News – June 2024


  • New Orcinius Trojan Uses VBA Stomping to Mask Infection

    June 27, 2024

    This week, the SonicWall Capture Labs threat research team investigated a sample of Orcinius malware. This is a multi-stage trojan that is using Dropbox and Google Docs to download second-stage payloads and stay updated. It contains an obfuscated VBA macro that hooks into Windows to monitor running windows and keystrokes and creates persistence using registry keys. Read ...

  • Critical Vulnerability in Fortra FileCatalyst Workflow

    June 27, 2024

    Fortra has released a security update addressing a critical vulnerability found in FileCatalyst Workflow. FileCatalyst is an accelerated file transfer software solution that allows the transfer of large files over remote networks. CVE-2024-5276 is an SQL Injection vulnerability with a CVSSv3 score of 9.8 (critical), which if exploited could allow an unauthenticated attacker to modify or ...

  • Michigan County Restores 80 Percent of Systems After Cyber Attack

    June 27, 2024

    The computer-aided dispatch system for Grand Traverse County’s 911 service is officially back online following a cyberattack that disabled the system and many other governmental services. “As of 2 p.m. yesterday, it was operational for all first responders,” said County Administrator Nate Alger at Wednesday’s county board meeting. “I know Cherry Festival is just three days ...

  • Cyber attack ‘nothing to do with dispute’, says British Medical Association

    June 27, 2024

    The British Medical Association (BMA) has defended doctors striking at hospitals running at reduced capacity due to a significant cyber attack. While some junior doctors have been granted permission to return to work due to safety concerns, a number have continued with their industrial action at trusts in London hit by the attack. A senior BMA ...

  • Federal Reserve “breached” data may actually belong to Evolve Bank

    June 26, 2024

    A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. On LockBit’s dark web leak site, the group threatened to release over 30 TB of banking information containing Americans’ banking data if a ransom wasn’t paid by June 25. ...

  • Progress Software Releases Critical Security Updates for MOVEit Transfer and MOVEit Gateway

    June 26, 2024

    Progress (formerly Ipswitch) has released a security update for two critical vulnerabilities found in the SFTP module of the MOVEit Transfer (CVE-2024-5806) and MOVEit Gateway (CVE-2024-5805) applications. MOVEit is a managed secure file transfer tool. The improper authentication vulnerability known as CVE-2024-5806 has a CVSSv3 score of 9.1 and can lead to authentication bypass in MOVEit ...

  • Ransomware disrupts South Africa’s national health lab

    June 26, 2024

    South Africa’s response to an ongoing Mpox outbreak is being stymied by a ransomware attack against its National Health Laboratory Service, which resulted in the deletion of backup servers and other parts of its system, hindering lab result dissemination since Saturday. While no patient information was noted to be impacted by the compromise, such an attack ...

  • Milipol Qatar 2024: the Global Event for Homeland Security and Safety Returns in October

    June 25, 2024

    Innovative Technology Solutions Unveiled at Global Exhibition International Experts to Discuss Land, Sea, Air, AI and Cybersecurity Issues Doha, Qatar – 25 June 2024 – Under the high patronage of His Highness Sheikh Tamim bin Hamad Al-Thani, Amir of the State of Qatar, Ministry of interior in Qatar will organize the 15th edition of Milipol Qatar, the ...

  • New SnailLoad side-channel attack detailed

    June 25, 2024

    SecurityWeek reports that website and content inferencing could be remotely conducted by threat actors without direct network traffic access via the new SnailLoad side-channel attack technique. Several latency measurements for websites and YouTube videos viewed by targets are being conducted by threat actors to establish digital fingerprints before luring targets to download files from a malicious ...

  • LockBit hackers claim to have cracked the US Federal Reserve

    June 25, 2024

    The LockBit cybercrime gang has claimed to have stolen an enormous database from the US Federal Reserve, which includes sensitive banking information about American citizens – but the claim is being met with suspicion. Earlier this week, the infamous ransomware operator added the Fed on its data leak site, saying it had acquired an archive containing ...