The US authorities have released a new industrial control systems (ICS) alert urging impacted organizations to patch key middleware or risk denial of service and remote code execution attacks.
Cring ransomware actors are actively exploiting older vulnerabilities in ColdFusion servers and Fortigate VPNs to cripple industrial organizations. The Cring hackers have been linked with hackers in Belarus and Ukraine who used automated tools to break into the servers.
A report by Cyware, Ivanti, and Cyber Security Works noted a 4.5% rise in CVEs associated with ransomware, with a 3.4% rise in ransomware families exploiting those. The total count of older vulnerabilities is now 258, which is 92.4% of all vulnerabilities related to ransomware. Organizations are advised to adopt automated patching solutions and intel […]
Hacking groups jailbreak PlayStation5 kernel to steal root keys, which hackers can abuse to reverse engineer codes and create customized firmware. Fail0verflow is a group that susually hacks into game consoles. Until there is a complete fix to this loophole by the manufacturer, gamers must watch out for malicious threats exploiting it to infect their devices.
Trend Micro revealed hacker-for-hire Void Balaur group has been active since the mid-2010s and has claimed victims across sectors, while also targeting activists, journalists, and other leaders. It also constantly looks for access to cryptocurrency wallets of various exchange services. Experts suggest securing sensitive data and adhering to adequate data protection measures.
Hackers are abusing the AppInstaller feature of Microsoft Windows 10 to target victims. Sophos Labs came to know about it after its own employees were targeted via spam emails. Organizations and security software vendors are suggested to have adequate defenses in palace to detect and stop such attacks.
The Pysa ransomware group dumped dozens of victims onto their leak site this week right after US law enforcement officials announced a range of actions taken against ransomware groups.
Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans. As per Microsoft, it is being increasingly used by threat actors to evade detection, including the Nobelium hacking group.
Ransomware gangs have increasingly focused on high-profile targets like large corporations and government institutions in the past year, according to Europol’s Internet Organised Crime Threat Assessment (IOCTA) 2021.
Costco has sent out breach notification letters to an unknown number of victims after multiple people took to social media to complain about fraudulent charges connected to the company.