Month: July 2024

by Chris H Chris H No Comments

Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild

Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild.
The vulnerability, tracked as CVE-2023-45249 (CVSS score: 9.8), concerns a case of remote code execution that stems from the use of default passwords.
The flaw impacts the following versions of Acronis Cyber Infrastructure (ACI) –

&

by Chris H Chris H No Comments

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country.
Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps with names such as Andariel, Nickel Hyatt,
by Chris H Chris H No Comments

Chinese Hackers Target Taiwan and US NGO with MgBot Malware

Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using an upgraded set of malware tools.
The campaign is a sign that the group “also engages in internal espionage,” Symantec’s Threat Hunter Team, part of Broadcom, said in a new report published today. “In the attack on
by Chris H Chris H No Comments

Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware

Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix.
The attack chains involve distributing a ZIP archive file named “crowdstrike-hotfix.zip,”
by Chris H Chris H No Comments

North Korean Hackers Update BeaverTail Malware to Target MacOS Users

Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People’s Republic of Korea (DPRK) have delivered as part of prior cyber espionage campaigns targeting job seekers.
The artifact in question is an Apple macOS disk image (DMG) file named “MiroTalk.dmg” that mimics the legitimate video call service of the same name,
by Chris H Chris H No Comments

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware.
Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities.
Initial access to the target
Top