Migo disables security defenses on Redis servers, sets up keys for SSH access, and deploys a modified rootkit to hide processes and artifacts, resembling tactics used by known cryptojacking groups.
VMware has urged users to uninstall the deprecated Enhanced Authentication Plugin (EAP) due to the discovery of critical security flaws, including an arbitrary authentication relay bug and a session hijack flaw.
The attack takes advantage of security flaws in wireless charging systems, allowing attackers to manipulate the charger’s voltage and interfere with the communication between the charger and the smartphone.
Google Cloud Run is being exploited by threat actors to distribute banking trojans, with a significant increase in malicious email campaigns observed since September 2023 targeting victims in Latin America, Europe, and North America.
A former council worker has been cautioned by police for taking 79,000 residents’ email addresses from a database to promote a business unrelated to the council. Another database from Warwick District Council was also affected.
ConnectWise has released software updates to address two critical security flaws in its ScreenConnect remote desktop and access software. The vulnerabilities could allow remote code execution and unauthorized access to restricted directories.
The CVE-2024-21410 vulnerability allows remote unauthenticated actors to perform NTLM relay attacks, potentially leading to unauthorized access to confidential data and network exploitation.
Ukrainian authorities and cybersecurity agencies attributed the attack to Russian threat actors and described it as part of Russia’s “information warfare” against Ukraine.
The German federal intelligence agency and South Korea’s National Intelligence Service have issued a joint advisory warning about ongoing cyber-espionage operations targeting the global defense sector on behalf of North Korea.
The breach resulted from a system overload caused by incorrect mapping of device IDs, which was attributed to a third-party caching client library recently integrated into Wyze’s system.