Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401
https://securityaffairs.com/168197/malware/geoserver-geotools-flaw-cve-2024-36401-malware.html
https://securityaffairs.com/168197/malware/geoserver-geotools-flaw-cve-2024-36401-malware.html
Security Affairs
Multiple malware families delivered exploiting GeoServer GeoTools flaw CVE-2024-36401
Multiple threat actors actively exploited the recently disclosed OSGeo GeoServer GeoTools flaw CVE-2024-36401 in malware-based campaigns.
ECS Logs Collector – Essential Tool For Amazon ECS Troubleshooting
https://kalilinuxtutorials.com/ecs-logs-collector/
https://kalilinuxtutorials.com/ecs-logs-collector/
Kali Linux Tutorials
ECS Logs Collector - Essential Tool For Amazon ECS
This project was created to collect Amazon ECS log files and Operating System log files for troubleshooting Amazon ECS customer support cases.
Loki: a new private agent for the popular Mythic framework
https://securelist.com/loki-agent-for-mythic/113596/
https://securelist.com/loki-agent-for-mythic/113596/
TIDRONE APT targets drone manufacturers in Taiwan
https://securityaffairs.com/168210/apt/tidrone-targets-organizations-taiwan.html
https://securityaffairs.com/168210/apt/tidrone-targets-organizations-taiwan.html
Security Affairs
TIDRONE APT targets drone manufacturers in Taiwan
A previously undocumented threat actor tracked TIDRONE targets organizations in military and satellite industries in Taiwan.
Leveraging eBPF For Advanced Kubernetes Monitoring
https://kalilinuxtutorials.com/leveraging-ebpf-for-advanced-kubernetes-monitoring/
https://kalilinuxtutorials.com/leveraging-ebpf-for-advanced-kubernetes-monitoring/
Kali Linux Tutorials
Leveraging eBPF For Advanced Kubernetes Monitoring
eBPF, or Extended Berkeley Packet Filter, is a technology that lets programs run in the Linux kernel. It was first made for filtering network
9th September – Threat Intelligence Report
https://research.checkpoint.com/2024/9th-september-threat-intelligence-report/
https://research.checkpoint.com/2024/9th-september-threat-intelligence-report/
Check Point Research
9th September – Threat Intelligence Report - Check Point Research
For the latest discoveries in cyber research for the week of 9th September, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The German air traffic control agency, Deutsche Flugsicherung, has confirmed a cyberattack that impacted…
How to defend against brute force and password spray attacks
https://www.bleepingcomputer.com/news/security/how-to-defend-against-brute-force-and-password-spray-attacks/
https://www.bleepingcomputer.com/news/security/how-to-defend-against-brute-force-and-password-spray-attacks/
BleepingComputer
How to defend against brute force and password spray attacks
While not very sophisticated, brute force password attacks pose a significant threat to an organization's security. Learn more from Specops Software about these types of attacks and how to defend against them.
Akira Ransomware Actively Exploiting SonicWall firewall RCE Vulnerability
https://gbhackers.com/akira-sonicwall-exploits/
https://gbhackers.com/akira-sonicwall-exploits/
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Akira Ransomware Actively Exploiting SonicWall firewall RCE Vulnerability
SonicWall disclosed a critical remote code execution vulnerability (CVE-2024-40766) in SonicOS on August 22nd, 2024. While no active
Predator spyware operation is back with a new infrastructure
https://securityaffairs.com/168222/intelligence/predator-spyware-new-infrastructure.html
https://securityaffairs.com/168222/intelligence/predator-spyware-new-infrastructure.html
Security Affairs
Predator spyware operation is back with a new infrastructure
A new cluster of activity linked to Predator spyware using a new infrastructure was spotted following sanctions against Intellexa Consortium
Payment gateway data breach affects 1.7 million credit card owners
https://www.bleepingcomputer.com/news/security/payment-gateway-data-breach-affects-17-million-credit-card-owners/
https://www.bleepingcomputer.com/news/security/payment-gateway-data-breach-affects-17-million-credit-card-owners/
BleepingComputer
Payment gateway data breach affects 1.7 million credit card owners
Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals.
Russian, Kazakhstani men living in Miami indicted over cybercrime training service
https://cyberscoop.com/russian-kazakhstani-men-living-in-miami-indicted-over-cybercrime-training-service/
https://cyberscoop.com/russian-kazakhstani-men-living-in-miami-indicted-over-cybercrime-training-service/
CyberScoop
Russian, Kazakhstani men living in Miami indicted over cybercrime training service
The pair stand accused of administering WWH Club, a major Russian-language cybercrime marketplace.
Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature
https://www.bleepingcomputer.com/news/security/meta-fixes-easily-bypassed-whatsapp-view-once-privacy-feature/
https://www.bleepingcomputer.com/news/security/meta-fixes-easily-bypassed-whatsapp-view-once-privacy-feature/
BleepingComputer
Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature
A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app's "View once" feature and view messages again.
WhatsApp Flaw Allows Bypassing the ‘View Once’ Media Privacy Feature
https://restoreprivacy.com/whatsapp-flaw-allows-bypassing-the-view-once-media-privacy-feature/
https://restoreprivacy.com/whatsapp-flaw-allows-bypassing-the-view-once-media-privacy-feature/
CyberInsider
WhatsApp Flaw Allows Bypassing the 'View Once' Media Privacy Feature
Researchers have uncovered a privacy flaw in WhatsApp's “View Once” feature, designed to enhance user privacy by allowing media to be viewed once before disappearing. The flaw enables attackers to easily bypass this restriction, rendering the privacy protection…
Highline Public Schools closes schools following cyberattack
https://www.bleepingcomputer.com/news/security/highline-public-schools-closes-schools-following-cyberattack/
https://www.bleepingcomputer.com/news/security/highline-public-schools-closes-schools-following-cyberattack/
BleepingComputer
Highline Public Schools closes schools following cyberattack
Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack.
Chinese hackers use new data theft malware in govt attacks
https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-data-theft-malware-in-govt-attacks/
https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-data-theft-malware-in-govt-attacks/
BleepingComputer
Chinese hackers use new data theft malware in govt attacks
New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks.
Quad7 botnet targets more SOHO and VPN routers, media servers
https://www.bleepingcomputer.com/news/security/quad7-botnet-targets-more-soho-and-vpn-routers-media-servers/
https://www.bleepingcomputer.com/news/security/quad7-botnet-targets-more-soho-and-vpn-routers-media-servers/
BleepingComputer
Quad7 botnet targets more SOHO and VPN routers, media servers
The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers.
Critical SonicWall SSLVPN bug exploited in ransomware attacks
https://www.bleepingcomputer.com/news/security/critical-sonicwall-sslvpn-bug-exploited-in-ransomware-attacks/
https://www.bleepingcomputer.com/news/security/critical-sonicwall-sslvpn-bug-exploited-in-ransomware-attacks/
BleepingComputer
Critical SonicWall SSLVPN bug exploited in ransomware attacks
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks.
TIDRONE: The Unseen Cyberespionage Threat Targeting Taiwan’s Military and Satellite Industries
https://securityonline.info/tidrone-the-unseen-cyberespionage-threat-targeting-taiwans-military-and-satellite-industries/
https://securityonline.info/tidrone-the-unseen-cyberespionage-threat-targeting-taiwans-military-and-satellite-industries/
Cybersecurity News
TIDRONE: The Unseen Cyberespionage Threat Targeting Taiwan's Military and Satellite Industries
Learn about TIDRONE, a cyber threat targeting the Taiwanese military and satellite industries. Discover their motives, techniques, and the potential dangers for national security.
Chinese APT Stately Taurus Exploits Visual Studio Code in Cyberespionage Attacks
https://securityonline.info/chinese-apt-stately-taurus-exploits-visual-studio-code-in-cyberespionage-attacks/
https://securityonline.info/chinese-apt-stately-taurus-exploits-visual-studio-code-in-cyberespionage-attacks/
Cybersecurity News
Chinese APT Stately Taurus Exploits Visual Studio Code in Cyberespionage Attacks
Discover the latest tactic employed by the Chinese APT group Stately Taurus. Learn how they abuse Visual Studio Code to gain unauthorized access to sensitive networks.
SpyAgent Malware Targets Crypto Wallets via Image Scanning
https://securityonline.info/spyagent-malware-targets-crypto-wallets-via-image-scanning/
https://securityonline.info/spyagent-malware-targets-crypto-wallets-via-image-scanning/
Cybersecurity News
SpyAgent Malware Targets Crypto Wallets via Image Scanning
Beware of SpyAgent, a sophisticated Android malware targeting cryptocurrency wallets. Learn how to protect yourself from this insidious threat.
New Loki Backdoor Emerges: A Private Agent for Mythic Framework Unveiled
https://securityonline.info/new-loki-backdoor-emerges-a-private-agent-for-mythic-framework-unveiled/
https://securityonline.info/new-loki-backdoor-emerges-a-private-agent-for-mythic-framework-unveiled/
Cybersecurity News
New Loki Backdoor Emerges: A Private Agent for Mythic Framework Unveiled
Learn about the new threat Loki, a sophisticated backdoor linked to the Mythic framework, posing challenges to cybersecurity defenders.