Ethical Hacking News
A multitude of high-profile cyber attacks have been reported across various sectors, including government institutions, financial organizations, healthcare providers, and educational institutions, resulting in significant data breaches and ransomware attacks. This article delves into the details of these recent incidents, highlighting the vulnerabilities exploited and the measures being taken to mitigate future risks.
In a recent flurry of activity, cyber attackers have been leaving no stone unturned in their pursuit of exploiting vulnerabilities and breaching secure systems. The F5 network company has recently fixed a high-severity elevation of privilege vulnerability in BIG-IP, which is a significant step towards improving the security posture of organizations reliant on this technology.
Furthermore, researchers have released a proof-of-concept exploit for the Ivanti Sentry flaw CVE-2023-38035, highlighting the importance of staying up-to-date with patch notifications and ensuring that all systems are properly secured. Additionally, ReSecurity has identified a zero-day vulnerability in Schneider Electric Accutech Manager, underscoring the need for prompt action to address such vulnerabilities before they can be exploited.
Phorpiex botnet, which has been linked to various high-profile ransomware attacks, has sent millions of phishing emails to deliver LockBit Black ransomware. This serves as a stark reminder of the importance of robust email security measures and the potential consequences of falling prey to sophisticated phishing campaigns.
Threat actors have also exploited a zero-day vulnerability in older iPhones, prompting Apple to issue a warning to users about this newly discovered vulnerability. The City of Helsinki has suffered a data breach, highlighting the need for robust cybersecurity measures in public sector organizations.
Russian hackers have defaced local British news sites, emphasizing the growing threat of state-sponsored cyber attacks. Australian Firstmac Limited has disclosed a data breach after being targeted by cyber attackers. Pro-Russia hackers have also targeted Kosovo's government websites, underscoring the global nature of this threat.
The Black Basta ransomware gang has accumulated at least $107 million in Bitcoin ransom payments since early 2022, while As of May 2024, they claim to have hacked over 500 organizations worldwide. The Ohio Lottery data breach impacted over 538,000 individuals, and Notorious threat actor IntelBroker claims the hack of Europol.
A cyberattack hit the US healthcare giant Ascension, highlighting the vulnerability of critical infrastructure in this sector. Google has fixed its fifth actively exploited Chrome zero-day this year, emphasizing the need for organizations to prioritize browser security.
Russia-linked APT28 targets government Polish institutions, while Citrix warns customers to update PuTTY version installed on their XenCenter system manually. Dell discloses a data breach impacting millions of customers, and Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs.
Zscaler is investigating data breach claims, while experts warn of two BIG-IP Next Central Manager flaws that allow device takeover. LockBit gang claimed responsibility for the attack on City of Wichita, highlighting the increasing sophistication of ransomware attacks.
New TunnelVision technique can bypass the VPN encapsulation, and LiteSpeed Cache WordPress plugin actively exploited in the wild. Most Tinyproxy Instances are potentially vulnerable to flaw CVE-2023-49606, while UK Ministry of Defense disclosed a third-party data breach exposing military personnel data.
Law enforcement agencies identified LockBit ransomware admin and sanctioned him, while MITRE attributes the recent attack to China-linked UNC5221. Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering. City of Wichita hit by a ransomware attack, and El Salvador suffered a massive leak of biometric data.
Finland authorities warn of Android malware campaign targeting bank users, while NATO and the EU formally condemned Russia-linked APT28 cyber espionage. Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION, highlights recent developments in the world of cybersecurity.
Blackbasta gang claimed responsibility for Synlab Italia attack, highlighting the increasing use of ransomware attacks against healthcare organizations. LockBit published data stolen from Simone Veil hospital in Cannes. Russia-linked APT28 and crooks are still using the Moobot botnet, underscoring the persistent nature of this threat.
Dirty stream attack poses billions of Android installs at risk, while ZLoader malware adds Zeus's anti-analysis feature. Ukrainian REvil gang member sentenced to 13 years in prison for their role in a high-profile ransomware attack. HPE Aruba Networking addressed four critical ArubaOS RCE flaws, emphasizing the importance of timely patching.
Threat actors hacked the Dropbox Sign production environment, while CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Panda Restaurant Group disclosed a data breach after being targeted by cyber attackers. Ex-NSA employee sentenced to 262 months in prison for attempting to transfer classified documents to Russia.
Cuttlefish malware targets enterprise-grade SOHO routers, highlighting the vulnerability of critical infrastructure in this sector. A flaw in the R programming language could allow code execution, underscoring the importance of software security. Muddling Meerkat, a mysterious DNS Operation involving China's Great Firewall, has raised concerns about the potential for state-sponsored cyber attacks.
Notorious Finnish Hacker sentenced to more than six years in prison for their role in high-profile ransomware attacks. CISA guidelines to protect critical infrastructure against AI-based threats highlight the need for organizations to prioritize cybersecurity measures.
NCSC: New UK law bans default passwords on smart devices, emphasizing the importance of secure device management practices. The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data, highlighting the vulnerability of consumer data in this sector.
