Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. […]
Ransomware abuses Amazon AWS feature to encrypt S3 buckets
A new ransomware campaign encrypts Amazon S3 buckets using AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key. […]
Infostealer Masquerades as PoC Code Targeting Recent LDAP Vulnerability
A fake proof-of-concept (PoC) exploit for a recent LDAP vulnerability distributes information stealer malware.
The post Infostealer Masquerades as PoC Code Targeting Recent LDAP Vulnerability appeared first on SecurityWeek.
US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals
The US Justice Department has announced charges against three Russians for operating the Blender and Sinbad cryptocurrency mixers.
The post US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals appeared first on SecurityWeek.
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners.
Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in
Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in
Emerging FunkSec Ransomware Developed Using AI
Developed with the help of AI, the emerging FunkSec ransomware claimed over 80 victims in December 2024.
The post Emerging FunkSec Ransomware Developed Using AI appeared first on SecurityWeek.
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay secure.
Let’s turn awareness into action and keep one step ahead
Let’s turn awareness into action and keep one step ahead
Juniper Networks Fixes High-Severity Vulnerabilities in Junos OS
Juniper Networks has patched multiple high-severity vulnerabilities in Junos OS and its third-party components.
The post Juniper Networks Fixes High-Severity Vulnerabilities in Junos OS appeared first on SecurityWeek.
Ransomware on ESXi: The mechanization of virtualized attacks
In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet (according to Shodan), the operational and business impact of these attacks is profound.
Most of the Ransomware strands that are attacking ESXi servers nowadays, are variants of the
Most of the Ransomware strands that are attacking ESXi servers nowadays, are variants of the
China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports
Chinese cyberspies targeted offices dealing with foreign investments and sanctions in the recent US Treasury hack.
The post China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports appeared first on SecurityWeek.