Latest Intelligence
Lumma Stealer Activity Drops After Doxxing
The article discusses a significant drop in activity from the Lumma Stealer group following a doxxing campaign that exposed the identities of its alleged core members. This exposure may have impacted the group's operations and effectiveness in cybercriminal activities. Read Original »
ConnectWise Patches Critical Flaw in Automate RMM Tool
ConnectWise has patched a critical vulnerability in its Automate Remote Monitoring and Management (RMM) tool. This flaw could allow attackers to intercept and manipulate communications in specific configurations, posing a significant security risk. Read Original »
⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More
The article highlights the increasing trend of long-term, silent breaches in cybersecurity, emphasizing the need for organizations to enhance their vigilance and monitoring strategies rather than solely relying on quick patching. It suggests that attackers may be infiltrating defenses without immediate detection, making proactive observation crucial. Read Original »
CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting the active exploitation of these security flaws. These vulnerabilities pose significant risks to federal enterprises and necessitate timely remediation to protect against cyber threats. Read Original »
Analysing ClickFix: 3 Reasons Why Copy/Paste Attacks Are Driving Security Breaches
ClickFix attacks, which involve user interaction with malicious scripts in web browsers, are increasingly leading to security breaches. These attacks often present users with challenges like CAPTCHAs or webpage errors to exploit their actions. Read Original »
131 Chrome Extensions Caught Hijacking WhatsApp Web for Massive Spam Campaign
Cybersecurity researchers have identified a spam campaign utilizing 131 rebranded clones of a WhatsApp Web automation extension for Google Chrome, targeting Brazilian users. These extensions, which share the same codebase and infrastructure, have approximately 20,905 active users. Read Original »
Vulnerability in Dolby Decoder Can Allow Zero-Click Attacks
A vulnerability in the Dolby Decoder on Android devices allows for an out-of-bounds write issue, which can be exploited without any user interaction. This could lead to zero-click attacks during the processing of media files. Read Original »
NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million
A judge has ordered NSO Group to cease its hacking activities targeting WhatsApp, while significantly reducing the punitive damages from $167 million to $4 million. This ruling highlights ongoing legal battles surrounding cybersecurity and privacy issues. Read Original »
American Airlines Subsidiary Envoy Air Hit by Oracle Hack
Envoy Air, a subsidiary of American Airlines operating under the American Eagle brand, has reported a data breach where hackers stole business information. This incident highlights ongoing cybersecurity challenges faced by companies in the aviation sector. Read Original »
MSS Claims NSA Used 42 Cyber Tools in Multi-Stage Attack on Beijing Time Systems
China has accused the U.S. National Security Agency (NSA) of executing a premeditated cyber attack against the National Time Service Center, labeling the U.S. as a 'hacker empire.' The Ministry of State Security claims to have found irrefutable evidence of the NSA's involvement in this cyber intrusion. Read Original »
China Accuses US of Cyberattack on National Time Center
China's Ministry of State Security has accused the United States of conducting a cyberattack on its National Time Center. The allegation claims that the NSA took advantage of vulnerabilities in a foreign mobile phone brand's messaging services to access sensitive information. Read Original »
Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide
Europol has disrupted a cybercrime-as-a-service platform known as Operation SIMCARTEL, which operated a SIM farm facilitating various criminal activities, including phishing and investment fraud. The operation led to the arrest of seven suspects and the seizure of significant resources. Read Original »
New .NET CAPI Backdoor Targets Russian Auto and E-Commerce Firms via Phishing ZIPs
Cybersecurity researchers have identified a new campaign targeting the Russian automobile and e-commerce sectors with a .NET malware known as CAPI Backdoor. The attack involves phishing emails that contain a ZIP archive to initiate the infection. Read Original »
Cyber Academy Founder Champions Digital Safety for All
Aliyu Ibrahim Usman, the founder of the Cyber Cadet Academy in Nigeria, is dedicated to promoting cybersecurity awareness amid increasing global security concerns. His efforts aim to educate individuals about digital safety and the importance of cybersecurity. Read Original »
Silver Fox Expands Winos 4.0 Attacks to Japan and Malaysia via HoldingHands RAT
The Winos 4.0 malware family has expanded its operations to Japan and Malaysia, targeting users with phishing emails that contain malicious PDF links. This campaign is associated with another RAT known as HoldingHands RAT. Read Original »