Collaborate Disseminate
North Korean threat actors are once again attempting to compromise security researchers’ machines by employing a zero-day exploit. The warning comes from Google’s own security researchers Clement Lecigne and Maddie Stone, who detailed the l… Continue reading North Korean hackers target security researchers with zero-day exploit
A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system’s Gatekeeper, Malwarebytes researchers have discovered. Mac malware delivered through Google ads The malware, which was first advert… Continue reading MacOS malware has a new trick up its sleeve
A cyberattack campaign is targeting exposed Microsoft SQL (MS SQL) databases, aiming to deliver ransomware and Cobalt Strike payloads. The attack campaign The attackers target exposed MS SQL servers by brute-forcing access credentials. After having suc… Continue reading Cybercriminals target MS SQL servers to deliver ransomware
The LockBit ransomware group has breached Zaun, a UK-based manufacturer of fencing systems for military sites and critical utilities, by compromising a legacy computer running Windows 7 and using it as an initial point of access to the wider company ne… Continue reading LockBit leaks sensitive data from maximum security fence manufacturer
Quite some money can be made from selling compromised business and ad accounts on social media platforms, and the Ducktail threat actor has specialized in just that. “We observed that an account deemed ‘low-grade’ sells for around 350… Continue reading How Ducktail capitalizes on compromised business, ad accounts
Apple is inviting security researchers to apply for the Apple Security Research Device Program (SRDP) again, to discover vulnerabilities and earn bug bounties. Apple started the Apple SRDP in 2019. In the intervening years, participating researchers ha… Continue reading Apple offers security researchers specialized iPhones to tinker with
VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network monitoring tool. About the vulnerabilities (CVE-2023-34039, CVE-2023-20890) CVE-2023-3… Continue reading VMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)
Google is launching a beta version of SynthID, a tool that identifies and watermarks AI-generated images. The tool will initially be available to a limited number of customers that use Imagen, Google’s cloud-based AI model for generating images f… Continue reading Google launches tool to identify AI-generated images
A known threat actor specializing in ransomware attacks is believed to be behind a recent campaign that targeted unpatched internet-facing Citrix NetScaler systems to serve as an initial foothold into enterprise networks. “Our data indicates stro… Continue reading Ransomware group exploits Citrix NetScaler systems for initial access
Financial and risk advisory firm Kroll has suffered a SIM-swapping attack that allowed a threat actor to access files containing personal information of clients of bankrupt cryptocurrency platforms FTX, BlockFi and Genesis. The Kroll SIM-swapping attac… Continue reading Kroll SIM-swap attack: FTX, BlockFi and Genesis clients’ info exposed