A new cryptojacking operation has been found targeting lesser-known AWS offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to secretly mine cryptocurrency. Named AMBERSQUID, the campaign manages to exploit these cloud services without triggering AWS’s usual resource approval process. The services are referred to as uncommon since they are overlooked from a security […]
Sep 21, 2023THNVulnerability / Exploit A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with Venom RAT malware. “The fake PoC meant to exploit this WinRAR vulnerability was based on a publicly available PoC script that exploited […]
Two vulnerabilities discovered earlier this year in Atos Unify products could allow malicious actors to cause disruption and even backdoor the targeted system. The flaws were found in the unified communications and collaboration solution by researchers at SEC Consult, an Austria-based cybersecurity consulting firm that is part of the Atos Group’s Eviden business. The vulnerabilities […]
Full ine up for Autumn on Marine Parade announced Horse Meat Disco Horse Meat Disco, Sean Johnston, Nooriya, Bakey b2b FelixCW, Riordan, Katy B (DJ Set), Sigma, Demi Riquisimo, Page Tomlinson, DJ Seinfeld, t e s t p r e s s, Kai Campos, TSHA, Eats Everything and more have been announced for the next […]
Sep 20, 2023THNNetwork Security / Vulnerability Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Following responsible disclosure on August 4, 2023, They have been patched […]
Pizza Hut’s Australian operations have been hit by a cyber-attack, the company says, with customer data including delivery addresses and order details stolen in the hack. In an email to customers on Wednesday, Pizza Hut Australia’s chief executive, Phil Reed, said the company became aware in early September that there had been “unauthorised third party” […]
Ransomware attackers remain a major threat to the United States and are on pace to have their second most profitable year ever, the Department of Homeland Security said in an annual report. The findings were part of the department’s 2024 Homeland Threat Assessment report released last week, which outlined a range of issues related to […]
Cloud Security , Security Operations Deal Will Offer Visibility Into Application Behavior, Vulnerability Prioritization Michael Novinson (MichaelNovinson) • September 19, 2023 CrowdStrike plans to purchase a Silicon Valley application security startup founded by two Israel Defense Forces veterans in a bid to expand risk visibility and protection across entire cloud computing environments. See […]
Key Takeaways Proofpoint has observed an increase in activity from specific malware families targeting Chinese-language speakers. Campaigns include Chinese-language lures and malware typically associated with Chinese cybercrime activity. Newly observed ValleyRAT is emerging as a new malware among Chinese-themed cybercrime activity, while Sainbox RAT and related variants are recently active as well. The increase in […]