Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE
Critical vulnerabilities in Versa Concerto that are still unpatched could allow remote attackers to bypass authentication and execute arbitrary code on affected systems.
Critical Samlify SSO flaw lets attackers log in as admin
A critical Samlify authentication bypass vulnerability has been discovered that allows attackers to impersonate admin users by injecting unsigned malicious assertions into legitimately signed SAML responses.
Russian hackers breach orgs to track aid routes to Ukraine
A Russian state-sponsored cyberespionage campaign attributed to APT28 (Fancy Bear/Forest Blizzard) hackers has been targeting and compromising international organizations since 2022 to disrupt aid efforts to Ukraine.
Lumma infostealer’s infrastructure seized during US, EU, Microsoft operation
A sting involving law enforcement and private sector companies disrupted the Lumma infostealer — malware sold around the globe to cybercriminals and credited for millions of infections.
Nearly 70,000 impacted by Coinbase breach involving $20 million ransom demand
In documents filed with regulators in Maine on Tuesday, Coinbase said the information leaked included details like photos of passports and government IDs, as well as account information such as balances and transaction history.
3AM ransomware uses spoofed IT calls, email bombing to breach networks
A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to corporate systems.
Lumma Stealer toppled by globally coordinated takedown | CyberScoop
Global law enforcement authorities and Microsoft seized or disrupted the prolific infostealer’s central command infrastructure, malicious domains and marketplaces where the malware was sold.
College student to plead guilty to PowerSchool hack
The 19-year-old Assumption College student, Matthew Lane, also was charged Tuesday with hacking and demanding a ransom payment from an unnamed telecommunications company, according to Massachusetts federal prosecutors.
Earlier this month, a coordinated disruption action targeting the Lumma malware-as-a-service (MaaS) information stealer operation seized thousands of domains, part of its infrastructure backbone worldwide.
Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer
Over the past year, Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries. Microsoft, partnering with others across industry and international law enforcement, facilitated the disruption of Lumma infrastructure.