InfoSecBulletin Cybersecurity for mankind
The rising number of attacks targeting cryptocurrency businesses underscores the urgent requirement for enhanced security measures. Once, Mixin suffered a devastating loss of assets amounting to $200 million when it fell victim to a cyberattack targeting its cloud service provider.
National Student Clearinghouse recently experienced a troubling data breach that has affected numerous schools throughout the United States. Recently, the government of Bermuda fell victim to a cyberattack, which has been traced back to Russian threat actors.
CISA warns of increasing risk tied to Oracle legacy Cloud leak
By infosecbulletin
/ Thursday , April 17 2025
On Wednesday, CISA alerted about increased breach risks due to the earlier compromise of legacy Oracle Cloud servers, emphasizing the...
Read More
CVE-2025-20236
Cisco Patches Unauthenticated RCE Flaw in Webex App
By infosecbulletin
/ Thursday , April 17 2025
Cisco issued a security advisory about a serious vulnerability in its Webex App that allows unauthenticated remote code execution (RCE)...
Read More
Apple released emergency security updates for 2 zero-day vulns
By infosecbulletin
/ Thursday , April 17 2025
On Wednesday, Apple released urgent operating system updates to address two security vulnerabilities that had already been exploited in highly...
Read More
Oracle Released Patched for 378 flaws for April 2025
By infosecbulletin
/ Wednesday , April 16 2025
On April 15, 2025, Oracle released a Critical Patch Update for 378 flaws for its products. The patch update covers...
Read More
CVE-2025-24054
Hackers Exploiting NTLM Spoofing Windows Vuln the in Wild
By infosecbulletin
/ Wednesday , April 16 2025
Check Point Research warns of the active exploitation of a new vulnerability, CVE-2025-24054, which lets hackers leak NTLMv2-SSP hashes using...
Read More
Bengaluru firm got ransomware attack, Hacker demanded $70,000
By infosecbulletin
/ Wednesday , April 16 2025
Bengaluru's Whiteboard Technologies Pvt Ltd was hit by a ransomware attack, with hackers demanding a ransom of up to $70,000...
Read More
MITRE warns: U.S. Govt. Funding for MITRE’s CVE Ends Today
By infosecbulletin
/ Wednesday , April 16 2025
MITRE Vice President Yosry Barsoum warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness...
Read More
PwC exits more than a dozen countries in push to avoid scandals: FT reports
By infosecbulletin
/ Wednesday , April 16 2025
PwC has ceased operations in more than a dozen countries that its global bosses have deemed too small, risky or...
Read More
Australian Cyber Security Centre Alert for Fortinet Products
By infosecbulletin
/ Wednesday , April 16 2025
The Australian Cyber Security Centre (ACSC) has alerted technical users in both private and public sectors about ongoing exploitation of...
Read More
Top 10 Malware Threats of the Week: Reports ANY.RUN
By infosecbulletin
/ Tuesday , April 15 2025
Cybersecurity platform ANY.RUN recently reported the top 10 malware threats of the week, highlighting a surge in activity for information...
Read More
Here’s everything you need to know:
- Mixin, a cryptocurrency business based in Hong Kong, recently fell victim to a massive $200 million asset theft. This significant loss occurred when malicious threat actors targeted their cloud service provider, causing the temporary suspension of deposit and withdrawal services.
- A new TA866 campaign has been unveiled by researchers. This campaign strategically utilizes a fresh strain of Python malware in order to specifically target users who speak the Tatar language. This malware possesses the ability to capture screenshots and then effortlessly transmit them to a remote server through FTP.
- ESET has recently detected a novel backdoor malware, known as Deadglyph, that has been deployed in a sophisticated cyberespionage campaign against a government agency located in the Middle East. The malware has been linked to a UAE state-sponsored group named Stealth Falcon.
- A new attack campaign has been uncovered by Securonix Threat Research, targeting Ukraine’s military. This sophisticated operation, carried out by the notorious threat group UAC-0154, involves the use of malware-laced lure files disguised as UAV service manuals.
- Palo Alto Network’s Unit 42 published a new report on the Gelsemium APT group. They revealed that this group conducted a cyberespionage campaign against a Southeast Asian government. The campaign lasted for a impressive six-month period from 2022 to 2023.
