Threat Hub
Cyber Latest
| Source | Title | Description | Link |
|---|---|---|---|
| RecordedFuture | House sets up debate on Section 702 bill, along with votes on proposed changes | The House Rules Committee has paved the way for floor debate on revised legislation to reauthorize a controversial surveillance program, breaking a months-long stalemate among Republican lawmakers just days before the law is due to expire. The panel voted 9-2 on Tuesday night in favor of a rule for debate on a measure to... | Link |
| RecordedFuture | LG releases updates for vulnerabilities that could allow hackers to gain access to TVs | Four new vulnerabilities affecting thousands of LG TVs have been found by researchers who said the issues could allow hackers to add themselves as users and take other actions. Researchers from cybersecurity firm Bitdefender said the bugs — three of which carry a 9.1 out 10 severity rating — center on LG WebOS, the... | Link |
| RecordedFuture | Congress prepares for FISA Round 3 | The U.S. House next week will try — for the third time — to renew powerful spying authorities that are slated to expire in a matter of days, though there’s nothing to indicate the latest push won’t end in failure like the first two attempts. The House Rules Committee announced on Friday that the... | Link |
| RecordedFuture | Ivanti pledges security overhaul after multiple government breaches | Ivanti announced wholesale changes to how it approaches cybersecurity after multiple governments sourced recent breaches back to vulnerabilities in the company’s products. Ivanti CEO Jeff Abbott published an open letter and 6-minute video to customers pledging overhaul how the technology-management company builds its products and how it communicates with customers about vulnerabilities. “Events in... | Link |
| RecordedFuture | Automakers and FCC square off over potential regulations for connected cars | Car manufacturers and the Federal Communications Commission (FCC) are gearing up for a potential fight over whether connected cars should be regulated as small pieces of telecom infrastructure — a decision that would have vast implications for how vehicles handle consumer data. In recent letters obtained by Recorded Future News, automotive companies pushed back... | Link |
| RecordedFuture | Romania-linked ‘Rubycarp’ hackers look for cryptomining, phishing DDoS opportunities | A suspected Romanian cybercrime group remains active after more than a decade of operation and currently specializes in cryptomining, phishing campaigns and DDoS attacks, according to cybersecurity researchers. The group, labeled Rubycarp, may be related to another alleged Romanian threat actor with similar activities called Outlaw, said analysts from the Sysdig Threat Research Team.... | Link |
| RecordedFuture | Prominent US senator sees new momentum for healthcare cybersecurity push | As U.S. hospitals struggle to pay their employees amid a cyberattack that knocked out a major payment vendor, a powerful Democratic senator is seizing the moment to push for better security in the sorely vulnerable healthcare sector. Sen. Mark Warner (D-VA) has introduced legislation that would require hospitals and their technology vendors to implement... | Link |
| RecordedFuture | LG releases updates for vulnerabilities that could allow hackers to gain access to TVs | Four new vulnerabilities affecting thousands of LG TVs have been found by researchers who said the issues could allow hackers to add themselves as users and take other actions. Researchers from cybersecurity firm Bitdefender said the bugs — three of which carry a 9.1 out 10 severity rating — center on LG WebOS, the... | Link |
| RecordedFuture | German database company Genios confirms ransomware attack | GBI Genios, a database company used by numerous media organizations in Germany, announced on Tuesday its servers were unavailable “due to a massive hacker attack.” In a post on LinkedIn, Genios said the incident was a ransomware attack and cautioned, “unfortunately we have to assume an outage for several days.” “Our communication options are... | Link |
| RecordedFuture | Researchers discover new ransomware gang ‘Muliaka’ attacking Russian businesses | A previously unknown ransomware gang has been attacking Russian businesses with malware based on the leaked source code from the Conti hacking group. The gang, which researchers at the Moscow-based cybersecurity company F.A.C.C.T. have dubbed “Muliaka," or Muddy Water in English, has left minimal traces from its attacks but has likely been active since... | Link |
