Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining

06/03/2024 0 Comments 0 tags

Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency

How to Find and Fix Risky Sharing in Google Drive

06/03/2024 0 Comments 0 tags

Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn’t anyone’s fault; it’s inevitable as your productivity suite is purposefully

A New Way To Manage Your Web Exposure: The Reflectiz Product Explained

06/03/2024 0 Comments 0 tags

An in-depth look into a proactive website security solution that continuously detects, prioritizes, and validates web threats, helping to mitigate security, privacy, and compliance risks.  [Reflectiz shields websites from client-side attacks,

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

06/03/2024 0 Comments 0 tags

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities

U.S. Cracks Down on Predatory Spyware Firm for Targeting Officials and Journalists

06/03/2024 0 Comments 0 tags

The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned two individuals and five entities associated with the Intellexa Alliance for their role in “developing, operating, and distributing”

Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws

06/03/2024 0 Comments 0 tags

Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below – CVE-2024-23225 –

New APT Group ‘Lotus Bane’ Behind Recent Attacks on Vietnam’s Financial Entities

06/03/2024 0 Comments 0 tags

A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane that was first detected in March 2023. Singapore-headquartered Group-IB described the hacking outfit as an

Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries

06/03/2024 0 Comments 0 tags

The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. “TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on

Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware

05/03/2024 0 Comments 0 tags

North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets

05/03/2024 0 Comments 0 tags

More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were