Month: May 2024
Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers”…
Read MoreCISA released seven Industrial Control Systems (ICS) advisories on May 30, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. Source link lol
Read More
May 30, 2024NewsroomVulnerability / Cryptocurrency The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now incorporates new anti-analysis techniques, according to…
Read More
From the editors of CSO, this enterprise buyer’s guide helps security IT staff understand what data security posture management (DSPM) can do for their organizations and how to choose the right solution. Source link lol
Read More
Computer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19, allowing a threat actor to steal customer data. Cooler Master is a popular computer hardware manufacturer known for their cooling devices, computer cases, power supplies, and other peripherals. BleepingComputer reported yesterday that a threat actor known as ‘Ghostr’ told…
Read More
A vast network of millions of compromised computers, being used to facilitate a wide range of cybercrime, has been disrupted by a multinational law enforcement operation. The 911 S5 botnet, described as “likely the world’s largest botnet ever” by FBI Director Christopher Wray, has had its infrastructure and assets seized and its alleged mastermind arrested…
Read More
An international law enforcement operation codenamed ‘Operation Endgame’ has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. The action, which occurred between May 27 and 29, 2024, involved 16 location searches across Europe and led to the arrest of four individuals, one in…
Read More
Fresh off its $1.1 billion funding round this month, cloud AI startup CoreWeave is reportedly looking to hit the public market by the first half of 2025. Here’s what you need to know. CoreWeave, the cloud AI startup heavily backed by Nvidia and private equity firms, is reportedly seeking to become a public company in…
Read More
May 30, 2024NewsroomWordPress / Website Security Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. “These vulnerabilities are found in various WordPress plugins and are prone to unauthenticated stored cross-site scripting (XSS) attacks due to inadequate input…
Read More
The BBC has disclosed a data security incident that occurred on May 21, involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members. As per the reports, the incident impacted roughly 25,000 people, including current and former employees of Britain’s national public service broadcaster. The compromised…
Read More