Octo Tempest, a financially motivated threat group known for extensive social engineering campaigns and SIM-swapping techniques, has become a major concern for businesses worldwide. It has been affiliated with ALPHV/BlackCat and began deploying ransomware payloads as well. Given Octo Tempest’s relentless evolution and aggressive approach, organizations must be proactive in their defense strategies.

The vulnerability arises from an unauthenticated buffer-related flaw in Citrix devices, which can be exploited to gain unrestricted access to the appliances and potentially hijack user accounts.

The Science, Innovation and Technology Committee will oversee the inquiry, alarmed at the proliferation of state and non-state actors using offensive cyber capabilities against UK organizations.

This breach raises concerns about the security and privacy of Airbnb’s user base, as the stolen data can be used for malicious purposes such as identity theft and phishing.

The breach was caused by a vulnerability in Fiserv’s MOVEit managed file transfer application. Fiserv has patched the vulnerability, and the bank is monitoring for unusual activity.

VMware has released security updates to address a critical vulnerability in their vCenter Server software. The flaw, known as CVE-2023-34048, allows for remote code execution and is of critical severity (CVSS score: 9.8).

The threat actor attempts to disguise their origin by hosting infrastructure in Azerbaijan and using the Azerbaijani language in their operations, despite not being fluent in Azerbaijani.

Smokeloader malware is a highly complex tool that can perform various malicious functions, such as stealing credentials and executing DDoS attacks, with prices ranging from $400 to $1,650 depending on the package.

The breach, which occurred on August 7, 2023, was discovered a day later and the cybercriminals were removed from CoinFlip’s systems with the assistance of their IT team.

The vulnerability, assigned CVE-2023-5631, allowed attackers to execute arbitrary JavaScript code in the context of a Roundcube user’s browser window through a specially crafted email.