The city of Gondomar in Portugal and the Dominican Republic’s Migration Agency have been targeted by the Rhysida ransomware gang, causing disruptions in services and potential data theft.
The stolen voter records include personal details such as names, registration IDs, partial Social Security numbers, driver’s license numbers, and contact information, raising concerns about potential identity theft and privacy risks.
The Balada Injector gang is actively exploiting vulnerabilities in tagDiv premium themes, such as the recently disclosed Unauthenticated Stored XSS vulnerability, to inject malware into websites.
The Meeting Owl vulnerabilities, discovered by researchers at Modzero, include encryption flaws, hardcoded credentials, and authentication issues, which could potentially allow attackers to take control of the device.
The median dwell time, or the time between initial access and deployment of ransomware, has significantly decreased from 4.5 days to as little as five hours, indicating cybercriminals’ desire for lower detection risk, as per a Secureworks report.
Proof-of-concept exploits for this vulnerability have already been published, posing a significant threat to systems running the latest releases of popular Linux platforms.
The data breach involved impersonation tactics and phishing traps on instant messaging platforms, highlighting the importance of verifying URLs and avoiding unknown sources.
The attack highlights the ongoing vulnerability of courts in the US to various types of cyber threats, including ransomware campaigns, data leaks, and distributed denial-of-service attacks.
Semiconductor companies in East Asia are being targeted by a China-linked threat actor using a backdoor called HyperBro to deploy Cobalt Strike beacons. The attack chain includes the use of social engineering techniques, such as decoy PDF documents.
The data obtained by the attacker may include personal information, genetic ancestry results, and potential relatives’ details of 23andMe customers who opted-in to the “DNA Relatives” service.