North Korean State Actors Deploy Surgical Ransomware in Ongoing Cyberattacks on US Healthcare Orgs
The FBI, US Cybersecurity and Infrastructure Security Agency (CISA), and the Treasury Department on Wednesday warned about North Korean state-sponsored threat actors targeting organizations in the US healthcare and...
Supply Chain Attack Deploys Hundreds of Malicious NPM Modules to Steal Data
A routine scan of the NPM open source code repository in April turned up several packages using a JavaScript obfuscator to hide their true function.
After further investigation, analysts with ReversingLabs reported...
Google Chrome WebRTC Zero-Day Faces Active Exploitation
A zero-day security vulnerability in Google Chrome for Android is being actively exploited in the wild, the Internet giant says.
The issue is a high-severity heap-buffer overflow bug (tracked as...
ICYMI: A Microsoft Warning, Follina, Atlassian, and More
There's no such thing as a slow week for cybercrime, which means that covering the waterfront on all of the threat intelligence and interesting stories out there is a...
DragonForce Malaysia Releases LPE Exploit, Threatens Ransomware
The hacktivist group DragonForce Malaysia has released an exploit that allows Windows Server local privilege escalation (LPE) to grant access to local distribution router (LDR) capabilities. It also announced that it's adding...
OpenSea NFT Marketplace Faces Insider Hack
OpenSea, the largest nonfungible token (NFT) marketplace, this week announced that an employee of one of its email vendors, Customer.io, accessed and downloaded the company's email list. It added that anyone who has...
Google: Hack-for-Hire Groups Present a Potent Threat
The threat associated with nation-state-backed hacking groups has been well-researched and chronicled in recent times, but there's another, equally dangerous set of adversaries that's operated comparatively in the shadows...
Critical ManageEngine ADAudit Plus Vulnerability Allows Network Takeover, Mass Data Exfiltration
A critical vulnerability in Zoho’s widely used compliance tool, ManageEngine ADAudit Plus, which monitors changes to Microsoft Active Directory, leaves endpoints vulnerable to unauthenticated users. A successful exploit could...
Exchange Servers Backdoored Globally by SessionManager
Attackers once focused on exploiting ProxyLogon Microsoft Exchange server vulnerabilities have made a pivot to the new SessionManager backdoor, which can be used to gain persistent, undetected access to emails...
API Security Losses Total Billions, But It’s Complicated
US companies face a combined $12 billion to $23 billion in losses in 2022 from compromises linked to Web application programming interfaces (APIs), which have proliferated with the increased...