| RecordedFuture | Chinese hackers are using AI to inflame social tensions in US, Microsoft says | Beijing-linked influence operations have begun to use generative artificial intelligence to amplify controversial domestic issues in places like the U.S. and Taiwan, according to new research. The campaigns mainly used the technology to create visual content designed to spark conflict ahead of elections, a report published by Microsoft on Thursday found. AI-generated audio clips... | Link |
| RecordedFuture | ‘An attack on the reputation of Palau’: officials question who was really behind ransomware incident | Government employees on the island of Palau came into work on March 14 and booted up their computers like any other day. But when the Windows screens wouldn’t load they called up IT. They quickly discovered two separate ransom notes: one on a sheet of paper in the printer from the LockBit ransomware gang... | Link |
| RecordedFuture | Ukraine gathers evidence to prosecute hackers behind Kyivstar attack in Hague | The Ukrainian state security service (SBU) has announced that it’s building a case to prosecute Russian hackers who attacked Ukraine’s biggest telecom operator, Kyivstar, at the International Criminal Court in The Hague. "War criminals should be tried at the international level," said Illia Vitiyuk, the head of the department’s cyber unit, in a recent... | Link |
| RecordedFuture | DHS blames ‘cascade of security failures at Microsoft’ for China hack on US government | Microsoft still does not have a full understanding of how alleged Chinese government hackers breached its systems and accessed the emails of senior U.S. government leaders, according to a review by the Department of Homeland Security. In a 34-page report conducted by the Cyber Safety Review Board (CSRB), U.S. officials concluded that Chinese hackers,... | Link |
| RecordedFuture | Wagner-linked influence operations remain active after leader’s death | Russian influence operations linked to the notorious leader of the Wagner Group mercenary troops, Yevgeniy Prigozhin, remain active months after his death, according to new research. Prigozhin’s media empire, best known for its disinformation campaigns during the 2016 U.S. presidential election, continues to target audiences in Europe, the U.S., Ukraine and inside Russia, according... | Link |
News Articles
| Source | Title | Link |
|---|---|---|
| ProofPoint | From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering | Link |
| ProofPoint | Security Brief: TA547 Targets German Organizations with Rhadamanthys Stealer | Link |
| ProofPoint | Latrodectus: This Spider Bytes Like Ice | Link |
| ProofPoint | Community Alert: Ongoing Malicious Campaign Impacting Microsoft Azure Cloud Environments | Link |
| ProofPoint | Community Alert: Ongoing Malicious Campaign Impacting Microsoft Azure Cloud Environments | Link |
| ProofPoint | Community Alert: Ongoing Malicious Campaign Impacting Microsoft Azure Cloud Environments | Link |
| ProofPoint | Community Alert: Ongoing Malicious Campaign Impacting Microsoft Azure Cloud Environments | Link |
| Security Week | Hackers Compromised Dropbox eSignature Service | Link |
| Security Week | Kaiser Permanente Data Breach Impacts 13.4 Million Patients | Link |
| Security Week | Collection Agency FBCS Says Data Breach Exposed Nearly 2 million People | Link |
| Security Week | UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack | Link |
| Security Week | Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor | Link |
| Security Week | 180k Impacted by Data Breach at Michigan Healthcare Organization | Link |
| Security Week | Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare | Link |
| Security Week | Omni Hotels Says Personal Information Stolen in Ransomware Attack | Link |
| Security Week | Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs | Link |
| Security Week | US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft | Link |
| Security Week | Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets | Link |
| Security Week | AT&T Data Breach Update: 51 Million Customers Impacted | Link |
| Security Week | Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report | Link |
| Security Week | US Says North Korean Hackers Exploiting Weak DMARC Settings | Link |
| Security Week | CISO Conversations: LinkedIn’s Geoff Belknap and Meta’s Guy Rosen | Link |
| Security Week | UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike | Link |
