Cybersecurity News.

"FIN8 deploys ALPHV ransomware using Sardonic malware variant."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 18 July 2023, 1351 UTC.  Content provided by ""

Source: ("").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (

FIN8 deploys ALPHV ransomware using Sardonic malware variant

  • A financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware version.

  • Google Cloud Build

Google Cloud Build bug lets hackers launch supply chain attacks

  • A critical design flaw in the Google Cloud Build service discovered by cloud security firm Orca Security can let attackers escalate privileges, providing them with almost nearly-full and unauthorized access to Google Artifact Registry code repositories.

  • Micosoft Exchange

Microsoft Exchange Online hit by new outage blocking emails

  • Microsoft is investigating an ongoing Exchange Online outage preventing customers from sending emails and triggering 503 errors on affected systems.

  • CISA

CISA orders govt agencies to mitigate Windows and Office zero-days

  • CISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based RomCom cybercriminal group in NATO phishing attacks.

  • WordPress

Hackers exploiting critical WordPress WooCommerce Payments bug

  • Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation.

  • CISA

CISA shares free tools to help secure data in the cloud

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared a factsheet providing details on free tools and guidance for securing digital assets after switching to the cloud from on-premises environments.

  • Adobe

Critical ColdFusion flaws exploited in attacks to drop webshells

  • Hackers are actively exploiting two ColdFusion vulnerabilities to bypass authentication and remotely execute commands to install webshells on vulnerable servers.

  • Police arrest

Police arrests Ukrainian scareware developer after 10-year hunt

  • The Spanish National Police has apprehended a Ukrainian national wanted internationally for his involvement in a scareware operation spanning from 2006 to 2011.

  • Hacker cybersecurity attack

IT worker jailed for impersonating ransomware gang to extort employer

  • 28-year-old Ashley Liles, a former IT employee, has been sentenced to over three years in prison for attempting to blackmail his employer during a ransomware attack.

  • NoEscape ransomware

Meet NoEscape: Avaddon ransomware gang's likely successor

  • The new NoEscape ransomware operation is believed to be a rebrand of Avaddon, a ransomware gang that shut down and released its decryption keys in 2021.

  • JumpCloud white

JumpCloud discloses breach by state-backed APT hacking group

  • US-based enterprise software firm JumpCloud says a state-backed hacking group breached its systems almost one month ago as part of a highly targeted attack focused on a limited set of customers.

  • Windows 11

Windows Copilot arrives in the fall with Windows 11 23H2

  • Windows 11 23H2 is taking a step further into the world of artificial intelligence with the introduction of Windows Copilot, its centralized AI assistant.

  • Docker

Thousands of images on Docker Hub leak auth secrets, private keys

  • Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted on Docker Hub contain confidential secrets, exposing software, online platforms, and users to a massive attack surface.

  • Hand data data leak hacker

Gamaredon hackers start stealing data 30 minutes after a breach

  • Ukraine's Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour.

  • Hacker

Genesis Market infrastructure and inventory sold on hacker forum

  • The administrators of the Genesis Market for stolen credentials announced on a hacker forum that they sold the store and a new owner would get the reins "next month."



Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.