Researchers discovered a new attack campaign attributed to the Chinese-sponsored advanced persistent threat group known as Winnti. Based on reports, the recently discovered campaign remained undetected for several years. The researchers called the campaign ‘Operation CuckooBees’, which leveraged a past undocumented malware and stole confidential trade data from several organisations worldwide. An incident response team...Continue Reading
Critical flaws are found in Java’s Spring Framework and WordPress CMS, allowing the Sysrv botnet to exploit them and deploy malware on compromised Windows and Linux servers. The botnet was found with a new upgraded variant, Sysrv-K, capable of scanning unpatched Spring and WordPress deployments. According to researchers, the new variant of the Sysrv botnet...Continue Reading
Finland’s National Cyber Security Center has published a threat advisory regarding the FluBot Android malware infection surge due to a new phishing campaign that spreads through MMS and SMS messages. FluBot aims to steal the financial account credentials of its targets by overlaying phishing pages on top of the original banking and cryptocurrency apps. In...Continue Reading
According to researchers, the F5 BIG-IP currently has a remote code execution (RCE) vulnerability that can enable threat actors to conduct numerous exploits. The F5 BIG-IP device users are warned to apply the latest security patch to avoid being a target. F5 has disclosed a critical remote code execution flaw tracked by researchers as CVE-2022-1388...Continue Reading
A pre-authenticated remote code execution (RCE) flaw was discovered inside the dotCMS, a source content management system. The system is coded in Java and has several users that reach about 10,000 individuals across over 70 countries globally. Fortune 500 brands and average-sized businesses comprise these. The vulnerability in the dotCMS could allow RCE if...Continue Reading
A malicious threat attack has struck a big-time car rental company called Sixt. Based on reports, the non-essential systems related to the company were temporarily shut down by its operators to avoid getting infected by the breach. The Germany-based car rental firm rents automobiles from more than 2,000 locations in roughly 100 countries worldwide. In...Continue Reading
A newly discovered malware loader, called Bumblebee, has been identified by cybersecurity researchers as being utilised by roughly three separate threat groups connected with ransomware operations. Experts assumed that the Bumblebee was created by its operators to become a substitute for the BazarLoader backdoor. They also claimed that there is a high possibility that the...Continue Reading
France’s data protection authority fined a medical software firm Dedalus Biology after leaking numerous patient databases and sensitive details online, including full names, doctor information, medical information, social security number, examination data, genetic details, etc. The data protection agency fined the medical software firm for violating three bills, including Article 29 of the GDPR act,...Continue Reading
Government agencies are the recent target of an ongoing phishing campaign run by the Cozy Bear advance persistent threat group or the APT29. The threat group, also known as Nobelium, has been active since 2014 that mainly operates on cyber-espionage campaigns. The recently identified spear-phishing campaign involves hackers pretending to include important policy updates originating...Continue Reading
Cybersecurity researchers have published a new advisory regarding the notorious BlackByte ransomware group. The advisory includes information and assessment regarding the newly discovered BlackByte samples from the group’s recent attacks. Based on reports, the analysts responsible for examining the group’s behaviour discovered several variants of BlackByte ransomware circulating in the wild. The variants are coded...Continue Reading