| Security Week | Vulnerability in R Programming Language Could Fuel Supply Chain Attacks | Link |
| Security Week | CISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical Infrastructure | Link |
| Security Week | Okta Warns of Credential Stuffing Attacks Using Tor, Residential Proxies | Link |
| Security Week | French Cyberwarriors Ready to Test Their Defense Against Hackers and Malware During the Olympics | Link |
| Security Week | German Foreign Minister Says Russia will Face Consequences for Monthslong Cyber Espionage | Link |
| Security Week | LayerX Raises $26 Million for Browser Security Platform | Link |
| Security Week | US Says North Korean Hackers Exploiting Weak DMARC Settings | Link |
| Security Week | In Other News: Locked Shields 2024, Data Exposure Bugs, NVIDIA Patches | Link |
| Security Week | Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals | Link |
| Security Week | CISA, FBI Urge Organizations to Eliminate Path Traversal Vulnerabilities | Link |
| macOS Adload | Prolific Adware Pivots Just Days After Apple’s XProtect Clampdown | Link | |
| SentinelOne | Ransomware Evolution | How Cheated Affiliates Are Recycling Victim Data for Profit | Link |
| SentinelOne | XZ Utils Backdoor | Threat Actor Planned to Inject Further Vulnerabilities | Link |
| SentinelOne | February 2024 Cybercrime Update | Commercial Spyware, AI-Driven APTs & Flawed RMMs | Link |
| SentinelOne | Kryptina RaaS | From Underground Commodity to Open Source Threat | Link |
| SentinelOne | Backdoor Activator Malware Running Rife Through Torrents of macOS Apps | Link |
| SentinelOne | January 2024 Cybercrime Update | Exploitation of Known CVEs, Crypto Drainers & Ransomware Updates | Link |
| SentinelOne | Terminator EDR Killer (Spyboy) | Detecting and Preventing a Windows BYOVD Attack | Link |
| SentinelOne | The Rise of Drainer-as-a-Service | Understanding DaaS | Link |
| SentinelOne | The Many Faces of Undetected macOS InfoStealers | KeySteal, Atomic & CherryPie Continue to Adapt | Link |
| SentinelOne | macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks | Link |
| Tenable | CVE-2024-20353, CVE-2024-20359: Frequently Asked Questions About ArcaneDoor | Link |
| Tenable | CVE-2024-4040: CrushFTP Virtual File System (VFS) Sandbox Escape Vulnerability Exploited | Link |
| Tenable | Oracle April 2024 Critical Patch Update Addresses 239 CVEs | Link |
| Tenable | CVE-2024-3400: Zero-Day Vulnerability in Palo Alto Networks PAN-OS GlobalProtect Gateway Exploited in the Wild | Link |
| Tenable | Microsoft’s April 2024 Patch Tuesday Addresses 147 CVEs (CVE-2024-29988) | Link |
| Tenable | Frequently Asked Questions About CVE-2024-3094, A Backdoor in XZ Utils | Link |
| Tenable | CVE-2023-48788: Critical Fortinet FortiClientEMS SQL Injection Vulnerability | Link |
| Tenable | Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407) | Link |
| Tenable | CVE-2024-27198, CVE-2024-27199: Two Authentication Bypass Vulnerabilities in JetBrains TeamCity | Link |
| Tenable | Frequently Asked Questions about ScreenConnect Vulnerabilities | Link |
| Tenable | Pig Butchering Scam: From Tinder and TikTok to WhatsApp and Telegram, How Scammers Are Stealing Millions in a Long Con | Link |
| Tenable | Pig Butchering Scam: How Bitcoin, Ethereum, Litecoin and Spot Gold (XAUUSD) Investments Are Used in Romance Scams to Steal Hundreds of Millions | Link |
| ReSecurity | Misinformation and Hacktivist Campaigns Target the Philippines Amidst Rising Tensions with China | Link |
| ReSecurity | The New Version of JsOutProx is Attacking Financial Institutions in APAC and MENA via GitLab Abuse | Link |
| ReSecurity | Cybercriminals Transform Raspberry Pi into a Tool for Fraud and Anonymization: GEOBOX Discovery | Link |
| ReSecurity | Cybercriminals Accelerate Online Scams During Ramadan and Eid Fitr | Link |
| ReSecurity | The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats | Link |
| ReSecurity | Cybercriminals Evolve Tooling for Remote Access Compromise | Link |
| ReSecurity | Active Dark Web Intelligence To Aid Mergers and Acquisitions (M&A) | Link |
| ReSecurity | LockBit 3.0’s Bungled Comeback Highlights the Undying Risk of Torrent-Based Data Leakage | Link |
| ReSecurity | Millions of Undetectable Malicious URLs Generated Via the Abuse of Public Cloud and Web 3.0 Services | Link |
| ReSecurity | How BRICS Got "Rug Pulled" – Crypto Counterfeiting is on the Rise | Link |
| ReSecurity | Global Malicious Activity Targeting Elections is Skyrocketing | Link |
