A significant cybersecurity threat has emerged as the Kinsing group exploits a severe vulnerability in Apache ActiveMQ servers, leading to infections of Linux systems with cryptocurrency miners and rootkits. This critical flaw is identified as CVE-2023-46604, categorized as having a maximum CVSS score of 10.0, which allows remote code execution.…
Garmin Faces Major Service Disruption Following Ransomware Attack Garmin, the renowned manufacturer of fitness trackers, smartwatches, and GPS devices, is currently grappling with a significant global outage due to a targeted ransomware attack. This incident was confirmed by an anonymous employee speaking to The Hacker News. The company’s official communications,…
Recent months have seen a marked increase in ransomware assaults targeting critical infrastructure, with cybersecurity researchers identifying a new group engaging in sophisticated, multistage attacks aimed primarily at major corporate networks within Russia. This emerging threat actor, dubbed “OldGremlin,” appears to be linked to numerous operations that have been active…
Recent cybersecurity investigations have unveiled significant insights into the functioning of a notorious malware family known as SystemBC. This malware operates through a command-and-control (C2) server setup that has been analyzed by researchers at Kroll, revealing its availability for purchase on various underground marketplaces. Kroll’s analysis indicates that purchasers receive…
The notorious TrickBot malware, renowned for its adaptability, has recently expanded its arsenal to exploit firmware vulnerabilities as a potential means for deploying bootkits and gaining comprehensive control of compromised systems. This new capability, called “TrickBoot,” enables attackers to leverage widely accessible tools to scan devices for recognized weaknesses that…
ConnectWise ScreenConnect Software Patch Addresses Critical Security Vulnerabilities ConnectWise has recently issued crucial software updates to rectify two significant security vulnerabilities in its ScreenConnect remote desktop software, including a critical flaw that could allow remote code execution on compromised systems. This follows the identification of these vulnerabilities, which the company…
Recent findings by cybersecurity researchers have unveiled vulnerabilities in the Hugging Face Safetensors conversion service, potentially allowing adversaries to hijack user-submitted machine learning models, effectively leveraging them for supply chain attacks. The implications of this discovery raise significant concerns for businesses relying on the Hugging Face platform for their machine…
Cybersecurity analysts have recently identified a new malware strain dubbed “Raindrop” as part of the SolarWinds supply chain attack, a significant breach that was uncovered late last year. This fourth strain adds to the existing suite of malicious tools, including Sunspot, Sunburst (also referred to as Solorigate), and Teardrop, all…
On Wednesday, Microsoft provided additional insights into the methodologies employed by the attackers behind the SolarWinds breach, one of the most intricate cybersecurity incidents in recent history. This deeper understanding is crucial as cybersecurity firms endeavor to gain a more definitive grasp of the attack’s sophisticated nature. Describing the attackers…
