CyberBulletin


Гео и язык канала: не указан, не указан
Категория: не указана


Stay ahead of the curve with the latest updates in cybersecurity, cyber threats, data breaches, and technology trends.

Связанные каналы  |  Похожие каналы

Гео и язык канала
не указан, не указан
Категория
не указана
Статистика
Фильтр публикаций


⚡Software from Conceptworld trojanized to spread info-stealing malware!

If you downloaded Notezilla, RecentX, or Copywhiz in June, check your systems NOW!


⚡Transparent Tribe launches a new #Android malware campaign, targeting mobile users with CapraRAT #spyware disguised as popular apps.


⚡China-linked hackers are exploiting a zero-day vulnerability in Cisco NX-OS to execute commands as root, undetected, and deliver malware


⚡Fake web browser updates & malicious Google ads are spreading FakeBat #malware via drive-by downloads!

This threat uses MSIX format with digital signatures to evade detection & delivers dangerous payloads like IcedID & RedLine.


⚡A critical OpenSSH flaw (CVE-2024-6387) allows unauthenticated remote code execution on glibc-based Linux systems. 14 million servers at risk.


⚡A South Korean ERP vendor's update server was hacked to deliver a Go-based backdoor dubbed Xctdoor, stealing sensitive business info with keystrokes and screenshots.


⚡Israeli entities are under attack by hackers using public frameworks like Donut and Sliver. The campaign, dubbed "Supposed Grasshopper," is using custom WordPress sites for payload delivery.


⚡ #VULNERABILITIES

Millions of OpenSSH servers could be vulnerable to unauthenticated remote code execution due to a vulnerability tracked as regreSSHion and CVE-2024-6387.


⚡ #VULNERABILITIES

Splunk has patched multiple vulnerabilities in Splunk Enterprise, including high-severity remote code execution bugs.


⚡ #MALWARE & #THREATS

Cisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant.


Google updates Chrome Root Store policies

Google announced changes to its Chrome Root Store policies that will translate into Chrome 127 not trusting TLS server authentication certificates validating to specific Entrust roots with an earliest Signed Certificate Timestamp (SCT) dated after October 31, 2024. Recent patterns of concerning behavior have eroded confidence in Entrust, Google says.


Apple patches AirPods Bluetooth vulnerability

Apple has released AirPods firmware updates to resolve a Bluetooth vulnerability (CVE-2024-27867) that could allow attackers to spoof devices and gain access to a user’s headphones when the headphones are seeking to connect to a previously paired device.


Sensor Net Connect and Thermoscan IP vulnerabilities

Nozomi Networks Labs raises the alarm on seven vulnerabilities in the healthcare industry-tailored Sensor Net Connect device and the accompanying Thermoscan IP desktop application that could be exploited to manipulate system settings, install malware, exfiltrate and manipulate sensitive data, and disrupt healthcare services. The vendor has been notified, but it does not appear to have released any patches.


Chinese shopping app Temu allegedly used for spying

The company behind the Chinese shopping app Temu has been sued by the Arkansas Attorney General. The lawsuit, which describes the application as ‘dangerous malware’, claims Temu can collect a lot of data from the devices it’s installed on, and points to the risks of providing information to a Chinese company. In response, Temu denied the accusations and said the lawsuit is based on inaccurate information. The company will defend itself against the claims.


New Snowblind Android malware

Promon has conducted an analysis of a new Android banking trojan named Snowblind.  Snowblind uses a novel technique to attack Android apps based on a Linux kernel feature. This appears to be the first malware using this attack vector. 


Health sector warned of social engineering and phishing attacks

The FBI, CISA and the HHS have issued a joint security advisory to warn healthcare and public health organizations about attacks involving social engineering and phishing. The social engineering tactics involved calls to the targeted organization’s IT help desk, with the attacker posing as an employee. The goal is to gain access to online accounts and divert ACH payments to bank accounts controlled by the cybercriminals. 


Ollama AI solution affected by remote code execution vulnerability

Ollama, a popular open source project for running AI models, is affected by a remote code execution vulnerability. The flaw is tracked as CVE-2024-37032 and dubbed Probllama. The project’s developers have taken steps to address the issue, but there have been many vulnerable instances exposed to the internet.


South Korean ISP delivered malware to 600,000 users

South Korean ISP KT has been accused of delivering malware to 600,000 customers in an attempt to interfere with BitTorrent traffic. The company was likely trying to ease the burden placed by torrent traffic on its network and save costs. 


Ventura County Credit Union (VCCU) data breach stemming from email hack

An email account hack has led to a data breach at Ventura County Credit Union (VCCU). The incident occurred in late January and the hacked email account stored personal information such as name, Social Security number, and financial account information. The incident impacts nearly 45,000 individuals. In 2022, the same credit union suffered a data breach impacting 82,000 customers and employees.


Levi Strauss credential stuffing attack

Clothing company Levi Strauss is informing 72,000 customers that their passwords have been reset after it detected a credential stuffing attack on their account. Attackers may have obtained information such as name, address, email address, order history, and possibly partial payment card information. 

Показано 20 последних публикаций.

8

подписчиков
Статистика канала