The Akira ransomware gang has claimed responsibility for a cybersecurity incident at a British bath bomb merchant. They have stolen 110 GB of data, including personal documents such as passport scans, from the global cosmetics giant.
A financially motivated threat actor based in Latin America is targeting large Mexican companies with custom packaged installers delivering a modified version of AllaKore RAT for financial fraud.
Many apps abuse the background processing feature to transmit device data to their servers, potentially enabling fingerprinting and persistent tracking, which is strictly prohibited in iOS.
The threat actor, known as APT29 or BlueBravo, uses diverse methods including compromised accounts, OAuth applications, and password spraying to gain and maintain access, making traditional indicators of compromise-based detection ineffective.
The National Investor in Abu Dhabi has issued a warning about fraudulent investment schemes misusing its name, logo, and employees’ identities to solicit personal and financial information.
The stolen data includes raw genotype data, health reports, and information from DNA Relatives and Family Tree profiles, potentially exposing personal and ancestral information of affected customers.
Federal authorities warn that a self-hosted version of ConnectWise’s ScreenConnect remote access tool was compromised at a large pharmacy services firm, posing a significant risk to other healthcare organizations.
The vulnerability, tracked as CVE-2023-6933, allows unauthenticated attackers to inject a PHP object, potentially leading to code execution, data access, file manipulation, or denial of service.
A campaign of malicious ads is targeting Chinese-speaking users with lures for popular messaging applications like Telegram and LINE, despite the fact that these apps are heavily restricted or banned in China.
Admins are advised to implement access control lists (ACLs) as a mitigation strategy and evaluate their impact before deployment, while Cisco is not aware of any public announcements or malicious use of the vulnerability.