Cyber Security Week in Review: August 2, 2024
In brief: ‘Sitting Ducks’ domain hijacking attack puts at risk over a million domains, the UK shuts down Russian Coms fraud platform, and more.
Cybersecurity News - Page 127
China-linked Cuckoo Spear threat actor targets Japanese orgs
Cuckoo Spear remained undetected within victim networks for an extended period, often between two and three years.
New malicious campaign targets Android users to steal SMS messages
The malware was monitoring one-time password messages across over 600 global brands.
DigiCert revokes customer SSL/TLS certificates due to domain verification bug
The revocation affects only the certificates verified using the faulty CNAME procedure.
UK’s Electoral Commission reprimanded for August 2021 breach
The commission failed to patch its on-premise Microsoft Exchange Server against the ProxyShell flaws.
Threat actors target Polish businesses with Agent Tesla and Formbook malware
Nine significant ModiLoader phishing campaigns were detected in May 2024.
Cybercriminals exploit recently patched VMware ESXi flaw to deploy ransomware
CVE-2024-37085 allows attackers to obtain full administrative permissions on domain-joined ESXi hypervisors.
SideWinder cyber spies shift focus to ports and maritime facilities in the Mediterranean Sea
The group employs a variety of techniques to evade detection and deliver the implants.
Gemini crypto exchange discloses data breach involving banking info
A threat actor gained access to an internal collaboration tool on the bank partner’s system.
Hackers bypass Google Workspace authentication, exposing thousands of accounts
Hackers managed to bypass verification, enabling unauthorized access to third-party services through Google’s single sign-on system.
Showing elements 1261 - 1270