Author: nlqip
Oct 03, 2024Ravie LakshmananCyber Espionage / Threat Intelligence Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries. The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork…
Read More
Organizations that get relieved of credentials to their cloud environments can quickly find themselves part of a disturbing new trend: Cybercriminals using stolen cloud credentials to operate and resell sexualized AI-powered chat services. Researchers say these illicit chat bots, which use custom jailbreaks to bypass content filtering, often veer into darker role-playing scenarios, including child…
Read More
Prolific Cisco inventor JP Vasseur is joining Nvidia shortly after the AI computing giant’s CFO, Colette Kress, said that the company’s Spectrum-X line of Ethernet networking products for data centers is ‘well on track to begin a multibillion-dollar product line within a year.’ Nvidia has hired a 25-year Cisco Systems engineering veteran, once credited as…
Read More
Oct 03, 2024Ravie LakshmananCybercrime / Financial Fraud INTERPOL has announced the arrest of eight individuals in Côte d’Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said. One such threat involved a…
Read More
Oct 03, 2024Ravie LakshmananCybercrime / Ransomware A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. This includes the arrest of a suspected LockBit…
Read More
Oct 03, 2024Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-29824, carries a CVSS score of 9.6…
Read More
Welcome to this week’s edition of the “Bi-Weekly Cyber Roundup” by Canary Trap. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we cover several critical cybersecurity developments…
Read More
Image: Midjourney The notorious APT hacking group known as FIN7 has launched a network of fake AI-powered deepnude generator sites to infect visitors with information-stealing malware. FIN7 is believed to be a Russian hacking group that has been conducting financial fraud and cybercrime since 2013, with ties to ransomware gangs, such as DarkSide, BlackMatter, and BlackCat, who recently conducted…
Read More
CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. Ivanti EPM is an all-in-one endpoint management solution that helps admins manage client devices on various platforms, including Windows, macOS, Chrome OS, and IoT operating systems. Tracked…
Read More
CISA urges organizations to address the remote code execution vulnerability affecting Ivanti EPM. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) Wednesday urged organizations to prioritize patching for a previously disclosed, critical-severity vulnerability affecting Ivanti Endpoint Manager, which has now seen exploitation in attacks. The remote code execution (RCE) flaw in the product, also known…
Read More