Category: Kamban

The Tor Project has released Tor Browser 13.5, bringing several improvements and enhancements for Android and desktop versions. The Tor Browser is a specialized open-source web browser designed for anonymous browsing by routing the user’s traffic through thousands of volunteer-run servers called nodes/relays, which constitute the Tor network. Tor also provides access to “.onion” websites, which…

CDK Global has cautioned customers about unscrupulous actors calling them and posing as CDK agents or affiliates to gain unauthorized systems access. The warning follows ongoing cyberattacks that have hit CDK, forcing the company to shut down its customer support channels and take most of its systems offline. CDK Global is a software-as-a-service (SaaS) platform that thousands of US…

Today, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving customers until September 29, 2024, to find alternative security software. “Today, the Department of Commerce’s Bureau of Industry and Security (BIS) announced a Final Determination prohibiting Kaspersky Lab, Inc., the…

The RansomHub ransomware operation is using a Linux encryptor designed specifically to encrypt VMware ESXi environments in corporate attacks. RansomHub is a ransomware-as-a-service (RaaS) operation launched in February 2024, featuring code overlaps and member associations with ALPHV/BlackCat and Knight ransomware, having claimed over 45 victims across 18 countries. The existence of a Windows and Linux…

A vulnerability dubbed “CosmicSting” impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks. According to Sansec’s stats, roughly three out of four websites using the impacted e-commerce platforms have not patched against CosmicSting, which puts them at…

A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw. The vulnerability, dubbed ‘UEFICANHAZBUFFEROVERFLOW,’ is a buffer overflow bug in the firmware’s Trusted Platform Module (TPM) configuration that could be exploited to perform code execution on…

A suspected Chinese threat actor tracked as UNC3886 uses publicly available open-source rootkits named ‘Reptile’ and ‘Medusa’ to remain hidden on VMware ESXi virtual machines, allowing them to conduct credential theft, command execution, and lateral movement. Mandiant has been tracking the threat actor for a long time, previously reporting attacks on government organizations leveraging a Fortinet…

Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits. Although the attacks do not appear particularly sophisticated, the observed activity underscores the risk posed by unpatched endpoints, emphasizing the urgent need for administrators to apply the security updates. The CVE-2024-28995 flaw The vulnerability, CVE-2024-28995, is a high-severity directory…

Car dealership SaaS platform CDK Global suffered an additional breach Wednesday night as it was starting to restore systems shut down in an previous cyberattack. CDK Global is a software-as-a-service platform that provides a full suite of applications to handle a car dealership’s operation, including sales, back office, financing, inventory, and service and support. CDK became…