North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked Lazarus APT group using an admin-to-kernel exploit for a zero-day vulnerability in the appid.sys AppLocker driver. The zero-day, tracked as CVE-2024-21338 has been addressed by Microsoft in the February […]
Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. Cencora, Inc., formerly known as AmerisourceBergen, is an American drug wholesale company and a contract research organization that was formed by the merger of Bergen Brunswig and AmeriSource in 2001. […]
Analyzing the Email Security Landscape and exploring Emerging Threats and Trends. In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming to safeguard their assets. Amidst this dynamic landscape, email stands as a primary battleground for cyber defense. VIPRE Security Group’s latest report, “Email Security in 2024: An Expert […]
The FBI, CISA, and the Department of HHS warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. A cybersecurity alert published by the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. The US agencies released a report containing IOCs and […]
Russian cyberspies are compromising Ubiquiti EdgeRouters to evade detection, warns a joint advisory published by authorities. The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber […]
New threat actors have started exploiting ConnectWise ScreenConnect vulnerabilities, including the Black Basta and Bl00dy ransomware gangs. Multiple threat actors have started exploiting the recently disclosed vulnerabilities, tracked as CVE-2024-1709 (CVSS score of 10) and CVE-2024-1708 (CVSS score of 8.4), in the ConnectWise ScreenConnect software. ConnectWise recently warned of the following two critical vulnerabilities in […]
Researchers warn of an XSS vulnerability, tracked as CVE-2023-40000, in the LiteSpeed Cache plugin for WordPress Patchstack researchers warn of an unauthenticated site-wide stored XSS vulnerability, tracked as CVE-2023-40000, that impacts the LiteSpeed Cache plugin for WordPress. The plugin LiteSpeed Cache (free version) is a popular caching plugin in WordPress which has over 4 million active installations. An unauthenticated […]
A new malware campaign is targeting a Ukraine entity in Finland with Remcos RAT distributed via a loader called IDAT Loader. Morphisec Threat Labs researchers observed a new malware campaign targeting a Ukraine entity in Finland with Remcos RAT distributed via a loader called IDAT Loader. The Computer Emergency Response Team of Ukraine (CERT-UA) linked […]
Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397, CVE-2023-6398, CVE-2023-6399, and CVE-2023-6764, in its firewalls and access points. The flaws can be exploited by threat actors to carry out command injection and denial-of-service attacks and to […]
Russia-linked APT29 threat actors have switched to targeting cloud services, according to a joint alert issued by the Five Eyes cybersecurity agencies. A joint advisory issued by cybersecurity agencies of Five Eyes (US, UK, Australia, Canada and New Zealand) warns that Russia-linked APT29 threat actors (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) have switched to targeting […]