity vulnerability in the VMware Tools suite of utilities. The virtualization giant...
France hospital Center Hospitalier Sud Francilien suffered ransomware attack
A French hospital, the Center Hospitalier Sud Francilien (CHSF), suffered a cyberattack on Sunday and was forced to refer patients...
