Russian-Aligned Cyber Espionage Campaigns Target Western and Russian Civil Society Entities
Russian-aligned cyber espionage squads Coldriver and Coldwastrel have been conducting a sophisticated spear phishing campaign against Western and Russian civil society entities for two years.
View full story…
Russian-Aligned Cyber Espionage Squads Targeting Non-Profits and Media Organizations in Spear-Phishing Campaign
COLDRIVER and COLDWASTREL, Russian-aligned cyber espionage squads, have been targeting non-profit organizations, independent media, and international NGOs in Eastern Europe, Russia, Europe, and the US through a sophisticated spear-phishing campaign.
View full story…
ValleyRAT Malware Targets Chinese-Speaking Industries with Advanced Techniques
ValleyRAT malware poses a significant threat to Chinese-speaking individuals and industries, utilizing shellcode, sleep obfuscation, XOR encoding, AES-256 decryption, reflective DLL loading, API hashing, and callback procedures to evade detection and control victims.
View full story…
Cybercriminals Exploit Paris 2024 Olympics with Fake Domains and Scams
French authorities report over 140 cyberattacks during the event, with threat actors setting up fake social media accounts, stores, ticketing systems, and launching fraudulent cryptocurrencies.
View full story…
SolarWinds Releases Hotfix for Critical Java Deserialization Vulnerability in Web Help Desk Platform
SolarWinds has released a hotfix to address a critical Java deserialization vulnerability in its Web Help Desk platform, allowing potential attackers to execute commands on the host machine.
View full story…
Latest Cybernews
DDoS Attacks on Android Devices Surge in First Half of 2024
DDoS attacks on Android devices have surged by 46% in the first half of 2024, with the gaming and gambling sector being the most targeted industries.
View full story…
Microsoft Releases Patch Tuesday Update Addressing 90 Security Vulnerabilities
Microsoft’s Patch Tuesday update fixes six zero-day flaws actively exploited across various products and services, including memory corruption in Microsoft Edge and remote code execution issues in Microsoft Project.
View full story…
Critical Vulnerabilities Discovered in Microsoft’s Azure Health Bot Service
Researchers from Tenable uncover security flaws in Azure Health Bot Service, posing risks of unauthorized access and privilege escalation.
View full story…
Phishing Attack Unveils Advanced Infostealer Malware Capabilities
A recent phishing attack reveals a new level of sophistication with infostealer malware targeting sensitive data, showcasing significant advancements in data exfiltration capabilities.
View full story…
Orion SA Discloses $60 Million Loss from BEC Scam
Luxembourg-based chemical manufacturing company Orion SA reveals $60 million loss due to fraudulent banking transfer scheme, suspected to be a Business Email Compromise (BEC) scam.
View full story…
China-Linked APT Group Earth Baku Expands Global Operations, Targets Europe, Middle East, and Africa
Earth Baku, a China-linked APT group, expands global operations targeting countries in Europe, the Middle East, and Africa with sophisticated malware toolsets and post-exploitation tools.
View full story…
Critical Vulnerability in Microsoft Outlook Allows Attackers to Gain Full System Access Through Malicious Email
A critical vulnerability in Microsoft Outlook, identified as CVE-2024-38173, enables attackers to exploit the email preview function and gain full access to a user’s system through a malicious email.
View full story…
Latest Cybernews
Cybersecurity Breach at East Valley Institute of Technology Exposes Personal Data of Over 200,000 Individuals
A cybersecurity incident at EVIT in Arizona on January 9, 2024, resulted in unauthorized access to sensitive data, including student ID numbers, Social Security numbers, and medical records, with the ransomware group LockBit claiming responsibility.
View full story…