Sunday , December 22 2024

Cyber Attack

Dell to investigate data breach claim after hacker leaks info

Dell

Dell is investigating claims of a data breach after a threat actor leaked information on over 10,000 employees. “We are aware of the claims and our security team is currently investigating,” Dell told BleepingComputer. A hacker called “grep” claims that Dell suffered a “minor” data breach, stealing over 10,000 employee …

Read More »

ALERT
Hackers Using Supershell Malware Targeting Linux SSH Servers

LINUX

Researchers found an attack targeting poorly secured Linux SSH servers using Supershell, a backdoor written in Go that gives attackers remote control of affected systems. After the initial infection, attackers likely used scanners to find more vulnerable targets and launched dictionary attacks with credentials collected from the compromised systems. The …

Read More »

Ransomware hit Bangladeshi Globe Pharmaceuticals Ltd

Ransomware

On September 16, 2024, Globe Pharmaceuticals Ltd., a major pharmaceutical company in Bangladesh, was hit by a ransomware attack detected by the BCSI Threat Intelligence Platform, highlighting ongoing cyber vulnerabilities in established firms. The Attack Unfolds: Globe Pharmaceuticals experienced a ransomware attack on September 16th, but the method of attack …

Read More »

Joint cybersecurity advisory
Botnet infects 260,000 SOHO routers, IP cameras with malware

world map

The FBI has alerted that cyber actors have compromised over 260,000 internet-connected devices, mainly routers, to form a large botnet for malicious activities, including distributed denial of service attacks and identity concealment. The FBI advisory states that a botnet, managed by the China-based Integrity Technology Group, has been active since …

Read More »

Broadcom fixed RCE bug in VMware vCenter Server

vmware

Broadcom has fixed a serious VMware vCenter Server vulnerability that allows attackers to execute remote code on unpatched servers through network packets. vCenter Server is the main management hub for VMware’s vSphere suite, enabling administrators to oversee and monitor virtualized infrastructure. The vulnerability (CVE-2024-38812) identified by TZL security researchers at …

Read More »

Alert! Google Fixes GCP Composer Flaw

Google

Tenable Research found and fixed a remote code execution (RCE) vulnerability, called CloudImposer, in Google Cloud Platform (GCP). This flaw could have let attackers hijack a pre-installed software dependency in Google Cloud Composer. Additionally, Tenable identified concerning guidance in GCP documentation that customers should note. The Hacker News reported, quoted …

Read More »

Fortinet admits data breach after hacker claims to steal 440GB

Fortinet

Fortinet confirmed a data breach after a threat actor claimed to have stolen 440GB of files from its Microsoft SharePoint server. Fortinet told two international media that, “An individual gained unauthorized access to a limited number of files stored on Fortinet’s instance of a third-party cloud-based shared file drive, which …

Read More »

New RansomHub Attack Kill Kaspersky’s TDSSKiller To Disable EDR

Coding

Threatdown Managed Detection and Response (MDR) team has discovered the RansomHub ransomware gang using a new attack method wityh two tools: TDSKiller, to disable EDR system, and LaZagne, for stealing credentials. Although both TDSSKiller and LaZagne have been used by attackers for years, this is the first record of RansomHub …

Read More »