CISA: CISA Releases Nine Industrial Control Systems Advisories
CISA Releases Nine Industrial Control Systems Advisories CISA released nine Industrial Control Systems (ICS) advisories on January 11, 2024. These...
threatintel
CISA: Cisco Releases Security Advisory for Cisco Unity Connection
Cisco Releases Security Advisory for Cisco Unity Connection Cisco released a security advisory to address a vulnerability (CVE-2024-20272) in Cisco...
Threat Actors Increasingly Abusing GitHub for Malicious Purposes
The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host...
New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms
A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and...
New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source...
Associated Press Espn Cbs Among Top Sites Serving Fake Virus Alerts
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one...
Atomic Stealer Distributed To Mac Users Via Fake Browser Updates
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious...
Credit Card Skimming On The Rise For The Holiday Shopping Season
As we head into shopping season, customers aren’t the only ones getting excited. More online shopping means more opportunities for...
Ransomware Review November 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Pikabot Distributed Via Malicious Ads
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via...
Atomic Stealer Rings In The New Year With Updated Version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users....
New Metastealer Malvertising Campaigns
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
Malvertisers Zoom In On Cryptocurrencies And Initial Access
During the past month, we have observed an increase in the number of malicious ads on Google searches for “Zoom”,...
Ransomware Review December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Medusa Locker Ransomware Victim: Water For People
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Limburg
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Atomic Stealer Gets an Upgrade – Targeting Mac Users with Encrypted Payload
Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat...
There is a Ransomware Armageddon Coming for Us All
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising...
Mandiant’s X Account Was Hacked Using Brute-Force Attack
The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing...
Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked...
Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to...
Shinyhunters Member Gets 3 Years In Prison For Breaching 60 Firms
The U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a restitution...
Pro Ukraine Hackers Breach Russian Isp In Revenge For Kyivstar Attack
A pro-Ukraine hacktivist group named ‘Blackjack’ has claimed a cyberattack against Russian provider of internet services M9com as a direct...
Fidelity National Financial Hackers Stole Data Of 13 Million People
Fidelity National Financial (FNF) has confirmed that a November cyberattack (claimed by the BlackCat ransomware gang) has exposed the data...
