Cyber Security News

  • 2024 U.S. Federal Elections: The Insider Threat

    June 28, 2024

    The Federal Bureau of Investigation (FBI), in coordination with the Department of Homeland Security’s (DHS) Office of Intelligence and Analysis (I&A), the Cybersecurity and Infrastructure Security Agency (CISA), and the U.S. Election Assistance Commission (EAC) prepared this overview to help partners defend against insider threat concerns that could materialize during the 2024 election cycle. For years, ...

  • Unauthenticated Command Injection in Netis Router

    June 28, 2024

    This week’s Metasploit release includes an exploit module for an unauthenticated command injection vulnerability in the Netis MW5360 router which is being tracked as CVE-2024-22729. The vulnerability stems from improper handling of the password parameter within the router’s web interface which allows for command injection. Fortunately for attackers, the router’s login page authorization can be bypassed ...

  • Airports, Student Aid Services Struck by Indonesian Cyber Attack

    June 28, 2024

    Indonesia’s parliament called the government to task over another cyber attack that led to airport and scholarship services being put out of service. The ransomware attack that affected hundreds of ministries and public institutions was “catastrophic,” said lawmaker Tubagus Hasanuddin in a Thursday evening hearing with the communications minister and the head of state cybersecurity agency. ...

  • Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz

    June 27, 2024

    On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Their investigation identified that the suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. Installers for Notezilla, along with tools called RecentX and Copywhiz, are distributed ...

  • Critical Vulnerability in Fortra FileCatalyst Workflow

    June 27, 2024

    Fortra has released a security update addressing a critical vulnerability found in FileCatalyst Workflow. FileCatalyst is an accelerated file transfer software solution that allows the transfer of large files over remote networks. CVE-2024-5276 is an SQL Injection vulnerability with a CVSSv3 score of 9.8 (critical), which if exploited could allow an unauthenticated attacker to modify or ...

  • MerkSpy: Exploiting CVE-2021-40444 to Infiltrate Systems

    June 27, 2024

    Spyware is malicious software engineered to covertly monitor and gather information from a user’s computer without their awareness or consent. It can record activities like keystrokes, browsing behavior, and personal information, often transmitting this data to a third party for espionage or theft. FortiGuard Labs recently detected an attack exploiting the CVE-2021-40444 vulnerability in Microsoft Office. ...

  • New Orcinius Trojan Uses VBA Stomping to Mask Infection

    June 27, 2024

    This week, the SonicWall Capture Labs threat research team investigated a sample of Orcinius malware. This is a multi-stage trojan that is using Dropbox and Google Docs to download second-stage payloads and stay updated. It contains an obfuscated VBA macro that hooks into Windows to monitor running windows and keystrokes and creates persistence using registry keys. Read ...

  • Critical Vulnerability in Fortra FileCatalyst Workflow

    June 27, 2024

    Fortra has released a security update addressing a critical vulnerability found in FileCatalyst Workflow. FileCatalyst is an accelerated file transfer software solution that allows the transfer of large files over remote networks. CVE-2024-5276 is an SQL Injection vulnerability with a CVSSv3 score of 9.8 (critical), which if exploited could allow an unauthenticated attacker to modify or ...

  • Michigan County Restores 80 Percent of Systems After Cyber Attack

    June 27, 2024

    The computer-aided dispatch system for Grand Traverse County’s 911 service is officially back online following a cyberattack that disabled the system and many other governmental services. “As of 2 p.m. yesterday, it was operational for all first responders,” said County Administrator Nate Alger at Wednesday’s county board meeting. “I know Cherry Festival is just three days ...

  • Cyber attack ‘nothing to do with dispute’, says British Medical Association

    June 27, 2024

    The British Medical Association (BMA) has defended doctors striking at hospitals running at reduced capacity due to a significant cyber attack. While some junior doctors have been granted permission to return to work due to safety concerns, a number have continued with their industrial action at trusts in London hit by the attack. A senior BMA ...

  • Federal Reserve “breached” data may actually belong to Evolve Bank

    June 26, 2024

    A shockwave went through the financial world when ransomware group LockBit claimed to have breached the US Federal Reserve, the central banking system of the United States. On LockBit’s dark web leak site, the group threatened to release over 30 TB of banking information containing Americans’ banking data if a ransom wasn’t paid by June 25. ...