Ivanti warns of three more CSA zero-days exploited in attacks
American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.
cyberveille.decio.ch
Ukraine Claims Cyberattack Blocked Russian State TV Online on Putin’s Birthday
Ukrainian hackers carried out a cyberattack that took down online broadcasts of Russian state television and radio channels on Monday, according to an official in Kyiv with knowledge of the operation. #A #Dmitry #Emerging #Europe #Infrastructure #Markets #Media #Peskov #Putin #Radio #Russia #Ukraine #Vladimir #business #cybersecni #cybersecurity #politics #technology
The 30-year-old internet backdoor law that came back to bite
China reportedly hacked the wiretap systems required by U.S. internet providers under a 1994 U.S. wiretapping law.
Mamba 2FA: A new contender in the AiTM phishing ecosystem - Sekoia.io Blog
Discover Mamba 2FA, a previously unknown adversary-in-the-middle (AiTM) phishing kit and sold as phishing-as-a-service (PhaaS).
New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries
New Gorilla botnet launches over 300,000 DDoS attacks globally, exploiting IoT devices and Apache Hadoop flaws.
Cyber Cops Stopped 500 Ransomware Hacks Since 2021, DHS Says - Bloomberg
Homeland Security Investigations is stopping hacks before they occur.
GTA 6 Hacker Arion Kurtaj Became a Legend Attacking Companies. Then His Rivals Attacked Him
The City of London Police had put the teenage boy in the suburban Travelodge to protect him. They even set up a code with him and his mom to signal it was safe to open the door: “Lucky lucky.” Then they grew suspicious. The teen had a history with the police. It was September 2022, and 17-year-old Arion Kurtaj had been arrested twice earlier that year for his alleged role in a hacking group that stole data and demanded ransoms from some of the world’s biggest tech companies. Kurtaj, who is autistic, was released both times. The second time, that March, he had been let go under the condition that he stay offline.
Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
14 new DrayTek router vulnerabilities, including critical flaws, could allow attackers to take control. Patch now
perfctl: A Stealthy Malware Targeting Millions of Linux Servers
Perfctl is particularly elusive and persistent malware employing several sophisticated techniques
Arrests in international operation targeting cybercriminals in West Africa
Eight individuals have been arrested as part of an ongoing international crackdown on cybercrime, dealing a major blow to criminal operations in Côte d’Ivoire and Nigeria. The arrests were made as part of INTERPOL’s Operation Contender 2.0, an initiative aimed at combating cyber-enabled crimes, primarily in West Africa, through enhanced international intelligence sharing. Phishing scam targets Swiss citizens In Côte d’Ivoire authorities dismantled a large-scale phishing scam, thanks to a collaborative effort with Swiss police and INTERPOL.
A Single Cloud Compromise Can Feed an Army of AI Sex Bots
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which…
DOJ, Microsoft seize more than 100 domains used by the FSB
The simultaneous actions targeted the Star Blizzard espionage operation, which targeted government and civil society around the world.
Further Evil Corp cyber criminals exposed, one unmasked as LockBit affiliate - National Crime Agency
Sixteen individuals who were part of Evil Corp, once believed to be the most significant cybercrime threat in the world, have been sanctioned in the UK, with their links to the Russian state and other prolific ransomware groups, including LockBit, exposed. Sanctions have also been imposed by Australia and the US, who have unsealed an indictment against a key member of the group.
How the FBI and Mandiant caught a 'serial hacker' who tried to fake his own death
Jesse Kipf was a prolific hacker who sold access to systems he hacked, had contacts with a notorious cybercrime gang, and tried to use his hacking skills to get off the grid for good.
U.S. Wiretap Systems Targeted in China-Linked Hack
AT&T and Verizon are among the broadband providers that were breached
Apple fixes password-blurting VoiceOver bug
Not a great look when the iGiant just launched its first password manager
Cyble Honeypot Sensors Detect WordPress Plugin Attack, New Banking Trojan
WordPress plugins are under active attack, a new banking trojan is spreading, and phishing and brute-force attacks continue unabated.
