Researchers have uncovered an arbitrary file read zero-day in the Mitel MiCollab collaboration platform, allowing attackers to access files on a server’s filesystem. […]
BT Investigating Hack After Ransomware Group Claims Theft of Sensitive Data
UK telecoms company BT has launched an investigation after the Black Basta ransomware group claimed the theft of 500 Gb of data.
The post BT Investigating Hack After Ransomware Group Claims Theft of Sensitive Data appeared first on SecurityWeek.
ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan
The China-linked threat actor known as MirrorFace has been attributed to a new spear-phishing campaign mainly targeting individuals and organizations in Japan since June 2024.
The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) and ANEL (aka UPPERCUT), Trend Micro said in a technical analysis.
“An interesting aspect of this campaign is the comeback of a backdoor
The aim of the campaign is to deliver backdoors known as NOOPDOOR (aka HiddenFace) and ANEL (aka UPPERCUT), Trend Micro said in a technical analysis.
“An interesting aspect of this campaign is the comeback of a backdoor
NCA Busts Russian Crypto Networks Laundering Funds and Evading Sanctions
The U.K. National Crime Agency (NCA) on Wednesday announced that it led an international investigation to disrupt Russian money laundering networks that were found to facilitate serious and organized crime across the U.K., the Middle East, Russia, and South America.
The effort, codenamed Operation Destabilise, has resulted in the arrest of 84 suspects linked to two Russian-speaking networks
The effort, codenamed Operation Destabilise, has resulted in the arrest of 84 suspects linked to two Russian-speaking networks
CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple security flaws affecting products from Zyxel, North Grid Proself, ProjectSend, and CyberPanel to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The list of vulnerabilities is as follows –
The list of vulnerabilities is as follows –
CVE-2024-51378 (CVSS score: 10.0) – An incorrect default permissions
Microsoft says having a TPM is “non-negotiable” for Windows 11
Microsoft made it abundantly clear this week that Windows 10 users won’t be able to upgrade to Windows 11 unless their systems come with TPM 2.0 support, stating it’s a “non-negotiable” requirement. […]
White House: Salt Typhoon hacked telcos in dozens of countries
Chinese state hackers, known as Salt Typhoon, have breached telecommunications companies in dozens of countries, President Biden’s deputy national security adviser Anne Neuberger said today. […]
FBI shares tips on how to tackle AI-powered fraud schemes
The FBI warns that scammers are increasingly using artificial intelligence to improve the quality and effectiveness of their online fraud schemes, ranging from romance and investment scams to job hiring schemes. […]
UK disrupts Russian money laundering networks used by ransomware
A law enforcement operation led by the United Kingdom’s National Crime Agency (NCA) has disrupted two Russian money laundering networks working with criminals worldwide, including ransomware gangs. […]
BT unit took servers offline after Black Basta ransomware breach
Multinational telecommunications giant BT Group (formerly British Telecom) has confirmed that its BT Conferencing business division shut down some of its servers following a Black Basta ransomware breach. […]