Click Here Podcast

The Record-Centered.svg

Home

Subscribe to Cyber Daily®

CVE-2023-6345

Google has released an urgent security update for its Chrome browser to address an actively exploited zero-day vulnerability, CVE-2023-6345, which is an integer overflow bug in the Skia graphics library.

CVE-2023-49103

Threat actors have been actively exploiting a critical vulnerability (CVE-2023-49103) in ownCloud, exposing sensitive information such as admin passwords and license keys in containerized deployments.

CVE-2023-42916

CVE-2023-42916 is a moderate vulnerability in Apple's WebKit browser engine that allows unauthorized access to protected memory areas, potentially leading to the extraction of sensitive information.

Cyber Av3ngers

The Iran-linked hacker group Cyber Av3ngers has claimed responsibility for hacking multiple water treatment plants in Israel and a water facility in Pennsylvania, targeting equipment made in Israel.

CVE-2023-4966

LockBit ransomware affiliates are actively exploiting the Citrix Bleed vulnerability (CVE-2023-4966) to breach systems, steal data, and encrypt files in large organizations.

CVE-2023-42917

Vulnerability CVE-2023-42917 is a memory corruption bug that could allow arbitrary code execution when processing web content.

Rhysida Ransomware Group

The Rhysida ransomware group has been actively targeting various organizations, including the British Library and King Edward VII's Hospital, exploiting vulnerabilities like Zerologon and conducting successful phishing attempts.

CVE-2023-40056

The SolarWinds Platform is affected by a high-risk SQL injection vulnerability (CVE-2023-40056), which can be exploited with a low privileged account, and has been patched in the latest release (2023.4.2) by SolarWinds.

Lazarus Group

The Lazarus Group, also known as APT-C-26, has been involved in supply chain attacks, cyber heists, and cryptocurrency thefts, with recent activities targeting companies like CyberLink and Poloniex.

SugarGh0st

Suspected Chinese-speaking threat actors have been using the SugarGh0st RAT malware to target the Uzbekistan Ministry of Foreign Affairs and individuals in South Korea.

CL0P Ransomware Group

The CL0P ransomware group has been exploiting zero-day vulnerabilities in various software applications, such as MOVEit and SysAid IT support software, to carry out data breaches and extort organizations worldwide.

BlackBasta Ransomware

BlackBasta ransomware group, believed to be an offshoot of the Conti gang, has amassed over $100 million in ransom payments since its emergence in April 2022.

Lockbit 3.0

LockBit 3.0 ransomware, exploiting the Citrix Bleed vulnerability, has been targeting various organizations worldwide, encrypting files, and stealing sensitive data.

ALPHV Ransomware Group

The notorious ALPHV ransomware group, also known as BlackCat, has recently targeted multiple organizations, including Clorox, MeridianLink, Fidelity National Financial, and McLaren Health Care, compromising their systems and stealing sensitive data.

Scattered Spider

Scattered Spider, a cybercriminal group known for its social engineering tactics, has recently formed an alliance with the notorious ransomware outfit BlackCat and has been targeting large companies and their IT help desks, causing significant financial damage.

RedLine Stealer

Threat actors are using a malvertising campaign to distribute the RedLine Stealer malware, targeting users searching for CPU-Z and redirecting them to a fake Windows news portal. The malware steals sensitive data, including passwords and credit card numbers, and is sold on underground forums. It is often deployed alongside other information stealers like Vidar and is capable of exfiltrating data from browsers and cryptocurrency wallets. The malware utilizes obfuscation tools like ScrubCrypt to evade detection by antivirus software.

ALPHV  Ransomware

The notorious ransomware group ALPHV, also known as BlackCat, has claimed responsibility for cyberattacks on various organizations, including Fidelity National Financial and McLaren Health Care.

LummaC2

LummaC2 is a new variant of an information-stealing malware that utilizes trigonometry-based anti-sandbox techniques and targets Google accounts.

60 credit unions facing outages due to ransomware attack on popular tech provider

HHS warns of ‘Citrix Bleed’ attacks after hospital outages

Cyber Command, NSA nominee now double-blocked

Latest News

Briefs