Sansec says it has observed more probes in November against the now-patched zero-day flaw (CVE-2022-24086) than the rest of the year combined. Seven threat groups affiliated with the Magecart cybercrime syndicate have…
Category: Breaches
7 vulnerabilities that federal agencies MUST address by Nov 29
Four of the vulnerabilities are Windows zero-day bugs that Microsoft disclosed in its November security update; three affect Samsung mobile devices. The US Cybersecurity and Infrastructure Security Agency’s (CISA) Binding Operational Directive…
Australian Federal Police say Russian threat actor behind Medibank breach
“We will be holding talks with Russian law enforcement about these individuals,” AFP Commissioner says [300 words]. What: The Australian Federal Police (AFP) has identified the threat actor behind the catastrophic attack…
Russia’s Iridium group deploying new ransomware payload
Prestige ransomware marks dangerous shift in strategy for threat actor Microsoft says [299 words]. What: Security researchers at Microsoft have spotted Russia-based threat group Iridium dropping a new ransomware payload dubbed “Prestige”…
Here’s what you need to know of the 4 zero-days in Microsoft’s Nov. update
Microsoft issued patches for of 62 vulnerabilities, nine of which are “Critical” severity and 53 “Important”. Four of the vulnerabilities in Microsoft November 2022 security update are zero-day flaws that are being…
Feds seize over 50K Bitcoin from underground vault and circuit board hidden in popcorn tin
Nov. 2021 seizure was valued at staggering $3.36 billion at the time [300 words]. What: James Zhong, of Gainesville, Georgia on Nov. 4th, 2022, pleaded guilty to illegally obtaining 50,000 Bitcoin from…
Black Basta ransomware operators are exploiting “PrintNightMare”, “ZeroLogon” and “NoPac” Flaws
New data that researchers at SentinelOne uncovered show that the notorious, financially-motivated FIN7 threat group may be behind—or has strong ties—to the Black Basta ransomware operation [300 words]. Why that matters: FIN7…
RomCom threat actor using spoofed SolarWinds, KeePass apps to distribute RAT
Targets have been Ukraine-based but IT companies, food brokers, and food manufacturers in the U.S., Brazil, and the Philippines are also in its crosshairs, BlackBerry says [300 words]. What: The operators of…
Attackers actively exploiting VMware flaw that CISA deemed as posing “unacceptable risk” in May
Multiple campaigns are using CVE-2022-22954 to drop ransomware, coin miners and Mirai [299 words]. What: Multiple malicious campaigns are actively targeting a previously disclosed and now patched remote code execution vulnerability in…
Microsoft leaked business transaction data on more than 65K prospective customers via misconfigured Azure storage bucket, threat intel vendor claims
Misconfigured and insecure cloud storage buckets—particularly AWS S3 buckets—pose a major data leak risk for organizations. In recent years hundreds of companies have had sensitive data exposed via this vector [292 words]….