Cyber Security Landscape Amidst Rising Threats: Insights from the 2024 Breaches Survey The recently released 2024 Cyber Security Breaches Survey paints a concerning picture for UK businesses grappling with escalating cyber threats. As the frequency and sophistication of cyber-attacks continue to rise, particularly targeting larger enterprises, organizations are increasingly challenged…
On Tuesday, Microsoft released a set of critical updates addressing a total of 90 security vulnerabilities within its software, including ten zero-day exploits. Notably, six of these zero-days are actively being leveraged in real-world attacks, raising significant concerns regarding the potential for widespread exploitation in the wild. The vulnerabilities span…
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added a significant vulnerability related to Jenkins to its Known Exploited Vulnerabilities (KEV) catalog due to its exploitation in ransomware attacks. This vulnerability, designated as CVE-2024-23897 with a critical CVSS score of 9.8, is classified as a path traversal flaw that…
Cybersecurity experts have identified a significant vulnerability in Jenkins, a widely-used continuous integration and delivery platform. Attackers can exploit improperly configured Jenkins Script Console instances to facilitate malicious activities, including cryptocurrency mining. Shubham Singh and Sunil Bharti from Trend Micro recently detailed this risk, noting that misconfigurations related to authentication…
ViperSoftX Malware Exploits eBook Distribution for Stealthy PowerShell Execution The sophisticated malware known as ViperSoftX has recently been detected in a new distribution method involving the use of eBooks shared through torrent sites. Since its first identification by Fortinet in 2020, ViperSoftX has become notorious for its ability to exfiltrate…
Cyber threat actors are now actively taking advantage of a critical vulnerability that has been recently patched in Atlassian Confluence Data Center and Confluence Server software. This vulnerability has been leveraged to facilitate unauthorized cryptocurrency mining on vulnerable systems. According to Trend Micro’s researcher Abdelrahman Esmail, the attackers have employed…
New Malware Campaign Targets Japanese Organizations: A Deep Dive into the Cuckoo Spear Campaign Recent intelligence from Israeli cybersecurity firm Cybereason has unveiled a sophisticated malware campaign that poses significant threats to organizations in Japan. This operation is led by a nation-state actor from China, which has been leveraging advanced…
The China-supported hacking group known as Earth Baku has expanded its operational focus, shifting from mainly Indo-Pacific targets to include nations across Europe, the Middle East, and Africa since late 2022. Countries recently identified as potential targets of this group include Italy, Germany, the United Arab Emirates, and Qatar, with…