Rackspace systems hit by zero-day exploit of third-party app • The Register
Intruders accessed machines via tool bundled with ScienceLogic, 'limited' info taken, customers told not to worry
Patch for Critical CUPS vulnerability: Don't Panic - SANS Internet Storm Center
Patch for Critical CUPS vulnerability: Don't Panic, Author: Johannes Ullrich
Recently patched CUPS flaw can be used to amplify DDoS attacks
A recently disclosed vulnerability in the Common Unix Printing System (CUPS) open-source printing system can be exploited by threat actors to launch distributed denial-of-service (DDoS) attacks with a 600x amplification factor.
Dutch Police: ‘State actor’ likely behind recent data breach
The national Dutch police (Politie) says that a state actor was likely behind the data breach it detected last week.
A Measure of Motive: How Attackers Weaponize Digital Analytics Tools | Google Cloud Blog
Digital analytics tools are useful, but can also be used for malicious purposes. Digital analytics tools are vital components of the vast domain that is modern cyberspace. From system administrators managing traffic load balancers to marketers and advertisers working to deliver relevant content to their brand’s biggest fan base, tools like link shorteners, location trackers, CAPTCHAs, and digital advertising platforms each play their part in making information universally accessible and useful to all.
Over 300,000! GorillaBot: The New King of DDoS Attacks
Explore the emergence of Gorilla Botnet, its DDoS tactics, global impact, and sophisticated evasion techniques.
Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps
Web performance and security firm Cloudflare recently mitigated another record-breaking DDoS attack. According to Matthew Prince, the company’s CEO, the attack peaked at 3.8 terabits per second (Tbps) and 2.14 billion packets per second (Pps). The attack was aimed at an unidentified customer of an unnamed hosting provider that uses Cloudflare services.
US senator targeted by deepfake caller posing as Ukrainian diplomat | US politics | The Guardian
FBI investigating call in which AI appearing to be Dmytro Kuleba asked Ben Cardin ‘politically charged questions’
Multiple Vulnerabilities Discovered in PHP, Prompting Urgent Security Updates
Stay updated on the latest PHP vulnerability advisory. Learn about the potential log tampering, file inclusion, and data integrity violations.
Event Log Talks a Lot: Identifying Human-operated Ransomware through Windows Event Logs - JPCERT/CC Eyes
The difficult part of the initial response to a human-operated ransomware attack is identifying the attack vector. You may already know from recent security incident trends that the vulnerabilities of VPN devices are likely to be exploited, but it often...
Agence France-Presse says cyberattack targeted IT systems
Agence France-Presse, known by most as AFP, said the attack affected “part of its delivery service to clients.”
Crucial Texas hospital system turning ambulances away after ransomware attack
One of the largest hospitals in West Texas has been forced to divert ambulances after a ransomware attack shut down many of its systems last Thursday. The University Medical Center Health System in Lubbock confirmed on Friday that IT outages are being caused by a ransomware incident.
LockBit power cut: four new arrests and financial sanctions against affiliates | Europol
These are some of the results of the third phase of Operation Cronos, a long-running collective effort of law enforcement authorities from 12 countries, Europol and Eurojust, who joined forces to effectively disrupt at all levels the criminal operations of the LockBit ransomware group. These actions follow the massive disruption of LockBit infrastructure in February 2024, as well as the large series of sanctions and operational actions that took place against LockBit administrators in May and subsequent months. Between 2021 and 2023, LockBit was the most widely employed ransomware variant globally with a notable number of victims claimed on its data leak site. Lockbit operated on the ransom as a service model. The core group sold access to affiliates and received portions of the collected ransom payments. Entities deploying LockBit ransomware attacks had targeted organisations of various sizes spanning critical infrastructure sectors such as financial services, food and agriculture, education, energy, government and emergency services, healthcare, manufacturing and transportation. Reflecting the considerable number of independent affiliates involved, LockBit ransomware attacks display significant variation in observed tactics, techniques and procedures. #2024 #EN #Eurojust #LockBit #busted #disrupt #europol