Monthly Archives: January 2024

A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content. […] Source: ​BleepingComputer  |  Read More 

Car rental company Europcar says it has not suffered a data breach and that shared customer data is fake after a threat actor claimed to be selling the personal info of 50 million customers. […] Source: ​BleepingComputer  |  Read More 

CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively exploited in attacks. […] Source: ​BleepingComputer  |  Read More 

The FBI has disrupted the KV Botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting U.S. critical infrastructure. […] Source: ​BleepingComputer  |  Read More 

CISA has urged manufacturers of small office/home office (SOHO) routers to ensure their devices’ security against ongoing attacks attempting to hijack them, especially those coordinated by Chinese state-backed hacking group Volt Typhoon (Bronze Silhouette). […] Source: ​BleepingComputer  |  Read More 

Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led to a data breach after hackers stole corporate data. […] Source: ​BleepingComputer  |  Read More 

Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day bug already under active exploitation. […] Source: ​BleepingComputer  |  Read More 

​Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation (LPE) vulnerability in the GNU C Library (glibc). […] Source: ​BleepingComputer  |  Read More