Alibaba’s T-Head C910 RISC-V CPUs have been found to have serious security flaws by computer security researchers at the CISPA Helmholtz Center for Information Security in Germany.
Symantec’s Threat Hunter Team has observed various espionage operations utilizing cloud services, like the backdoors GoGra and Grager targeting organizations in South Asia, South East Asia, Taiwan, Hong Kong, and Vietnam.
The BlackSuit ransomware group gains access through phishing campaigns, RDP, and vulnerability exploits, using tools like Chisel and Mimikatz for communication and credential theft.
Ronin Network was hacked, resulting in the withdrawal of $12 million by “white hat” hackers who returned the stolen funds. The hackers exploited an undocumented vulnerability on the Ronin bridge, withdrawing 4,000 ETH and 2 million USDC.
A security researcher at SafeBreach demonstrated at the Black Hat 2024 conference that two zero-day vulnerabilities can be exploited in downgrade attacks to revert fully updated Windows systems back to older versions, reintroducing vulnerabilities.
The SEC has closed its investigation into Progress Software’s handling of a zero-day flaw in MOVEit Transfer. Progress Software announced in a recent SEC filing that no enforcement action will be recommended by the Division of Enforcement.
According to Acronis, ransomware remains a top threat for SMBs, especially in critical sectors like government and healthcare, where 10 new ransomware groups conducted 84 cyberattacks globally in Q1 2024.
The U.S. Government Accountability Office is urging the Environmental Protection Agency (EPA) to develop a comprehensive strategy to protect the nation’s drinking and wastewater systems from cyber threats.
NHS software supplier Advanced faces a hefty fine of over £6 million (~$7.6 Million) for failing to protect personal information during a ransomware attack that impacted the National Health Service in the UK.
Rapid7 researchers noted over 2,570 attacks in the first half of 2024, equating to around 14 attacks daily. The number of ransomware groups posting on data leak sites surged 67% compared to the previous year.