Tuesday , January 21 2025

Daily Cybersecurity Update, June-23, 2023

An unsecured database belonging to RateForce ended up exposing 93.93 GB of personal information of users. This is a reminder to secure your cloud buckets. We also have two more victims of the MOVEit ransomware attack. This time, it is the largest public pension fund in the U.S. and an insurance firm. In other news, there is an update on the Dole ransomware attack that took place in February this year. The corporation disclosed the number of impacted individuals. Read on to know more.

RateForce Data Leak

Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS

Security researchers have found several vulnerabilities in Azure DevOps that could enable attackers to inject CRLF queries and carry out...
Read More
Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS

Intel holds 22 employees from one Bangladeshi University

Intel Corporation is a leading semiconductor chip manufacturer, employing at least 22 graduates from the Department of Applied Chemistry and...
Read More
Intel holds 22 employees from one Bangladeshi University

VPN Surge 1500% in USA after TikTok Shut Down

vpnMentor’s Research Team is monitoring the potential TikTok ban in the U.S., driven by national security and data privacy issues....
Read More
VPN Surge 1500% in USA after TikTok Shut Down

MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology

MITRE launched D3FENDTM 1.0, a cybersecurity framework that provides a vocabulary and understanding of the cyber domain. D3FEND 1.0, funded...
Read More
MITRE Launches D3FEND 1.0; The Milestone for Cybersecurity Ontology

AWS Patches Multiple Vulns in WorkSpaces, AppStream 2.0

Amazon Web Services (AWS) has recently fixed two major security vulnerabilities in its cloud services: Amazon WorkSpaces, Amazon AppStream 2.0,...
Read More
AWS Patches Multiple Vulns in WorkSpaces, AppStream 2.0

Malware Trends Review 2024: Ever Recorded Cyber Threats

Last year saw a significant rise in cyber threats, with malware becoming more advanced and attack strategies more sophisticated. A...
Read More
Malware Trends Review 2024: Ever Recorded Cyber Threats

Botnet Exploits 13,000 MikroTik Devices Abusing Misconfigured DNS

A recent Infoblox Threat Intel report reveals a sophisticated botnet that exploits DNS misconfigurations to spread malware widely. This botnet,...
Read More
Botnet Exploits 13,000 MikroTik Devices Abusing Misconfigured DNS

CVE-2024-9042
Code Execution Vulnerability Found in Kubernetes Windows Nodes

A new security flaw traced, CVE-2024-9042, poses a serious risk to Kubernetes clusters with Windows worker nodes. It has a...
Read More
CVE-2024-9042  Code Execution Vulnerability Found in Kubernetes Windows Nodes

Hacker leaked 15k config files and VPN passwords of FortiGate firewall device

The hacking group "Belsen Group" has posted over 15,000 unique FortiGate firewall configurations online. The data dump, reportedly obtained by exploiting...
Read More
Hacker leaked 15k config files and VPN passwords of FortiGate firewall device

Registration open for 1st Agile Cyber Drill 2025

Registration open for "1st Agile Cyber Drill-2025" scheduled for February 26, 2025 online with an awards ceremony for 9 March...
Read More
Registration open for 1st Agile Cyber Drill 2025

An unsecured database belonging to the U.S. auto insurance price comparison site RateForce leaked 255,756 records (93.93 GB) containing scans and images of vehicle registrations, driver’s licenses, state Medicaid health coverage cards, and others.

MOVEit Ransomware Attacks

The MOVEit ransomware attack has claimed two more victims: the largest public pension fund in the U.S. and an insurance firm. The attack on the pension fund compromised the personal data of 2.5 million Genworth Financial policyholders, while the attack on the insurance firm compromised the personal information, including Social Security numbers, of 769,000 retired California state employees.

GitHub RepoJacking

Aqua Nautilus has warned that millions of GitHub repositories are potentially vulnerable to RepoJacking, a type of attack that steals sensitive data from repositories. Some vulnerable repositories belong to Google, Lyft, and other anonymous firms.

New JS Dropper Variant

Deep Instinct has spotted a new variant of JS dropper, named PindOS, that is deploying next-stage payloads such as IcedID and Bumblebee. These malware, in turn, serve as loaders for other malware, including ransomware.

Dole Ransomware Attack Update

Dole has confirmed that the February ransomware attack compromised the names, addresses, driver’s license numbers, passport numbers, dates of birth, phone numbers, and other employment information of 3,885 employees.

Chinese APT Groups Exploit Microsoft Office Vulnerability

SentinelOne has revealed that Chinese APT groups exploited a 17-year-old Microsoft Office vulnerability to launch malware attacks against foreign government officials who attended a G7 summit in Hiroshima, Japan.

NIST Creates First-Ever Cybersecurity Framework for Water Infrastructure

The National Institute of Standards and Technology (NIST) is creating the first-ever cybersecurity framework for water infrastructure to address unique cyber challenges impacting America’s complex water systems.

Microsoft Discovers Cryptomining Campaign

Microsoft has discovered a cryptomining campaign targeting IoT devices and internet-facing Linux systems. The attackers are using a backdoor that deploys a broad range of tools and an IRC bot to steal device resources for mining.

NSA Issues Guidance on Defending Against BlackLotus UEFI Bootkit Malware

The National Security Agency (NSA) has issued guidance on defending against BlackLotus UEFI bootkit malware attacks. The guidance recommends that system administrators apply the latest security updates, update recovery media, and customize UEFI Secure Boot to block older signed Windows boot loaders.

Unit 42 Researchers Observe Mirai Botnet Variant

Unit 42 researchers have observed a variant of the Mirai botnet that is targeting multiple vulnerabilities in popular IoT devices, with a focus on D-Link, Zyxel, and Netgear devices. The variant has been identified in two ongoing campaigns that started on March 14 and spiked in April and June.

Check Also

Daily Security Update Dated: 04.12.2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data …

Leave a Reply

Your email address will not be published. Required fields are marked *