Three Twitter accounts that appear to have links to the Chinese government have been spreading propaganda in Latin America and successfully avoided Twitter’s efforts to label state media, researchers said in an analysis published Tuesday.
Businesses in the Latin American region are facing a new threat from a sophisticated malicious campaign distributing the TOITOIN trojan. Moreover, the campaign uses Amazon EC2 instances to evade domain-based detections. It is crucial for organizations to maintain a high level of vigilance against evolving malware campaigns.
Security researchers uncovered a new campaign by Charming Kitten (APT42) targeting Windows and macOS systems using different malware payloads. A new type of malware called NokNok, is specifically used for targeting macOS systems. For Windows, adversaries leverage PowerShell code and an LNK file to drop the GorjolEcho backdoor from a cloud hosting provider.
Oxeye has uncovered two critical security vulnerabilities and recommends immediate action to mitigate risk. The vulnerabilities were discovered in Owncast (CVE-2023-3188) and EaseProbe (CVE-2023-33967), two open-source platforms written in Go.
In a website notice, HCA confirmed that the data includes “information used for email messages, such as reminders that patients may wish to schedule an appointment and education on healthcare programs and services.”
The attackers imitated the W4SP attack group by using custom entry points and leveraging free file hosting services to remain undetected during the installation or execution process.
The Australian infrastructure services provider Ventia is dealing with a cyberattack that began this weekend. On Saturday, the company said it identified a cyber intrusion and took some “key systems” offline to contain the incident.
Cloud environments continue to be at the receiving end of an ongoing advanced attack campaign dubbed SCARLETEEL, with the threat actors now setting their sights on Amazon Web Services (AWS) Fargate.
The tools cost between $700-$1000 and are currently designed for Android-based devices. The authors behind both tools recommend using OnePlus devices to deploy mobile anti-detect or may ship ready-to-use devices with pre-configured packages.
Staff at one of the UK’s largest hospital groups have spent a nervous week wondering if private data, stolen from their employer’s IT systems by a ransomware gang, is going to be splurged online after a deadline to prevent publication passed.