New Ransomware Encrypts Amazon S3 Buckets Using SSE-C Encryption
A new ransomware campaign has surfaced, leveraging Amazon Web Services’ (AWS) Server-Side Encryption with Customer Provided Keys (SSE-C) to encrypt data in Amazon S3 buckets.…
Category: CyberSecurityNews
UK Domain Registry Nominet Confirms Cyber Attack Exploiting Ivanti RCE Zero-Day
Nominet, the official registry for .uk domain names and one of the largest country code registries globally has disclosed a significant cybersecurity breach linked to…
OneBlood Confirms Ransomware Attack – Donor’s Personal Information Stolen
OneBlood, a major blood donation nonprofit serving the southeastern United States, has confirmed a significant data breach resulting from a ransomware attack that occurred in…
CISA Adds 2 New Known Vulnerabilities That Actively Exploited in The Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with two new critical vulnerabilities, urging organizations to act promptly…
Rootkit Malware Exploiting Zero-day Vunlerabilities to Control Linux Systems Remotely
Fortinet researchers uncovered an advanced rootkit malware exploiting multiple zero-day vulnerabilities in enterprise appliances by executing a shell script (Install.sh). The analysis sheds new light…
New macOS Vulnerability Lets Attackers Bypass Apple’s System Integrity Protection (SIP)
Microsoft Threat Intelligence has identified a significant vulnerability in macOS that could allow attackers to bypass Apple’s System Integrity Protection (SIP), a critical security mechanism…
BeyondTrust Privileged Remote Access Vulnerability Actively Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical OS command injection vulnerability (CVE-2024-12686) found in BeyondTrust’s Privileged Remote Access (PRA) and Remote…
CISA Releases A New Free Guide For OT Products Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has launched a new guidance document to enhance cybersecurity for operational technology (OT) products. The guide, titled…
Attackers Allegedly Steal 2.3 GB Of Internal Data
Spanish telecommunications giant Telefonica has confirmed a significant breach of its internal systems, with attackers claiming to have stolen approximately 2.3 GB of sensitive data.…
Microsoft Multi-Factor Authentication Down Blocking Office 365 Users Access
Microsoft has alerted users to an issue with its Multi-Factor Authentication (MFA) system, which has disrupted access to certain Microsoft 365 applications. The problem, identified…
Aviatrix Controller RCE Vulnerability Exploited In The Wild
A critical remote code execution (RCE) vulnerability, CVE-2024-50603, has been actively exploited in the wild, posing significant risks to cloud environments. This vulnerability affects Aviatrix…
Ako Ransomware Abusing Windows API Calls To Detect Infected System Locations
Ako, commonly referred to as MedusaReborn, is a C++-based ransomware strain that has been active since January 2020. It functions under the Ransomware-as-a-Service (RaaS) business…