MOVEit body count closes in on 400 orgs, 20M+ individuals
‘One of the most significant hacks of recent years,’ we’re told The number of victims and costs tied to the MOVEit file transfer hack continues to climb as the fallout…
P2PInfect Worm Malware Targets Linux and Windows Redis Servers
A new peer-to-peer (P2P) malware, named P2PInfect, has been discovered by Unit 42 researchers. This self-spreading malware targets Redis instances running on Internet-exposed Windows and Linux systems. P2PInfect is a…
OpenSSH Security Update: Mitigating CVE-2023-38408
OpenSSH, a widely used implementation of the Secure Shell protocol (SSH), has released its latest version, OpenSSH 9.3p2. This update addresses a significant security bug, CVE-2023-38408, which could potentially be…
University Students Targeted by Bioscience Job Scams
In a recent series of campaigns identified by Proofpoint, university students have been targeted with fraudulent job offers purportedly related to bioscience and health entities. These campaigns, which began as…
SophosEncrypt Ransomware Masquerades as Cybersecurity Vendor
In the complex world of cyber threats, it’s vital to stay updated on the latest tactics, techniques, and procedures (TTPs) employed by threat actors. Today, we explore a recent ransomware-as-a-service…
Critical Vulnerability CVE-2023-3519 in Citrix ADC and Gateway
A critical vulnerability, tracked as CVE-2023-3519 (NVD), has been identified in Citrix ADC and Gateway products. This vulnerability is currently being exploited in the wild and the rate of exploitation…
Oracle July 2023 Critical Patch Update: Overview
Oracle has released its July 2023 Critical Patch Update (CPU), which includes a staggering 508 new security patches. This update is significant due to the sheer volume of patches and…
Supply Chain Attack Targeting Pakistani Government Delivers ShadowPad – Trend Micro
A recent investigation by Trend Micro has uncovered a potential supply chain attack targeting the Pakistani government. The attack involves an MSI installer for the Pakistani government app E-Office, which…
Threat Actor Profile: Anonymous Sudan
Anonymous Sudan, a threat actor group that emerged in January 2023, has been making headlines with its global cyberattacks. The group has targeted a wide range of countries and sectors,…
Unmasking Shadows: How a Cybercriminal Accidentally Revealed His Identity
In a fascinating turn of events, a threat actor known by the online moniker ‘La_Citrix’ inadvertently exposed their real identity by infecting their own computer with an information stealer. This…