The Record-Centered.svg

Home

Subscribe to Cyber Daily®

CVE-2024-1709

CVE-2024-1709 is an authentication bypass vulnerability in ConnectWise ScreenConnect that is being actively exploited and has a maximum severity rating, allowing attackers to gain unauthenticated access to critical systems.

CVE-2024-21413

CVE-2024-21413 is a critical remote code execution vulnerability in Microsoft Outlook that has been actively exploited, allowing attackers to execute code by sending a malicious email.

CVE-2024-25600

A critical security flaw (CVE-2024-25600) in the Bricks theme for WordPress is actively being exploited by attackers to execute arbitrary PHP code on vulnerable installations.

LockBit Gang

The LockBit ransomware gang, responsible for multiple cyberattacks and data breaches, has been disrupted by a coalition of international law enforcement agencies, including the FBI and UK National Crime Agency.

CVE-2024-22245

CVE-2024-22245 is a critical vulnerability in VMware's Enhanced Authentication Plugin (EAP) that allows malicious actors to relay Kerberos service tickets and hijack privileged EAP sessions.

Volt Typhoon

The US government has disrupted the activities of the Chinese state-sponsored hacking group known as Volt Typhoon, which has been targeting critical infrastructure in the US and abroad, including power plants and communications hubs, with the intent to compromise physical industrial control systems.

CVE-2020-1054

The use of Raspberry Robin one-day exploits, such as CVE-2020-1054, for privilege escalation was previously highlighted by Check Point in April 2023.

CVE-2020-3259

The Akira ransomware group is actively exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259, which allows remote attackers to extract usernames and passwords from affected devices.

RedGolf

RedGolf, also known as APT 41, is a cyber attacker group that has been involved in various malicious activities.

BlueBravo

BlueBravo, also known as APT29, is a cyber attacker group responsible for recent breaches targeting Microsoft and other organizations.

Cactus Ransomware Group

The Cactus ransomware group has recently claimed responsibility for a cyber attack on Schneider Electric, stealing 1.5TB of data from the company's network.

R00TK1T ISC

The international hacker group R00TK1T has launched a cyberattack campaign against Malaysia, targeting various organizations and threatening to expose stolen data.

LockBit Ransomware

LockBit ransomware, one of the most prolific and active ransomware groups, has been disrupted and its infrastructure seized in a multinational law enforcement operation, resulting in arrests and the potential for decryption capabilities to help victims restore their systems.

SSH-Snake

SSH-Snake is a self-modifying worm that uses SSH credentials to spread throughout networks, posing a significant threat to corporate infrastructures, according to Sysdig researchers.

Akira Ransomware

The Akira ransomware group has been actively exploiting vulnerabilities in Cisco ASA and FTD software to target organizations, including Swedish businesses, universities, and government agencies.

Vidar

Recent information indicates that the Vidar stealer malware has been actively used in attacks, compromising victims' data and credentials, and posing a significant threat to online security.

VietCredCare

The VietCredCare information stealer, targeting Facebook advertisers in Vietnam since August 2022, is notable for its ability to filter out Facebook credentials and hijack accounts for political content or phishing scams.

Lockbit 3.0

LockBit 3.0, a prolific ransomware group, has targeted numerous organizations globally, demanding large ransoms for the release of encrypted data.

Leaked documents open the lid on China’s commercial hacking industry

FTC hits Avast with $16.5 million fine over allegations of selling users’ browsing data

LockBit takedown: Police shut more than 14,000 accounts on Mega, Tutanota and Protonmail

Latest News

Briefs