Sunday , December 22 2024

Cyber Attack

Cyble report
Cyber Espionage Strikes Indian Air Force

Air force

Cyble Research and Intelligence Labs (CRIL), CRIL has uncovered a Go Stealer possibly targeting the Indian Air Force. This malware is propagated through a ZIP file named “SU-30_Aircraft_Procurement”. The ZIP file is hosted on Oshi (hxxps://oshi[.]at/ougg), an anonymous file storage platform and the Threat Actor (TA) could potentially be distributing …

Read More »

UNDOC Report
Group reportedly link to Bangladesh Bank cyber attack still active in Asia

UNODC

North Korean hackers are sharing money-laundering and underground banking networks with fraudsters and drug traffickers in Southeast Asia, according to a United Nations report published on Monday, with casinos and crypto exchanges emerging as key venues for organized crime. The United Nations Office of Drugs and Crime (UNODC) said without …

Read More »

Recorded Future Report
Security Experts Urge IT to Lock Down GitHub Services

Github

Recorded Future, a threat intelligence firm, has cautioned that malicious actors are using GitHub services more to carry out secret cyber-attacks and has advised IT teams to act. Its new report, Flying Under the Radar: Abusing GitHub for Malicious Infrastructure, revealed the most popular GitHub services for threat actors. Between …

Read More »

cyber news report
Saudi Ministry reportedly exposed sensitive data

Soudi Arabia

Saudi Arabia’s Ministry of Industry and Mineral Resources (MIM) had an exposed environment file containing sensitive details. The Cybernews reported that this data was accessible for 15 months. An environment file gives instructions to computer programs and is important for any system. Leaving these files open to anyone can expose …

Read More »

Cyber Attack
Beirut Airport Screens Hacked: displaying Anti-Hezbollah Message

Beirut Airport

The airport’s screens were hacked with messages criticizing Hezbollah and its leaders for endangering Lebanon and risking war with Israel. The screens at Beirut’s airport were hacked by anti-Hezbollah groups, showing the conflict between Hezbollah and Israel. The message accused Hezbollah of risking war with Israel. “Hassan Nasrallah, you will …

Read More »

Apache RocketMQ servers vulnerable to RCE attacks

RocketMQ

Security researchers found that Apache RocketMQ services are being targeted by malicious activities. The vulnerabilities, known as CVE-2023-33246 and CVE-2023-37582, remain a serious threat even after the vendor released patches in May 2023. Vulnerability Overview: The CVE-2023-33246 affected different parts of RocketMQ, such as NameServer, Broker, and Controller. Rongtong Jin, …

Read More »

BD CIRT REPORT
Ongoing Phishing Campaign targeting Bangladesh by APT group SideWinder

BGD eGOV CIRT

Cyber Threat Intelligence Unit of BGD e-GOV CIRT has detected a suspicious ongoing phishing campaign by APT group named as SideWinder targeted at Bangladeshi entities such as Bangladesh Armed Forces Division (AFD) and Law Enforcement Agencies. The group is known as a highly active hacker group who has shown the …

Read More »

2024 strong start
Google’s Mandiant recover its x (twitter) account after hacked

Mandiant

Google’s cybersecurity firm Mandiant get back its x (twitter) account after being taken over by someone sharing links to a cryptocurrency platform. On Wednesday afternoon around 3:30 pm EST, the scammar took the control over mandiant’s x account, renamed it as phantom and tweeted out links to a company called …

Read More »

Shadowserver report
Nearly 11 million SSH servers vulnerable to Terrapin attacks

Terrapin attack

Around 11 million SSH servers are at risk from the Terrapin attack, which can compromise the security of certain SSH connections. This constitutes roughly 52% of all scanned samples in the IPv4 and IPv6 space monitored by Shadoserver. The Terrapin attack, created by researchers from Ruhr University Bochum in Germany, …

Read More »