The malware’s driver was signed by Microsoft but attributed to a suspicious Chinese company, Hubei Dunwang Network Technology Co., Ltd. The company exploited Microsoft’s driver code-signing requirements to obtain an Extended Verification certificate.

The Cybersecurity and Infrastructure Security Agency (CISA) has appointed new leaders to its cybersecurity division and stakeholder engagement role to enhance national cyber defenses and foster collaboration between the public and private sectors.

APT41, a China-based hacking group, has targeted organizations in shipping, logistics, media, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. since 2023.

The attacks, linked to a group called OilAlpha, involved malicious mobile apps and targeted CARE International, Norwegian Refugee Council (NRC), and Saudi Arabian King Salman Humanitarian Aid and Relief Centre.

The Play ransomware group has introduced a Linux variant that targets ESXi environments. This variant verifies its environment before executing and has been successful in evading security measures.

Indian crypto exchange WazirX disclosed a loss of virtual assets worth more than $230 million due to a cyber attack linked to North Korea. The attack targeted a multi-signature wallet with six signatories, leading to a breach in security measures.

The number of US data breach victims in Q2 2024 increased annually by over 1000%, despite a 12% decrease in the actual number of incidents in those three months, according to the Identity Theft Resource Center (ITRC).

According to Crunchbase data, cybersecurity funding reached a two-year high in Q2 of 2024, with venture capitalists investing $4.4 billion in startups, the strongest quarter since 2022. This marked a 144% increase from the previous year.

This new class of HTTP Request Smuggling vulnerabilities poses a significant risk to thousands of websites, including those protected by Google’s Load Balancer and Identity-Aware Proxy (IAP).

A critical vulnerability (CVE-2024-36991) in Splunk Enterprise on Windows is considered more severe than initially thought, allowing attackers to grab passwords. Various proof-of-concept exploits have been published.