- curl SOCKS5 heap overflow vulnerability
October 13, 2023
Client URL, or curl, and its library version libcurl are one of the most popular and integrated command line tools for data transfer. They support a wide range of protocols such as HTTP, HTTPS, SMTP and FTP and enable the user to make requests to a URL while handling all standard components of requests such ...
- Equifax fined £11 million by financial watchdog over 2017 cyber attack
October 13, 2023
The UK’s financial watchdog has fined Equifax £11 million for its role in one of the largest cyber attacks, which affected more than 13 million British consumers in 2017. The credit rating giant failed to keep its customers safe during an “entirely preventable” cybersecurity breach, the Financial Conduct Authority (FCA) said. Read more… Source: Yahoo Newss
- Cyber attack targets Medical Aid for Palestinians’ website amid Israel-Hamas conflict
October 13, 2023
In the midst of the ongoing conflict between Israel and Hamas, the Medical Aid for Palestinians organisation has reported a cyber attack on their website, which has disrupted their relief efforts for Gaza. They have also issued a warning that their website may go offline due to these disruptions. Taking to X (formerly Twitter), they posted ...
- Update now! Atlassian Confluence vulnerability is being actively exploited
October 12, 2023
Microsoft Threat Intelligence has revealed that it has been tracking the active exploitation of a vulnerability in Atlassian Confluence software since September 14, 2023. At the time the attacks were first observed the vulnerability was a zero-day, meaning that no update was available, so defenders had “zero days” to patch the flaw. The vulnerability has since ...
- Akira ransomware overview
October 12, 2023
Akira is a relatively new ransomware variant with Windows and Linux versions that came out in April 2023. Like many attackers, the gang behind this variant only uses the ransomware to encrypt files after first breaking into a network and stealing data. This group also employs a double extortion tactic, demanding a ransom from victims ...
- ToddyCat: Keep calm and check logs
October 12, 2023
ToddyCat is an advanced APT actor that Kaspersky researchers described in a previous publication last year. The group started its activities in December 2020 and has been responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Kaspersky first publication was focused on their main tools, Ninja Trojan and Samurai Backdoor, and ...
- India’s Bank of Baroda expose worsens: Agents steal money from accounts
October 12, 2023
India’s Bank of Baroda made it simple and easy for its agents to steal money from the accounts of its customers. And some of them did steal 2.2 million rupees ($27,000) from 362 customers, internal audit reports and records of the bank have revealed. The audits come after an expose by The Reporters’ Collective (TRC) and ...
- Automatic disruption of human-operated attacks through containment of compromised user accounts
October 11, 2023
Based on incidents analyzed by Microsoft, it can take only a single hop from the attacker’s initial access vector to compromise domain admin-level accounts. For instance, an attacker can target an over-privileged service account configured in an outdated and vulnerable internet-facing server. Highly privileged user accounts are arguably the most important assets for attackers. Compromised domain ...
- Cybersecurity’s Importance in Military Maritime Operations
October 11, 2023
In an era defined by interconnectedness and digital transformation, the role of cybersecurity in modern maritime warfare has grown. The maritime domain is increasingly vulnerable to cyber threats which can have serious consequences to national security. Cybersecurity is no longer just a matter of protecting data, but also protecting critical defence assets, and the ability ...
- Stayin’ Alive – targeted attacks against telecoms and government ministries in Asia
October 11, 2023
In the last few months, Check Point Research has been tracking “Stayin’ Alive”, an ongoing campaign that has been active since at least 2021. The campaign operates in Asia, primarily targeting the Telecom industry, as well as government organizations. The “Stayin’ Alive” campaign consists of mostly downloaders and loaders, some of which are used as ...
- 10 zero-day vulnerabilities in industrial cell router could lead to code execution, buffer overflows
October 11, 2023
Cisco Talos recently disclosed 11 vulnerabilities, 10 of which are zero-days without a patch in an industrial cellular router. Attackers could exploit these vulnerabilities in the Yifan YF325 to carry out a variety of attacks, in some cases gaining the ability to execute arbitrary shell commands on the targeted device. The one other security issue Talos ...