Hackers Use New Exploit Technique to Hijack S3 Buckets
It has been discovered that threat actors might take over expired Amazon S3 buckets to serve rogue binaries without changing the actual modules. Malicious binaries exfiltrate…
Month: June 2023
Millions of Oregon, Louisiana state IDs stolen in MOVEit breach
Louisiana and Oregon warn that millions of driver’s licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file…
XSS Vulnerabilities in Azure Services Leads to Script Executions
Two severe vulnerabilities in Azure services, Azure Bastion and Azure Container Registry—that allow Cross-Site Scripting (XSS) by leveraging a flaw in the postMessage iframe have…
Hackers Set Up Fake GitHub Repos to Deliver Malware
Recently, the cybersecurity researchers at VulnCheck identified a growing trend of hackers masquerading as cybersecurity researchers on social platforms like Twitter and GitHub. While hackers…
Collaboration in finance sector develops prototype API for digital currency
The Bank for International Settlements (BIS) has proved that an application programming interface (API) layer could be used to connect financial infrastructures to enable everyday…
Hackers Using ChatGPT & GoogleBard to Launch Email Attacks
Researchers uncovered a new phishing email campaign that employs ChatGPT and Google Bard to launch sophisticated email attacks. Threat actors had started relying on Artificial Intelligence since November 2022,…
US Government Agencies Hit By Clop In MOVEit Global Cyberattack
A global cyberattack targeting numerous US federal government institutions has been launched as a result of the recent revelation of vulnerabilities in the MOVEit Transfer and…
ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC
Jun 16, 2023Ravie LakshmananEndpoint Security / Network Security The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux…
In Other News: Linux Kernel Exploits, Update on BEC Losses, Cybersecurity Awareness Act
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a…
Russia-Backed Hackers Using New USB-based Malware
Ukraine remains under constant threat as the Russian state-sponsored hacking group Shuckworm (aka Armageddon or Gamaredon) continues to carry out numerous cyber attacks, mainly focusing…
Shell Global Hacked using Flaw in the MOVEit File Transfer System
Shell corporation has published a report indicating that they have faced a security incident that involved Accelion’s File Transfer appliance in 2021. This is the…
Russian Hackers Using USB-Spreading Malware in Attacks on Ukrainian Government, Military
Russia-linked hacking group Gamaredon has been observed infecting USB drives for lateral movement within compromised Ukrainian networks, Symantec reports. Active since at least mid-2013 and…