Third Party Risk Assessment Page 1

About 3.8 million people were notified of a data breach that had recently affected a healthcare platform ‘Cerebral’ after the company detected that patients’ information had been exposed to third parties without appropriate consent. According to Cerebral’s published notice on its website, the logging features of invisible pixel trackers they use on several third parties...Continue Reading

A malicious PyPI package has been currently spreading a fully featured information stealer and remote access trojan called Colour-Blind RAT. The PyPI repositories have become a frequent and easy target entity of numerous attackers since anyone could publish packages without going through reviews, code testing, or user validation. Based on reports, the RAT resides in...Continue Reading

One of the most prominent healthcare provider firms, Community Health Systems (CHS), confirmed that they are subject to a recent attack that exploited Fortra’s GoAnywhere secure file transfer platform. CHS admitted earlier this week that Fortra issued an update that it had suffered a security incident that led to some of its data compromises. A...Continue Reading

Researchers identified 16 new NPM packages that pose as internet speed testers to spread coinminers that could hijack infected devices and mine crypto funds for their operators. The threat actors uploaded these malicious packages onto NPMan online repository with more than two million open-source JavaScript packages. This platform reaches numerous software developers who help hasten...Continue Reading

The QakBot botnet operators have executed a new malware campaign that utilises a new malicious payload called QakNote. This botnet has transformed from a banking trojan into a multi-purpose botnet that could perform a lateral movement, reconnaissance procedures, data exfiltration, stealing, and payload delivery. The new campaign started in the last weeks of January when...Continue Reading

The surge of ransomware attacks against internet-exposed flawed ESXi servers has forced VMware to warn their customers to update their latest security updates and disable the OpenSLP service. Based on reports, threat actors cannot exploit a zero-day flaw in this service since it is disabled by default in the ESXI software release. In addition, hackers...Continue Reading

Security researchers discovered ongoing exploitation of a zero-day flaw that affected the managed file-transfer solution, GoAnywhere MFT, owned by Fortra. This issue is critical as numerous companies, local government entities, and educational institutions use the data transfer platform in daily operations. Threat actors commonly target data transfer tools such as GoAnywhere MFT, Accellion, and FileZen,...Continue Reading

A newly discovered OAuth app campaign that exploits Microsoft’s verified publisher status is used by hackers to execute their app distribution campaign. These compromised applications obtained extensive authorised permissions that could enable their operators to gain essential abilities within a targeted system. Researchers confirmed that these attacks could allow hackers to read emails, change mailbox...Continue Reading

Malicious threat actors have now used another Microsoft feature, OneNote, to spread malware as part of their new delivery methods. Researchers initially discovered this campaign last year, where attackers use OneNote documents as attachments to disseminate the Formbook malware. Earlier this year, another set of actors used OneNote attachments in a malspam email campaign that...Continue Reading

KeePass, a password manager platform, said in a recent statement that they are disputing a vulnerability found by security experts, which involved hackers being able to export critical databases in plain text without being detected. The vulnerability tracked as CVE-2023-24055 allows threat actors with permitted write access to alter a targeted system’s KeePass XML configuration...Continue Reading