An overwhelming majority of Juniper’s SRX firewalls and EX Series switches have been found to be vulnerable to a recently disclosed remote code execution flaw, allowing unauthenticated and remote attackers to execute arbitrary code on the devices.
Sophos has uncovered a highly sophisticated pig butchering scam operation that targets victims through dating apps, using fake trading pools of cryptocurrency to steal over $1 million.
The Android banking trojans Hook and ERMAC, created by DukeEugene, have similar code implementation and capabilities, including keystroke logging, overlay attacks, and credential theft from over 700 apps, with Hook having additional functionalities such as device control and address replacement, and the majority of their command-and-control servers located in Russia, while a China-nexus threat actor has been linked to an Android spyware campaign targeting South Korean users, and an Israeli spyware company called Insanet has developed a product called Sherlock that infects devices via online advertisements to collect sensitive data.
Retool, a software development company, reveals a social engineering attack that affected 27 of its cloud customers, highlighting the importance of robust security measures in the face of evolving cyber threats.
LockBit ransomware, also known as “LockBit 3.0,” poses a significant threat to organizations worldwide by encrypting files and demanding ransom, with recent attacks targeting big organizations and exploiting Windows Defender and VMWare command lines.
Researchers uncover a cloud-native cryptojacking operation called AMBERSQUID that targets uncommon Amazon Web Services (AWS) offerings, exploiting stolen credentials to deploy malicious Docker images and create roles for running cryptominers, potentially resulting in significant financial losses.
