In 2023, personal identification data has become alarmingly less private, with a staggering 81% of Americans experiencing a compromise of their information through various data breaches. This revelation comes from James E. Lee, chief operating officer of the Identity Theft Resource Center, a California-based nonprofit that aims to mitigate the…
Kremlin-Backed Malware Targets Ukrainian Military Recruits Recent findings from Google researchers reveal the emergence of a sophisticated operation allegedly backed by the Kremlin, aimed at targeting individuals considering enlistment in the Ukrainian military. This disturbing campaign utilizes information-stealing malware designed for both Windows and Android platforms, primarily disseminated through Telegram…
Albanian Organizations Targeted by Wiper Malware in Renewed Cyber Offensive A new surge of cyberattacks has been observed against Albanian organizations, primarily utilizing a destructive wiper malware identified as No-Justice. This attack, reported by ClearSky, a cybersecurity firm, has led to significant disruptions for the victims by crashing their Windows…
Fraud Management & Cybercrime, Ransomware Emerging Ransomware Group Utilizes Rust-Based Tools in New Attack Strategies Prajeet Nair (@prajeetspeaks) • October 23, 2024 Image: Shutterstock A newly formed ransomware group has emerged with advanced capabilities, reportedly developing tools designed to bypass traditional security measures. This burgeoning threat is distinguished by its…
OpenSSH Vulnerability Exposes Critical Risk to Linux Systems In a significant development for cybersecurity, the maintainers of OpenSSH have issued urgent security updates addressing a severe vulnerability that may allow unauthenticated remote code execution with root-level access on glibc-based Linux systems. This vulnerability, designated CVE-2024-6387 and dubbed "regreSSHion," resides within…
Former Employee Arrested for Attempted Data Extortion Against Missouri Company A 57-year-old man from Missouri has been apprehended following an unsuccessful attempt to extort his previous employer. Daniel Rhyne, a former core infrastructure engineer based in Kansas City, has been charged with extortion and related offenses in connection with a…
Microsoft Addresses 61 Security Vulnerabilities in May Patch Update In its latest Patch Tuesday update for May 2024, Microsoft has resolved 61 newly identified security vulnerabilities across its software products, amongst them two zero-day flaws that have been actively exploited in the wild. These updates follow a proactive security strategy…
Microsoft has announced that it is actively working on security updates to rectify two significant vulnerabilities that could potentially be exploited to conduct downgrade attacks against its Windows update system. These vulnerabilities may allow malicious actors to replace the current versions of operating system files with outdated ones, undermining the…
OpenVPN Vulnerabilities Disclosed by Microsoft: A Potential Attack Vector Microsoft recently announced the discovery of four medium-severity security vulnerabilities within the open-source OpenVPN software, which could be exploited in conjunction to enable remote code execution (RCE) and local privilege escalation (LPE). The implications of these flaws are significant, as they…
