hacking attacks - Cyber Bunee

bunee
November 7, 2023
No Comments

“SideCopy Attacks: WinRAR Vulnerability Exploited Targeting Indian Government”

SideCopy Exploits WinRAR Vulnerability to Target Indian Government Main Points The Pakistan-linked threat actor SideCopy has been exploiting the WinRAR security vulnerability. This attack targets Indian government entities to deliver remote access trojans (RATs) like AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE described the campaign as multi-platform, designed to infiltrate both Windows

bunee
November 7, 2023
No Comments

“Ransomware Strikes: How Flaws in Atlassian Confluence and Apache ActiveMQ are Being Exploited”

Ransomware Groups Exploiting Flaws in Atlassian Confluence and Apache ActiveMQ Several ransomware groups are taking advantage of recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Security firm Rapid7 detected exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple user environments, with some deployments of Cerber ransomware. Both of these vulnerabilities are critical, empowering threat actors with

bunee
November 7, 2023
No Comments

“Boost Your IT Security: Veeam’s New Updates Address Critical Flaws in ONE Monitoring Platform”

Veeam Updates its ONE IT Monitoring Platform to Fix Four Flaws Released Security Updates Veeam, your favorite virtual vacuum that sucks up IT issues, has recently released security updates. It’s mopping up four flaws identified in its ONE IT monitoring and analytics platform. Just goes to show, there’s nothing like a good clean sweep in

bunee
November 6, 2023
No Comments

“QNAP Reinforces Cybersecurity: Essential Updates on Critical Security Patches”

Quick Update: QNAP Patches Two Critical Security Bugs To embark on a cyber journey, here are the main cyber waypoints: – QNAP issued security updates to fix two critical security glitches in its operating system. – CVE-2023-23368 (with a concerning CVSS score of 9.8) is a command injection bug impacting QTS, QuTS hero, and QuTScloud.

bunee
November 6, 2023
No Comments

“Unmasking the Stealthy: Jupyter Malware’s Updated Version Bolsters Power and Persistency”

Updated Jupyter Malware Comes with a Stealthy Makeover Main Points An updated version of the Jupyter malware has been identified with crucial changes for increased stealth. The malware uses modified PowerShell commands and signatures of private keys to mask itself as a legitimate tool. This new wave of Jupyter Infostealer attacks is more persistent, potentially

bunee
November 6, 2023
No Comments

Unveiling Agonizing Serpens: The Story Behind Cyber Attacks in Israel’s Tech Industry

Operational 404 – A Case of Serious Cyber Mischief Serious and repeated cyber attacks have been launched targeting Israeli’s higher education and tech sectors since January 2023 The motive behind these attacks is to deploy an unseen wiper malware The cyber miscreants, named “Agonizing Serpens/Agrius”, reported to be an Iranian state-sponsored hacking group, are said

bunee
November 6, 2023
No Comments

“U.S Treasury Sanctions Crypto Launderer: Unmasking Ekaterina Zhdanova’s Connection to Ryuk Ransomware”

U.S. Treasury Places Sanctions on Cybercurrency Laundress • The U.S. Department of Treasury has implemented sanctions against Ekaterina Zhdanova, a Russian woman involved in virtual currency laundering for Russian elites and cybercriminal groups. • Zhdanova has been instrumental in facilitating large cross border transactions to aid Russian personas access to Western finances. • She also

bunee
November 4, 2023
No Comments

Unmasking StripedFly: The Silent Crypto-mining Malware That Infected Millions for Five Years Unnoticed

StripedFly Malware: A ‘Crypto-mining’ Multi-million Intruder Lurking for Half a Decade Main points: – Advanced malware dubbed as StripedFly has been active for over five years unnoticed – It infected one million devices globally – StripedFly mirrors a cryptocurrency miner – It’s an intricate modular framework that targets both Linux and Windows – Findings were

bunee
November 4, 2023
No Comments

“Google Introduces ‘Independent Security Review’ Badge for Audited Android Apps: A New Era of Data Safety”

Google Unfurls ‘Independent Security Review’ Badge for Audited Android Apps Main Points: Google is introducing an “Independent security review” icon in the Play Store’s Data safety section for Android apps that have gone through a Mobile Application Security Assessment (MASA) check. The roll-out began with VPN applications due to the critical and significant amount of

bunee
November 4, 2023
No Comments

“Unveiling the Okta Security Breach: Impact, Analysis and Recovery Steps”

**Main Points:** – Okta, the identity and authentication management provider, recently announced a security breach in its support case management system, affecting 134 out of its 18,400 customers. – An unauthorized user accessed Okta’s systems periodically from September 28 to October 17, 2023. – The intruder reportedly accessed HAR files which contain session tokens, potentially

Category: hacking attacks