| ReSecurity | Following the AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web | Link |
| ReSecurity | Hundreds of network operators’ credentials found circulating in the Dark Web | Link |
| ReSecurity | Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web | Link |
| ReSecurity | Vast Voter Data Leaks Cast Shadow Over Indonesia’s 2024 Presidential Election | Link |
| ReSecurity | Cybercriminals Implemented Artificial Intelligence (AI) for Invoice Fraud | Link |
| ReSecurity | Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data | Link |
| ReSecurity | New Version of Medusa Stealer Released in Dark Web | Link |
| ReSecurity | 2024 Cyber Threat Landscape Forecast | Link |
| ReSecurity | Cybercriminals Impersonate UAE Federal Authority for Identity and Citizenship on the Peak of Holidays Season | Link |
| ReSecurity | Exposing the Cyber-Extortion Trinity - BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign | Link |
| ReSecurity | Hunting Genetics Data - Cyberespionage In The Context Of Geopolitical Conflicts | Link |
| ReSecurity | ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order - LockBit on a Roll | Link |
| ReSecurity | Ransomware Attacks against the Energy Sector on the rise - Nuclear and Oil & Gas are Major Targets in 2024 | Link |
| ReSecurity | PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web | Link |
| ReSecurity | #OpIsrael, #FreePalestine And #OpSaudiArabia - How Cyber-Threat Actors Coordinate PSYOPS Campaigns with Kinetic Military Actions | Link |
| ReSecurity | 'Ransomed.Vc' in the Spotlight - What We Know About The Ransomware Group Targeting Major Japanese Businesses | Link |
| ReSecurity | Smishing Triad Impersonates Emirates Post to Target UAE Citizens | Link |
| ReSecurity | "Smishing Triad" Targeted USPS and US Citizens for Data Theft | Link |
| ReSecurity | Cl0p Ups the Ante with Massive MOVEit Transfer Supply-Chain Exploit | Link |
| ReSecurity | How a Company Can Measure the Maturity of the Dark Web Intelligence Program | Link |
| ReSecurity | How Dark Web research can aid in combating cybercrime leveraging an Infinite Game | Link |
| ReSecurity | Cybercriminals Evolve Antidetect Tooling for Mobile OS-Based Fraud | Link |
| ReSecurity | CyFI: An Essential Paradigm for Financial Crimes Compliance and Risk Management in the 21st Century | Link |
| ReSecurity | STYX Marketplace emerged in Dark Web focused on Financial Fraud | Link |
| ReSecurity | Anti-Money Laundering - Countering Ransomware Financing | Link |
| ReSecurity | Three Key Provisions in the FCC’s New Rule Proposal for Data Breach Reporting | Link |
| ReSecurity | Resecurity Disrupts Investment Scam Network - Digital Smoke | Link |
| ReSecurity | Cyber Attacks on Data Center Organizations | Link |
| ReSecurity | Nevada Ransomware - Waiting For The Next Dark Web Jackpot | Link |
| ReSecurity | Cybersecurity Predictions - 2023 | Link |
| ReSecurity | Dark Web Markets Compete for the Drug Trafficking and Illegal Pharmacy Monopoly | Link |
| ReSecurity | "In The Box" - Mobile Malware Webinjects Marketplace | Link |
| ReSecurity | Resecurity Recognized by Frost & Sullivan as a Leader in the Cyber Threat Intelligence Market | Link |
| ReSecurity | Amidst Rising Tax Refund Fraud, Consumers Need Better Dark Web Intelligence | Link |
| ReSecurity | Crypto-Influencer DeepFakes Are the Cybercriminal Economy’s Latest Business Line | Link |
| ReSecurity | EvilProxy Phishing-as-a-Service with MFA Bypass Emerged in Dark Web | Link |
| ReSecurity | COVID-19 data put for sale in Dark Web | Link |
| ReSecurity | Escanor Malware delivered in Weaponized Microsoft Office Documents | Link |
| ReSecurity | Cybercriminals are targeting law enforcement agencies worldwide | Link |
| ReSecurity | LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities | Link |
| ReSecurity | Vulnerabilities in E-Commerce Solutions - Hunting on Big Apples | Link |
| ReSecurity | Shortcut-based (LNK) attacks delivering malicious code on the rise | Link |
| ReSecurity | BlackCat (aka ALPHV) Ransomware is Increasing Stakes up to $2,5M in Demands | Link |
| ReSecurity | Cybercriminals Use Azure Front Door in Phishing Attacks | Link |
| ReSecurity | Phishing Simulations for Cybersecurity Awareness Training | Link |
| ReSecurity | Applying Cyber Threat Intelligence and the SAMA Framework to Secure Saudi Arabian Financial Institutions | Link |
| ReSecurity | Welcome “Frappo” – The new Phishing-as-a-Service used by Cybercriminals to attack customers of major financial institutions and online-retailers | Link |
