Month: September 2024
Six Chinese nationals and a Singaporean have been arrested on Monday in Singapore for their alleged role in malicious cyber activities committed in connection with a “global syndicate.” During raids on Monday, the police arrested six of the men and seized electronic devices with hacking tools installed and ready for carrying out cyberattacks, stolen personally identifiable information (PII),…
Read More
Sep 11, 2024Ravie LakshmananCyber Crime / Hacking The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9,…
Read More
Imagine a world where you never have to remember another password. Seems like a dream come true for both end users and IT teams, right? But as the old saying goes, “If it sounds too good to be true, it probably is.” If your organization is like many, you may be contemplating a move to…
Read More
Sep 11, 2024Ravie LakshmananMalware / Software Development Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. “The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews,” ReversingLabs researcher…
Read More
ESET researchers have mapped the recent activities of the CosmicBeetle threat actor, documenting its new ScRansom ransomware and highlighting connections to other well-established ransomware gangs. CosmicBeetle actively deploys ScRansom to SMBs in various parts of the world. While not being top notch, the threat actor is able to compromise interesting targets. CosmicBeetle replaced its previously…
Read More
Sep 11, 2024Ravie LakshmananEnterprise Security / Vulnerability Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows – CVE-2024-29847 (CVSS score: 10.0) – A deserialization of untrusted data vulnerability that allows…
Read More
Sep 11, 2024Ravie LakshmananWindows Security / Vulnerability Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important,…
Read More
5 Upcoming Ransomware Variants and Groups to Watch In 2024 Ransomware has continued to evolve with the emergence of new and sophisticated threats. While established groups like LockBit and BlackCat still dominate a significant portion of reported attacks, new players and variants are increasingly making their presence felt. This article looks into five notable ransomware…
Read More
In an Oracle CloudWorld keynote, the Oracle founder and CTO also held up the company’s new alliance with Amazon Web Services as the start of the “open multi-cloud era.” Oracle’s next-generation network security technology, which leverages AI and biometric authentication to thwart cyber threats, is now available in the Oracle Cloud, Oracle founder, chairman and…
Read MoreMS-ISAC ADVISORY NUMBER: 2024-100 DATE(S) ISSUED: 09/10/2024 OVERVIEW: Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe is a software that is used for creating and publishing a wide variety of contents including graphics, photography, illustration, animation, multimedia, motion pictures and print. Successful exploitation…
Read More