Ransomhub’s Latest Attack Raises Alarms for Industrial Control Systems (ICS) Security

The Ransomhub ransomware group’s modus operandi involves encrypting data and leveraging access to SCADA systems to disrupt essential functions, as evidenced in their recent breach.

CERT-UA Warns of Malware Campaign Conducted by Threat Actor UAC-0006

SmokeLoader acts as a loader for other malware, once it is executed it will inject malicious code into the currently running explorer process (explorer.exe) and download another payload to the system.

SingCERT Warns Critical Vulnerabilities Found in Multiple WordPress Plugins

Security updates have been promptly released to address these critical vulnerabilities in multiple WordPress plugins. SingCERT reported 9 critical plugin vulnerabilities and shared the mitigation strategies to avoid exploration by threat actors.

Digital ID Adoption: Implementation and Security Concerns

As digital transformation accelerates, understanding how businesses are preparing for and implementing digital ID technologies is crucial for staying ahead in security and efficiency, according to Regula.

Update: Threat Actors Created Rogue VMs to Evade Detection During December 2023 Attack on MITRE

According to the new update, threat actors exploited zero-day flaws in Ivanti Connect Secure (ICS) and created rogue virtual machines (VMs) within the organization’s VMware environment.

White House Announces Plans to Revamp Data Routing Security by Year-End

The augmentations concern the Border Gateway Protocol, a backbone data transmission algorithm that determines the optimal path for data packets to move across networks, said National Cyber Director Harry Coker

Usage of TLS in DDNS Services leads to Information Disclosure in Multiple Vendors

When DDNS is combined with automatic TLS certificate generation using ACME clients, the public Certificate Transparency logs can be abused by attackers to find vulnerable devices en masse.

Human Error Still Perceived as the Achilles’ Heel of Cybersecurity

While fears of cyberattacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint.

Phishing with Cloudflare Workers: Transparent Phishing and HTML Smuggling

One campaign uses HTML smuggling to hide the phishing content from network inspection. The other uses a method called transparent phishing, where the attacker uses Cloudflare Workers to act as a reverse proxy server for a legitimate login page.

Australian Telecom Watchdog Sues Optus Over 2022 Data Breach

The Australian Communications and Media Authority said it has filed proceedings against Optus in a federal court as the company failed to protect sensitive customer data during a data breach in September 2022 that affected close to 10 million people.