| ReSecurity | Phishing-Kit Campaigns Target The Financial Sector in the Kingdom of Saudi Arabia | Link |
| ReSecurity | Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns by Mimicking Government Vendors | Link |
| ReSecurity | Blind SSRF to RCE Vulnerability Exploitation | Link |
| TechCrunch | UnitedHealth data breach should be a wake-up call for the UK and NHS | Link |
| TechCrunch | EU plan to force messaging apps to scan for CSAM risks millions of false positives, experts warn | Link |
| TechCrunch | Google expands passkey support to its Advanced Protection Program ahead of the US presidential election | Link |
| TechCrunch | Digital fraud detection startup BioCatch hits $1.3B valuation as Permira buys majority stake | Link |
| TechCrunch | UnitedHealthcare CEO says ‘maybe a third’ of US citizens were affected by recent hack | Link |
| TechCrunch | UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack | Link |
| TechCrunch | Belgium’s Aikido lands $17M Series A for its ‘no BS’ security platform aimed at developers | Link |
| TechCrunch | US fines telcos $200M for sharing customer location data without consent | Link |
| TechCrunch | SafeBase taps AI to automate software security reviews | Link |
| TechCrunch | Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO | Link |
| TechCrunch | Despite complaints, Apple hasn’t yet removed an obviously fake app pretending to be RockAuto | Link |
| TechCrunch | Thoma Bravo to take UK cybersecurity company Darktrace private in $5B deal | Link |
| TechCrunch | Rubrik’s shares end trading up almost 16% on the company’s public debut | Link |
| TechCrunch | Health insurance giant Kaiser will notify millions of a data breach after sharing patients’ data with advertisers | Link |
| TechCrunch | Ex-NSA hacker and ex-Apple researcher launch startup to protect Apple devices | Link |
| TechCrunch | India’s ICICI Bank exposed thousands of credit cards to ‘wrong’ users | Link |
| TechCrunch | Security bugs in popular phone-tracking app iSharing exposed users’ precise locations | Link |
| TechCrunch | Tines taps $50M to expand its workflow automation beyond security teams | Link |
| TechCrunch | UnitedHealth says Change hackers stole health data on ‘substantial proportion of people in America’ | Link |
| TechCrunch | US government downgrades bug in Chirp Systems app that contained hardcoded password | Link |
| TechCrunch | UnitedHealth data breach should be a wake-up call for the UK and NHS | Link |
| TechCrunch | EU plan to force messaging apps to scan for CSAM risks millions of false positives, experts warn | Link |
| TechCrunch | Google expands passkey support to its Advanced Protection Program ahead of the US presidential election | Link |
| TechCrunch | Digital fraud detection startup BioCatch hits $1.3B valuation as Permira buys majority stake | Link |
| TechCrunch | UnitedHealthcare CEO says ‘maybe a third’ of US citizens were affected by recent hack | Link |
| TechCrunch | UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack | Link |
| TechCrunch | Belgium’s Aikido lands $17M Series A for its ‘no BS’ security platform aimed at developers | Link |
| TechCrunch | US fines telcos $200M for sharing customer location data without consent | Link |
| TechCrunch | SafeBase taps AI to automate software security reviews | Link |
| TechCrunch | Change Healthcare hackers broke in using stolen credentials — and no MFA, says UHG CEO | Link |
| TechCrunch | Despite complaints, Apple hasn’t yet removed an obviously fake app pretending to be RockAuto | Link |
| TechCrunch | Thoma Bravo to take UK cybersecurity company Darktrace private in $5B deal | Link |
| TechCrunch | Rubrik’s shares end trading up almost 16% on the company’s public debut | Link |
| TechCrunch | Health insurance giant Kaiser will notify millions of a data breach after sharing patients’ data with advertisers | Link |
| TechCrunch | Ex-NSA hacker and ex-Apple researcher launch startup to protect Apple devices | Link |
| TechCrunch | India’s ICICI Bank exposed thousands of credit cards to ‘wrong’ users | Link |
| TechCrunch | Security bugs in popular phone-tracking app iSharing exposed users’ precise locations | Link |
| TechCrunch | Tines taps $50M to expand its workflow automation beyond security teams | Link |
| TechCrunch | UnitedHealth says Change hackers stole health data on ‘substantial proportion of people in America’ | Link |
| TechCrunch | US government downgrades bug in Chirp Systems app that contained hardcoded password | Link |