SecurityWeek reports that Siemens has confirmed that its Ruggedcom APE1808 devices configured with a Palo Alto Networks virtual next-generation firewall may be impacted by the actively exploited Palo Alto Networks firewall vulnerability, tracked as CVE-2024-3400.
CyberScoop reports that over 100 Ukrainian local government and police documents uploaded to VirusTotal in February were discovered to have been infected with the OfflRouter malware, which dates back to 2015 and could only spread through already compromised files and removable media devices.
TechCrunch reports that popular phone tracking app iSharing had the exact location details of its more than 35 million users exposed due to vulnerabilities that prevented the app's servers from conducting proper checks of user data access.
Organizations in the Americas, Europe, and Asia have been subjected to the ongoing FROZEN#SHADOW attack campaign that involved the distribution of the stealthy SSLoad malware alongside Cobalt Strike and ConnectWise ScreenConnect software to compromise networks, reports The Hacker News.
Organizations around the world have improved their cyber incident detection capabilities last year, with median dwell times dropping to 10 days, which is the lowest in a decade, and internal compromise detection rates rising from 37% in 2022 to 46% in 2023, SiliconAngle reports.
BleepingComputer reports that U.S., Germany, Japan, and UK systems have been subjected to ongoing attacks by suspected Vietnamese hacking group CoralRaider leveraging a content delivery network cache to facilitate the deployment of information-stealing payloads.
The U.S. State Department has subjected more than a dozen individuals allegedly involved in spyware development and distribution, as well as their immediate family members, to visa prohibitions as part of the country's efforts to crack down on spyware misuse, according to The Hacker News.
U.S. political action committee Lincoln Project, which was formed in 2019 to counter former President Donald Trump's re-election bid, has been impacted by a business email compromise attack in February that resulted in the exfiltration of $35,000, reports The Record, a news site by cybersecurity firm Recorded Future.
Intrusions hijacking the eScan antivirus software's updating mechanism have been conducted by threat actors suspected to be linked to North Korean advanced persistent threat operation Kimsuky to facilitate the delivery of the sophisticated GuptiMiner malware that would then distribute cryptocurrency mining payloads, according to BleepingComputer.
SiliconAngle reports that mounting security alert fatigue has prompted Torq to introduce its new HyperSOC system based on its Hyperautomation Platform using artificial intelligence to enable security operation center response automation, management, and monitoring in a bid to bolster the investigation and remediation of cybersecurity threats.
Attacks leveraging fraudulent job lures to distribute the new Kaolin RAT malware have been launched by North Korean hacking collective Lazarus Group against individuals across Asia last summer, reports The Hacker News.
BleepingComputer reports that Android devices could have their data compromised and be eventually hijacked in attacks with the novel Brokewell banking trojan.
Attacks by Russian threat operation APT28, also known as Fancy Bear, Strontium, and Forest Blizzard, using the GooseEgg malware to exploit the Windows print spooler flaw, tracked as CVE-2022-38028, have prompted the security issue's inclusion to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, Security Affairs reports.
Data exfiltration and privilege escalation attacks leveraging the novel GooseEgg hacking tool to exploit an already addressed Windows Print Spooler flaw, tracked as CVE-2022-38028, have been deployed by Russian cyberespionage operation APT28, also known as Forest Blizzard, against government, education, transportation, and non-government organizations since April 2019, BleepingComputer reports.
Stealthy industrial-scale data exfiltration attacks have been launched by Chinese cyberespionage operation ToddyCat against government entities, including defense organizations, across the Asia-Pacific through its arsenal of advanced hacking tools, according to The Hacker News.