Tuesday , February 18 2025

Daily Cybersecurity Update, June-30, 2023

LockBit is back in the headlines as one of its sub-groups claimed to have attacked the world’s largest chip maker – TSMC. It has asked for a hefty ransom, the refusal of which would lead to the publishing of stolen data. Speaking of ransomware attacks, the University of Manchester breach also impacted over a million NHS patients, including records of patients who have suffered major trauma. Moving on to another critical news, researchers have recorded a massive surge in the exploitation of remote servers. Without much ado, here’s everything you need to know from the last 24 hours.

  1. National Hazard Agency, a LockBit ransomware sub-group, claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC) and is demanding a ransom of $70 million. The deadline for payment is August 6.
  2. A ransomware attack on the University of Manchester compromised the NHS patient data set of 1.1 million patients across 200 hospitals. The information includes NHS numbers, records of trauma patients, and the first three letters of patients’ postcodes.
  3. The number of individuals impacted by hackers exploiting vulnerabilities in the MOVEit software has surpassed 16 million. This number is expected to rise significantly. Additionally, 158 organizations have disclosed falling victim to the exploitation of the flaw by the Cl0p ransomware gang.
  4. A threat group claiming affiliation with the Wagner Group launched a cyberattack on Russian satellite communications provider Dozor-Teleport. The group leaked 700 files, including documents and images, allegedly belonging to the company.
  5. MITRE has released a list of the top 25 most dangerous vulnerabilities in software. The list was created by analyzing 43,996 CVE entries from NIST’s National Vulnerability Database (NVD).
  6. The pro-Russian crowdsourced DDoS project, named DDoSia, experienced a massive 2,400% growth in less than a year. The project now has over 10,000 participants conducting attacks on Western organizations, according to Sekoia.
  7. MIT researchers developed the Metior framework that provides a quantitative assessment of cybersecurity obfuscation schemes. The framework can help engineers evaluate the effectiveness of different security approaches.
  8. A new report by ReliaQuest recorded almost 5,000 instances of remote server exploitation, including RDPs and VPNs. This makes it the most commonly used attack technique in 2022.
  9. Network assurance firm IP Fabric raised $25 million in a Series B funding round. The round was led by One Peak, with participation from Senovo and Presto Ventures.
  10. Israel-based application security platform Nokod Security announced a $8 million seed-stage funding round. The round was led by Acrew Capital, with investment from Meron Capital and Flint Capital.

 

150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain

Indian government and educational websites, along with reputable financial brands, have experienced SEO poisoning, causing user traffic to be redirected...
Read More
150 Gov.t Portal affected  Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain

CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh

The Cyber Threat Intelligence Unit of BGD e-GOV CIRT has found 600 vulnerable PRTG instances in Bangladesh, affected by the...
Read More
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh

Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru

Amazon Web Services (AWS) has been named in an FIR after a builder claimed damages to the tune of Rs...
Read More
Builder claims Rs 150 cr for data loss;  AWS faces FIR In Bengaluru

CISA Warns Active Exploitation of Apple iOS Security Flaw

CISA has issued an urgent warning about a critical zero-day vulnerability in Apple iOS and iPadOS, known as CVE-2025-24200, which...
Read More
CISA Warns Active Exploitation of Apple iOS Security Flaw

Massive IoT Data Breach Exposes 2.7 Billion Records

A major IoT data breach has exposed 2.7 billion records, including Wi-Fi network names, passwords, IP addresses, and device IDs....
Read More
Massive IoT Data Breach Exposes 2.7 Billion Records

SonicWall Firewall Auth Bypass Vulnerability Exploited in Wild

A serious authentication bypass vulnerability in SonicWall firewalls, called CVE-2024-53704, is currently being exploited, according to cybersecurity firms. The increase...
Read More
SonicWall Firewall Auth Bypass Vulnerability Exploited in Wild

AMD Patches High-Severity SMM Vulns Affecting EPYC and Ryzen Processors

AMD has released security patches for two high-severity vulnerabilities in its System Management Mode (SMM). If exploited, these could let...
Read More
AMD Patches High-Severity SMM Vulns Affecting EPYC and Ryzen Processors

Lazarus Group Unleashes New Malware Against Developers Worldwide

Lazarus Group has initiated a complex global campaign aimed at software developers and cryptocurrency users. Operation Marstech Mayhem uses the...
Read More
Lazarus Group Unleashes New Malware Against Developers Worldwide

Daily Security Update Dated : 15.02.2025

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
Daily Security Update Dated : 15.02.2025

Salt Typhoon to target Bangladeshi Universities, One identified

RedMike (Salt Typhoon) targeted university devices in Bangladesh, likely to access research in telecommunications, engineering, and technology, especially from institutions...
Read More
Salt Typhoon to target Bangladeshi Universities, One identified

Check Also

Daily Security Update Dated: 18.12.2024

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data …

Leave a Reply

Your email address will not be published. Required fields are marked *