A significant increase in cyber-attacks utilizing the Remcos Remote Access Trojan has been reported, with new phishing campaigns distributing variants that exploit vulnerabilities and employ sophisticated evasion techniques.
Rizwan Manjra, a car insurance employee, was sentenced to a suspended six-month prison term for unlawfully accessing over 32,000 personal policies and sharing sensitive information.
A critical zero-day vulnerability in Cleo’s file transfer software, CVE-2024-50623, allows unauthenticated remote code execution and has been exploited by the Termite ransomware group, affecting numerous organizations across various sectors.
A critical vulnerability in the WPForms plugin, tracked as CVE-2024-11205, allows authenticated users to execute unauthorized payment refunds and cancel subscriptions, impacting over three million websites still using vulnerable versions.
The United States has imposed sanctions on Sichuan Silence Information Technology Company and its employee Guan Tianfeng in response to a significant cyberattack that compromised global computer firewalls, including critical infrastructure in the US.
A critical security flaw, dubbed “AuthQuake,” in Microsoft Azure’s Multi-Factor Authentication system has potentially allowed unauthorized access to over 400 million Microsoft 365 accounts, enabling cybercriminals to bypass protections with minimal effort.
