BadCandy Webshell threatens unpatched Cisco IOS XE devices, warns Australian government

GlobalDefenseBot 1 November

2 minutes

Australia warns of attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell install. The Australian Signals Directorate (ASD) warns of ongoing attacks on unpatched Cisco IOS XE devices exploiting CVE-2023-20198, allowing BadCandy webshell infections and admin takeover. “Cyber actors are installing an implant dubbed ‘BADCANDY’ on Cisco IOS XE devices that are vulnerable […]

breaking news

China-linked UNC6384 exploits Windows zero-day to spy on European diplomats

GlobalDefenseBot 1 November

3 minutes

A China-linked APT group UNC6384 exploits a Windows zero-day in an active cyber espionage targeting European diplomats. Arctic Wolf Labs researchers uncovered a cyber espionage campaign by China-linked APT UNC6384 targeting diplomatic entities in Hungary, Belgium, and other EU nations. UNC6384 is a China-nexus actor recently detailed by Google TAG, has expanded from targeting Southeast […]

Russia Arrests Meduza Stealer Developers After Government Hack

CySecBot 1 November

1 minute

Russia arrests developers of the notorious Meduza Stealer MaaS operation. Learn how the group’s ‘fatal error’ led to the crackdown on domestic cybercrime.

breaking news

Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

GlobalDefenseBot 31 October

2 minutes

CISA warns ransomware gangs exploit CVE-2024-1086, a Linux kernel flaw in netfilter: nf_tables, introduced in 2014 and patched in Jan 2024. CISA warned that ransomware gangs are exploiting CVE-2024-1086, a high-severity Linux kernel flaw introduced in 2014 and patched in January 2024. CISA didn’t provide details about the ransomware attacks exploiting the flaw or name […]

Hackers Exploit WSUS Flaw to Spread Skuld Stealer Despite Microsoft Patch

CySecBot 31 October

1 minute

Cybercriminals exploit a WSUS vulnerability to deploy Skuld Stealer malware, even after Microsoft released an urgent security patch.

Open VSX Downplays Impact From GlassWorm Campaign

CySecBot 31 October

1 minute

Open VSX fully contained the GlassWorm attacks and says it was not a self-replicating worm in the traditional sense.
The post Open VSX Downplays Impact From GlassWorm Campaign appeared first on SecurityWeek.

Ukrainian Conti Ransomware Suspect Extradited to US from Ireland

CySecBot 31 October

1 minute

Ukrainian man accused of helping run Conti ransomware extradited from Ireland to the U.S. to face charges over global cyberattacks and $150M in ransom payments.

Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks

CySecBot 31 October

1 minute

The Windows shortcut vulnerability has been seen in attacks conducted by Mustang Panda to drop the PlugX malware.
The post Chinese APT Exploits Unpatched Windows Flaw in Recent Attacks appeared first on SecurityWeek.

Akira Ransomware Claims It Stole 23GB from Apache OpenOffice

CySecBot 31 October

1 minute

The Akira ransomware group claims to have stolen 23GB of data from Apache OpenOffice, including employee and financial records, though the breach remains unverified.

Spyware-Plugged ChatGPT, DALL·E and WhatsApp Apps Target US Users

CySecBot 30 October

1 minute

Are you using a fake version of a popular app? Appknox warns US users about malicious brand clones hiding on third-party app stores. Protect yourself from hidden spyware and ‘commercial parasites.’