The attack targeted the Janet Network, used by several UK universities, and was claimed by the hacktivist group Anonymous Sudan. This incident reflects a growing trend of cyberattacks against UK institutions.
The alleged source code for the third iteration of the Knight ransomware is being offered for sale to a single buyer on a hacker forum, indicating a potential shift in the group’s operations.
Security researchers have identified a rising trend of cryptocurrency counterfeiting targeting Fortune 100 companies, involving the creation of tokens impersonating major brands, government bodies, and national fiat currencies.
Migo disables security defenses on Redis servers, sets up keys for SSH access, and deploys a modified rootkit to hide processes and artifacts, resembling tactics used by known cryptojacking groups.
VMware has urged users to uninstall the deprecated Enhanced Authentication Plugin (EAP) due to the discovery of critical security flaws, including an arbitrary authentication relay bug and a session hijack flaw.
The attack takes advantage of security flaws in wireless charging systems, allowing attackers to manipulate the charger’s voltage and interfere with the communication between the charger and the smartphone.
Google Cloud Run is being exploited by threat actors to distribute banking trojans, with a significant increase in malicious email campaigns observed since September 2023 targeting victims in Latin America, Europe, and North America.
A former council worker has been cautioned by police for taking 79,000 residents’ email addresses from a database to promote a business unrelated to the council. Another database from Warwick District Council was also affected.
ConnectWise has released software updates to address two critical security flaws in its ScreenConnect remote desktop and access software. The vulnerabilities could allow remote code execution and unauthorized access to restricted directories.
The CVE-2024-21410 vulnerability allows remote unauthenticated actors to perform NTLM relay attacks, potentially leading to unauthorized access to confidential data and network exploitation.