Tuesday , December 24 2024

infosecbulletin

Microsoft’s Top Execs’ Emails Breached By Russia-Linked APT Attack

Microsoft

The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor …

Read More »

Mandiant report
“Group UNC3886” exploiting VMware bug since late 2021

vmware

Mandiant and VMware Product Security found that the UNC3886 espionage group has been exploiting CVE-2023-34048 since late 2021, even though it was publicly reported and patched in October 2023. Mandiant found new ways that UNC3886 uses to attack computer systems. They focus on technologies that don’t have EDR protection and …

Read More »

CISA released Incident Response Guide for the WWS Sector

CISA

CISA, the FBI, and the EPA have released a guide to help water and wastewater systems respond to incidents. Over 25 organizations from various sectors contributed to this guide, including private companies, non-profit organizations, and government entities. This collaboration ensured that the guide would be useful for water and wastewater …

Read More »

Oracle Releases Critical Patch Update Advisory for January 2024

Oracle

Oracle released a security advisory for January 2024. It fixes vulnerabilities in various products that could be exploited by hackers to take control of a system. Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it …

Read More »

BGD e-GOV CIRT Report
Info Stealer Malware surge in Bangladesh

Malware

The BGD e-GOV CIRT Cyber Threat Intelligence Unit has noticed a big rise in a type of malware named stealer malware in Bangladesh’s cyberspace. These sneaky programs are good at secretly getting sensitive data like login details, personal information, and secret data from specific systems. This breach puts financial resources …

Read More »

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA found evidence of active exploitation for three new vulnerabilities, which have been added to their list of known exploited vulnerabilities. CVE-2023-6549: Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability. It describes Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway …

Read More »

Cyble report
Cyber Espionage Strikes Indian Air Force

Air force

Cyble Research and Intelligence Labs (CRIL), CRIL has uncovered a Go Stealer possibly targeting the Indian Air Force. This malware is propagated through a ZIP file named “SU-30_Aircraft_Procurement”. The ZIP file is hosted on Oshi (hxxps://oshi[.]at/ougg), an anonymous file storage platform and the Threat Actor (TA) could potentially be distributing …

Read More »

abnormal security report
Vendor Email Attacks risen by 137% in Financial Sector in 2023

mail

The financial industry has seen a 137% rise in Vendor Email Compromise attacks in the past year, according to new data from Abnormal Security. Most threats came from email attacks that tricked people, with the sector getting 200 advanced attacks per week for every 1000 mailboxes. Last year, there were …

Read More »