The threat actor, known as APT29 or BlueBravo, uses diverse methods including compromised accounts, OAuth applications, and password spraying to gain and maintain access, making traditional indicators of compromise-based detection ineffective.
The National Investor in Abu Dhabi has issued a warning about fraudulent investment schemes misusing its name, logo, and employees’ identities to solicit personal and financial information.
The stolen data includes raw genotype data, health reports, and information from DNA Relatives and Family Tree profiles, potentially exposing personal and ancestral information of affected customers.
Federal authorities warn that a self-hosted version of ConnectWise’s ScreenConnect remote access tool was compromised at a large pharmacy services firm, posing a significant risk to other healthcare organizations.
The vulnerability, tracked as CVE-2023-6933, allows unauthenticated attackers to inject a PHP object, potentially leading to code execution, data access, file manipulation, or denial of service.
A campaign of malicious ads is targeting Chinese-speaking users with lures for popular messaging applications like Telegram and LINE, despite the fact that these apps are heavily restricted or banned in China.
Admins are advised to implement access control lists (ACLs) as a mitigation strategy and evaluate their impact before deployment, while Cisco is not aware of any public announcements or malicious use of the vulnerability.
These actors create fake loan apps, obtain personal details through a KYC process, and then extort money by threatening to distribute manipulated photos. The apps exploit minimal permissions to avoid detection.
The number of data compromises in the U.S. reached a record high in 2023, impacting over 353 million victims, with a 78% increase from the previous year, according to the Identity Theft Resource Center’s annual data breach report.
The attacks on transportation, postal services, and energy companies in Ukraine may be part of a larger cyber war between Ukraine and Russia, with previous attacks on telecom and banking sectors.