Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Threat Actors

The Kimsuky APT group is behind a phishing attack that targeted nearly 900 foreign policy experts from South Korea. The attack was intended to steal their personal information and later execute ransomware attacks. As most of these attacks are launched via phishing emails, users and organizations are urged to secure their email accounts and other critical assets.

 Malware and Vulnerabilities

Although Netgear did not disclose any information about the component affected by this bug, it did say that it is a pre-authentication buffer overflow vulnerability. The impact of a successful buffer overflow exploitation can crash the devices.

 Identity Theft, Fraud, Scams

Different malware operators are increasingly abusing the Google Ads platform to drop malware, including variants of Raccoon Stealer and the IcedID botnet. Threat actors clone the official websites of popular software to lure users into downloading their malicious versions.

 Breaches and Incidents

The firm – which is one of the biggest toy companies in the world thanks to licensing deals with Disney and Nintendo – hired cybersecurity experts to deal with the incident and restore their servers.

 Malware and Vulnerabilities

Researchers have spotted a new threat group, dubbed PureCoder, selling multiple malware, including miners, information stealers, and crypters, on the dark web. Recently, Italian cyber security agency TG Soft identified that the PureLogs information stealer was used by Alibaba2044 threat actors to launch a spam campaign aimed at Italian targets.

 Breaches and Incidents

Two days after Iowa PBS became aware of the incident, several local news outlets reported it cut short its annual fall fundraising pledge drive due to a cyberattack. The Royal ransomware group took credit for the attack.

 Breaches and Incidents

To contain the incident, CMMC isolated the infected systems and took down other parts to examine them thoroughly and determine the ransomware attack's impact. CMMC's engineers had to shut down the mill as a preventative measure.

 Malware and Vulnerabilities

Security issues surrounding crypto wallets and the entire blockchain ecosystem have become prevalent. Several crypto platforms including BTC[.]com, 3Commas, and Bitkeep have been added to the long list of crypto-related hacks. Users are recommended to practice caution, refrain from clicking on any unsafe or unsecured links, and focus on the security and integrity of Web3 security.

 Feed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two-years-old security flaws impacting TIBCO Software's JasperReports product to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The flaws, tracked as CVE-2018-5430 (CVSS score: 7.7) and CVE-2018-18809 (CVSS score: 9.9), were addressed by TIBCO in April 2018 and March 2019,

 Feed

A security researcher was awarded a bug bounty of $107,500 for identifying security issues in Google Home smart speakers that could be exploited to install backdoors and turn them into wiretapping devices. The flaws "allowed an attacker within wireless proximity to install a 'backdoor' account on the device, enabling them to send commands to it remotely over the internet, access its microphone

2022-12
Aggregator history
Friday, December 30
THU
FRI
SAT
SUN
MON
TUE
WED
DecemberJanuaryFebruary