InfoSecBulletin Cybersecurity for mankind
The ever-increasing influence of Chinese threat actors in the cyber landscape is causing significant concern. As per the latest revelations, a Chinese state-linked group successfully stole data from a U.S. federal agency and targeted several European nations too. Today, we also have a Delaware county facing temporary outages due to a cyberattack from a few days back. In other news, with all these scams going around, you might think that there are lots of scammers associated with the business. However, that’s not the case. To know more about this and other highlights, read along.
The CISA and FBI issued a warning together that the Storm-0558 threat group, which is associated with China, accessed and stole unclassified Exchange Online Outlook data from an undisclosed U.S. source FCEB agency.
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
Alert
Trend Micro Apex One Flaw Allow Attackers to Inject Malicious Code
Kent County in Delaware is experiencing a cyberattack that has disrupted municipal services, leading to a temporary offline status of internet-based services and phone numbers.
ALSO READ:
The Cl0p ransomware group put the data of 62 clients of Ernst & Young, including Air Canada and United Parcel Service Canada Ltd., on their leak sites. The group had exploited the MOVEit vulnerability and leaked 3TB of information belonging to the accounting firm.
Ransomware attacks have seen a significant increase in 2023, with cybercriminals extorting nearly $175.8 million more than the previous year, revealed Chainalysis.
Barracuda Networks and Columbia University studied 300,000 extortion emails and discovered that fewer than 100 scammers worldwide are behind them.
USB-delivered malware campaigns have seen a threefold increase in malware attacks in the first half of 2023, with two notable campaigns delivering Sogu and Snowydrive malware to various industries worldwide – reported Mandiant.
The hacker group Nobelium, supported by the Russian government, used fake BMW car listings to deceive Ukrainian diplomats into clicking on harmful links that install malware. The campaign has targeted at least 22 of the 80 foreign missions in Kyiv.
ZooTampa, a popular U.S. zoo, experienced a cyberattack resulting in the theft of employee and vendor information, with an affiliate of the Royal ransomware gang claiming responsibility.
Vietnamese threat actors are actively targeting Facebook business accounts using fake Ads Manager software and malicious Chrome extensions, resulting in over 800 victims worldwide losing more than $180,000 in compromised ad budgets.
In a recent finding, FortiGuard Labs uncovered a malicious operation that capitalizes on a pair of well-known vulnerabilities, including Follina, to implant the perilous LokiBot trojan on targeted devices. The campaign first came to light in May.
