Category: Kamban

Two Chinese nationals were sentenced to prison for scamming Apple out of more than $2.5 million after exchanging over 6,000 counterfeit iPhones for authentic ones. Between July 2017 and December 2019, Haotian Sun, Pengfei Xue, and their co-conspirators, Wen Jin Gao and Dian Luo, exploited Apple’s device replacement policy to replace non-functioning fake iPhones for…

During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a “month-long” barrage of more than 100 hyper-volumetric DDoS attacks flooding the network infrastructure with garbage data. In a volumetric DDoS attack,…

If your organization is like many, your employees may be relying on weak or easily guessable passwords — and inadvertently rolling out the red carpet for hackers and cybercriminals in the process. So how do you stop your staff from leaving the keys to your organization’s data and systems under the proverbial doormat? Integrating a…

A Linux malware named “perfctl” has been targeting Linux servers and workstations for at least three years, remaining largely undetected through high levels of evasion and the use of rootkits. According to Aqua Nautilus researchers who discovered perfctl, the malware likely targeted millions of Linux servers in recent years and possibly caused infections in several…

Welcome to this week’s edition of the “Bi-Weekly Cyber Roundup” by Canary Trap. At Canary Trap, it is our mission to keep you up-to-date with the most crucial news in the world of cybersecurity and this bi-weekly publication is your gateway to the latest news. In this week’s round-up, we cover several critical cybersecurity developments…

Image: Midjourney The notorious APT hacking group known as FIN7 has launched a network of fake AI-powered deepnude generator sites to infect visitors with information-stealing malware. FIN7 is believed to be a Russian hacking group that has been conducting financial fraud and cybercrime since 2013, with ties to ransomware gangs, such as DarkSide, BlackMatter, and BlackCat, who recently conducted…

CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. Ivanti EPM is an all-in-one endpoint management solution that helps admins manage client devices on various platforms, including Windows, macOS, Chrome OS, and IoT operating systems. Tracked…

A new ‘FakeUpdate’ campaign targeting users in France leverages compromised websites to show fake browser and application updates that spread a new version of the WarmCookie backdoor. FakeUpdate is a cyberattack strategy used by a threat group known as ‘SocGolish’ who compromises or creates fake websites to show visitors fake update prompts for a variety of…

Microsoft has released Office 2024 for small businesses and consumers who want a standalone version without a Microsoft 365 subscription. Office 2024 includes updated, locked-in-time versions of Word, Excel, PowerPoint, OneNote, and Outlook for Windows and macOS systems.  It also requires a Microsoft account and an internet connection (likely needed during the installation and for…

U.S. cybersecurity agency CISA is warning about two critical vulnerabilities that allow authentication bypass and remote code execution in Optigo Networks ONS-S8 Aggregation Switch products used in critical infrastructure. The flaws concern weak authentication problems, allowing bypassing of password requirements, and user input validation issues potentially leading to remote code execution, arbitrary file uploads, and directory…