Even before the FBI seized domains related to BreachForums, the notorious online bazaar where cybercriminals bought and sold hacked or stolen data, a replacement marketplace was taking shape. Now, less than a month after that high-profile takedown on June 23 involving a consortium of U.S. and law enforcement agencies, the new version of BreachForums is active, growing and facilitating illicit trade in the most sensitive information about millions of individuals and hundreds of organizations. READ MORE...
Faced with a barrage of ransomware attacks hitting zero-days in its MOVEit product line, Progress Software late Thursday announced plans to release regular service packs promising a "predictable, simple and transparent process for product and security fixes." Less than a month after the notorious Cl0p ransomware gang started naming organizations hit by MOVEit zero-day exploits, Progress Software rolled out its first service pack with patches for at least three critical security defects. READ MORE...
Federal authorities are warning that hackers are leveraging TrueBot malware, also known as Silence Downloader, in phishing attacks against U.S. and Canadian targets, officials including the FBI and Cybersecurity and Infrastructure Security Agency said Thursday. Since late May, malicious actors have been exploiting a known vulnerability in Netwrix Auditor, identified as CVE-2022-31199, for initial access to deliver new TrueBot variants and steal data from targeted entities. READ MORE...
In a recent attack against a US-based think tank, Iranian cyberespionage group Charming Kitten was observed porting a PowerShell backdoor to macOS, Proofpoint reports. The attack started in mid-May with a lure sent to the public media contact for a nuclear security expert at the think tank, requesting feedback on a project and permissions to send a draft for review. READ MORE...
Security researchers have dissected a recently emerged ransomware strain named 'Big Head' that may be spreading through malvertising that promotes fake Windows updates and Microsoft Word installers. Two samples of the malware have been analyzed before by cybersecurity company Fortinet, who looked at the infection vector and how the malware executes. READ MORE...
CISA ordered federal agencies today to patch a high-severity Arm Mali GPU kernel driver privilege escalation flaw added to its list of actively exploited vulnerabilities and addressed with this month's Android security updates. The flaw (tracked as CVE-2021-29256) is a use-after-free weakness that can let attackers escalate to root privileges or gain access to sensitive information on targeted Android devices by allowing improper operations on GPU memory. READ MORE...