Vulnerabilities
-
Coordinated Cyber Attacks Target Tomcat Manager Interfaces
GreyNoise has warned of a surge in coordinated brute-force attacks targeting Apache Tomcat Manager interfaces, involving 295 unique malicious IP addresses. As attackers seek to exploit these vulnerabilities, experts recommend strengthening security measures to protect against unauthorized access.
-
Former Black Basta Affiliates Adapt Tactics Amid Ongoing Cyber Threats
Former members of the Black Basta ransomware operation have adapted their tactics, leveraging email phishing and Microsoft Teams phishing to gain access to networks. The report highlights the evolution of these cybercriminals even as the Black Basta brand faces challenges.
-
INTERPOL Disrupts Cybercrime Network by Dismantling 20,000 Malicious IPs
INTERPOL has successfully dismantled over 20,000 malicious IP addresses linked to information-stealing malware in a major operation involving law enforcement from 26 countries. This initiative underscores a collaborative global effort to combat the growing threat of cybercrime and protect sensitive data.
-
Microsoft Addresses Critical Zero-Day Vulnerability in June Security Update
Microsoft’s June security update addresses 66 vulnerabilities, including a critical zero-day exploit in WebDAV linked to the Stealth Falcon espionage group, posing risks to organizations worldwide.
-
Adobe Issues Major Security Patch Addressing 254 Vulnerabilities in Software Products
Adobe has released updates addressing 254 vulnerabilities, including major flaws in the Experience Manager (AEM) with implications for arbitrary code execution and privilege escalation, urging users to update to safeguard their systems.
-
Rare Werewolf APT Targets Russian Entities with Sophisticated Cyber Attacks
Rare Werewolf, an advanced persistent threat (APT) group, is reported to have launched a series of cyber attacks targeting Russian and CIS entities, using legitimate software to enhance the stealth of their operations.
-
China-linked Cyber Espionage Group Targets Over 70 Organizations Across Various Sectors
A China-linked cyber espionage group has targeted over 70 organizations across various sectors, including a South Asian government and a European media organization, underlining the broad implications of recent cyber infiltration tactics.
-
Google Addresses Vulnerability Exposing Users’ Phone Numbers
A vulnerability in Google’s account recovery process allowed researchers to brute-force phone numbers linked to accounts, posing a significant risk of phishing and SIM-swapping attacks, now patched by the tech firm.
-
OpenAI Bans Accounts Used by Cybercriminals for Malicious AI-Assisted Activities
OpenAI has banned a series of ChatGPT accounts linked to malicious activities by Russian and Chinese cybercriminals, revealing the extent to which threat actors are leveraging AI technology for malware development and social media automation.
-
New Supply Chain Malware Operation Targets GlueStack Packages
A new supply chain attack has targeted GlueStack packages, affecting nearly one million downloads and allowing hackers to execute commands and steal information from compromised systems.