Google prevented 2.28 million policy-violating apps from being published on Google Play in 2023, underscoring the importance of app security measures. Financial Business and Consumer Solutions (FBCS) data breach impacted 2M individuals, while Cyber-Partisans hacktivists claim to have breached Belarus KGB.
The Los Angeles County Department of Health Services disclosed a data breach, highlighting the vulnerability of healthcare organizations in this sector. Multiple Brocade SANnav SAN Management SW flaws allow device compromise, emphasizing the need for timely patching and software security measures.
Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw, while ENISA published the ENISA Threat Landscape for DoS Attacks Report. Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts, underscoring the importance of email security measures.
Google fixed critical zero-click RCE in Android, highlighting the need for organizations to prioritize mobile device security. New P2PInfect bot targets routers and IoT devices, while Malvertising attacks rely on DanaBot Trojan to spread CACTUS Ransomware.
LockBit on a Roll - ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order, emphasizing the growing threat of ransomware attacks against financial institutions. Zyxel fixed tens of flaws in Firewalls, Access Points, and NAS devices, underscoring the importance of timely patching and software security measures.
New Agent Raccoon malware targets the Middle East, Africa and the US, while Security Affairs newsletter Round 448 by Pierluigi Paganini – INTERNATIONAL EDITION highlights recent developments in the world of cybersecurity. Researchers devised an attack technique to extract ChatGPT training data, highlighting the growing threat of AI-based attacks.
Fortune-telling website WeMystic exposes 13M+ user records, while Expert warns of Turtle macOS ransomware. Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022, underscoring the increasing sophistication of ransomware attacks.
CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog, highlighting the importance of software security measures. Apple addressed 2 new iOS zero-day vulnerabilities, emphasizing the need for organizations to prioritize mobile device security.
Critical Zoom Room bug allowed to gain access to Zoom Tenants, while Rhysida ransomware group hacked King Edward VII's Hospital in London. Google addressed the sixth Chrome Zero-Day vulnerability in 2023, highlighting the growing threat of browser exploitation.
Okta reveals additional attackers' activities in October 2023 Breach, underscoring the importance of timely patching and software security measures. Thousands of secrets lurk in app images on Docker Hub, while Threat actors started exploiting critical ownCloud flaw CVE-2023-49103.
International police operation dismantled a prominent Ukraine-based Ransomware group, highlighting the growing threat of ransomware attacks against government institutions. Daixin Team group claimed the hack of North Texas Municipal Water District, underscoring the increasing sophistication of cyberattacks.
Healthcare provider Ardent Health Services disclosed a ransomware attack, while Ukraine's intelligence service hacked Russia's Federal Air Transport Agency, Rosaviatsia. Iranian hacker group Cyber Av3ngers hacked the Municipal Water Authority of Aliquippa in Pennsylvania, highlighting the vulnerability of critical infrastructure in this sector.
The hack of MSP provider CTS potentially impacted hundreds of UK law firms, underscoring the growing threat of ransomware attacks against small and medium-sized businesses. Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION highlights recent developments in the world of cybersecurity.
Rhysida ransomware gang claimed China Energy hack, while North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack. Hamas-linked APT uses Rust-based SysJoker backdoor against Israel, highlighting the growing threat of state-sponsored cyber attacks.
App used by hundreds of schools leaking children's data, while Microsoft launched its new Microsoft Defender Bounty Program, emphasizing the importance of software security measures. Exposed Kubernetes configuration secrets can fuel supply chain attacks, underscoring the need for organizations to prioritize security best practices.
North Korea-linked Konni APT uses Russian-language weaponized documents, while ClearFake campaign spreads macOS AMOS information stealer. Welltok data breach impacted 8.5 million patients in the U.S., highlighting the vulnerability of healthcare organizations in this sector.
North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software, underscoring the growing threat of supply chain attacks. Automotive parts giant AutoZone disclosed data breach after MOVEit hack, while New InfectedSlurs Mirai-based botnet exploits two zero-days.
SiegedSec hacktivist group hacked Idaho National Laboratory (INL), highlighting the growing threat of cyberattacks against research institutions. CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog, underscoring the importance of software security measures.
Citrix provides additional measures to address Citrix Bleed, while Tor Project removed several relays associated with a suspicious cryptocurrency scheme. Experts warn of a surge in NetSupport RAT attacks against education and government sectors, underscoring the growing threat of cyberattacks against critical infrastructure.
The Top 5 Reasons to Use an API Management Platform highlights the importance of software security measures for organizations reliant on APIs. Canadian government impacted by data breaches of two of its contractors, while Rhysida ransomware gang is auctioning data stolen from the British Library.
Russia-linked APT29 group exploited WinRAR 0day in attacks against embassies, underscoring the growing threat of state-sponsored cyberattacks. DarkCasino joins the list of APT groups exploiting WinRAR zero-day, highlighting the increasing sophistication of ransomware attacks.
US teenager pleads guilty to his role in credential stuffing attack on a betting site, while numerous high-profile ransomware gangs have accumulated significant amounts of Bitcoin ransom payments since early 2022.
Related Information:
Published: Sun Oct 20 06:37:10 2024 by llama3.2 3B Q4_K_M
