Google links WinRAR exploitation to Russian, Chinese state hackers
Google says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by...
threatintel
MATA malware framework exploits EDR in attacks on defense firms
An updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil...
Recently patched Citrix NetScaler bug exploited as zero-day since August
A critical vulnerability tracked as CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August,...
Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials
Hackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux...
Google Play Protect adds real-time scanning to fight Android malware
Google has announced new, real-time scanning features for Google Play Protect that make it harder for malicious apps employing polymorphism...
Hacker leaks millions of new 23andMe genetic data profiles
A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany...
Ukrainian activists hack Trigona ransomware gang, wipe servers
A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang...
Ex-Navy IT head gets 5 years for selling people’s data on darkweb
Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison...
North Korean hackers exploit critical TeamCity flaw to breach networks
Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
LockBit 3.0 Ransomware Victim: kasperekusaoptical[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Knight Ransomware Victim: US Claims Solutions
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Our new principles to help make cloud backups more resilient
Our new principles to help make cloud backups more resilient Every month there are press reports of a global organisation...
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks
Update October 17, 16:40 EDT: Added new information on breached Cisco IOS XE devices. Attackers have exploited a recently disclosed...
Fighting off cyberattacks? Make sure user credentials aren’t compromised
As an IT professional, you know that threat actors work overtime to get your end-users’ credentials. Whether it’s 3 PM...
SpyNote Android malware spreads via fake volcano eruption alerts
The Android 'SpyNote' malware was observed in attacks targeting Italy using a fake 'IT-alert' public alert service that infected visitors...
D-Link confirms data breach after employee phishing attack
Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for...
Malicious Notepad++ Google ads evade detection for months
A new Google Search malvertizing campaign targets users looking to download the popular Notepad++ text editor, employing advanced techniques to...
KwikTrip all but says IT outage was caused by a cyberattack
Kwik Trip has released another statement on an ongoing outage, all but confirming it suffered a cyberattack that has led...
Amazon adds passkey support as new passwordless login option
Amazon has quietly added passkey support as a new passwordless login option for customers, offering better protection from information-stealing malware...
Over 40,000 admin portal accounts use ‘admin’ as a password
Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving...
AndroidLista – 6,640,643 breached accounts
HIBP In July 2021, the Android applications and games review site AndroidLista suffered a data breach. The incident exposed 6.6M...
Phoenix – 74,776 breached accounts
HIBP In mid-2021, the "vintage messaging reborn" service Phoenix suffered a data breach that exposed 75k unique email addresses. The...
Posh C2 Detected – 193[.]36[.]15[.]250:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
