BleepingComputer.com: Cybersecurity News.

"FIN8 deploys ALPHV ransomware using Sardonic malware variant."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 18 July 2023, 1351 UTC.  Content provided by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

FIN8 deploys ALPHV ransomware using Sardonic malware variant

  • A financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware version.

  • Google Cloud Build
     
    SECURITY

Google Cloud Build bug lets hackers launch supply chain attacks

  • A critical design flaw in the Google Cloud Build service discovered by cloud security firm Orca Security can let attackers escalate privileges, providing them with almost nearly-full and unauthorized access to Google Artifact Registry code repositories.

  • Micosoft Exchange
     
    MICROSOFT

Microsoft Exchange Online hit by new outage blocking emails

  • Microsoft is investigating an ongoing Exchange Online outage preventing customers from sending emails and triggering 503 errors on affected systems.

  • CISA
     
    SECURITY

CISA orders govt agencies to mitigate Windows and Office zero-days

  • CISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based RomCom cybercriminal group in NATO phishing attacks.

  • WordPress
     
    SECURITY

Hackers exploiting critical WordPress WooCommerce Payments bug

  • Hackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation.

  • CISA
     
    SECURITY

CISA shares free tools to help secure data in the cloud

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared a factsheet providing details on free tools and guidance for securing digital assets after switching to the cloud from on-premises environments.

  • Adobe
     
    SECURITY

Critical ColdFusion flaws exploited in attacks to drop webshells

  • Hackers are actively exploiting two ColdFusion vulnerabilities to bypass authentication and remotely execute commands to install webshells on vulnerable servers.

  • Police arrest
     
    SECURITY

Police arrests Ukrainian scareware developer after 10-year hunt

  • The Spanish National Police has apprehended a Ukrainian national wanted internationally for his involvement in a scareware operation spanning from 2006 to 2011.

  • Hacker cybersecurity attack
     
    SECURITY

IT worker jailed for impersonating ransomware gang to extort employer

  • 28-year-old Ashley Liles, a former IT employee, has been sentenced to over three years in prison for attempting to blackmail his employer during a ransomware attack.

  • NoEscape ransomware
     
    SECURITY

Meet NoEscape: Avaddon ransomware gang's likely successor

  • The new NoEscape ransomware operation is believed to be a rebrand of Avaddon, a ransomware gang that shut down and released its decryption keys in 2021.

  • JumpCloud white
     
    SECURITY

JumpCloud discloses breach by state-backed APT hacking group

  • US-based enterprise software firm JumpCloud says a state-backed hacking group breached its systems almost one month ago as part of a highly targeted attack focused on a limited set of customers.

  • Windows 11
     
    MICROSOFT, SOFTWARE

Windows Copilot arrives in the fall with Windows 11 23H2

  • Windows 11 23H2 is taking a step further into the world of artificial intelligence with the introduction of Windows Copilot, its centralized AI assistant.

  • Docker
     
    SECURITY

Thousands of images on Docker Hub leak auth secrets, private keys

  • Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted on Docker Hub contain confidential secrets, exposing software, online platforms, and users to a massive attack surface.

  • Hand data data leak hacker
     
    SECURITY

Gamaredon hackers start stealing data 30 minutes after a breach

  • Ukraine's Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour.

  • Hacker
     
    SECURITY

Genesis Market infrastructure and inventory sold on hacker forum

  • The administrators of the Genesis Market for stolen credentials announced on a hacker forum that they sold the store and a new owner would get the reins "next month."

VIEW MORE

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more