A security flaw in Apple’s Shortcuts app allowed shortcuts to access sensitive data on devices without user consent. The vulnerability, tracked as CVE-2024-23204, was patched by Apple on January 22, 2024.
An advanced phishing campaign targeting the Oil and Gas industry is distributing the Rhadamanthys Stealer, an uncommon and sophisticated Malware-as-a-Service information stealer.
Two Chinese nationals, Haotian Sun and Pengfei Xue, have been found guilty of running a fraudulent scheme targeting Apple. They sent thousands of fake iPhones to Apple for repair, hoping to receive genuine replacements.
The new variant, referred to as LockBit-NG-Dev, was being designed to succeed the most recent LockBit 3.0 iteration, using .NET and CoreRT for cross-platform compatibility.
The group has been involved in deploying ransomware and receiving profits from cyberattacks. The arrest may be a PR move by Russia, and there are speculations about the suspects’ continued operations.
Russian-linked threat actors conducted a multiwave campaign, Operation Texonto, using a combination of pysops and spear-phishing to spread misinformation in Ukraine and target Microsoft 365 credentials across Europe.
The ongoing cyberattack on Change Healthcare has resulted in widespread disruption, affecting patient billing processes, prescription fulfillment, and causing downtime for healthcare professionals.
Researchers spotted a new Migo malware targeting Redis servers to mine cryptocurrency and utilizing system-weakening commands to disable security features. Migo is distributed as a Golang ELF binary, with compile-time obfuscation and the ability to persist on Linux hosts. Organizations are expected to expedite their threat-hunting and investigation processes by leveraging IOCs associated with the […]
On 16th January 2024, the Ubuntu security team released critical security updates addressing several FreeImage vulnerabilities in different Ubuntu releases, including Ubuntu 16.04 and Ubuntu 18.04.
This activity is linked to actors from North Korea targeting Russia. The trojan is being distributed through backdoored software installers and is capable of file transfers and command execution.