The FBI has recently published a detailed account of its Cyber Action Team (CAT), an elite group established in 2005 to tackle cyber threats. This team, comprising roughly 65 members including special agents, computer scientists, intelligence analysts, and IT specialists, can be deployed globally within hours to assist critical infrastructure organizations facing cyberattacks and other threats.
In a significant security breach, hackers have leaked internal documents belonging to Leidos, one of the largest IT services providers to the US government. According to Bloomberg, the leak originated from third-party vendor Diligent Corp, which attributed the breach to a 2022 incident involving a subsidiary. This incident underscores the vulnerabilities within supply chains and the critical need for robust security measures.
A 42-year-old Nigerian man, Bamidele Omotosho, has been sentenced to 12 years and 7 months in federal prison by a US court for his role in a sophisticated cybercrime scheme. Omotosho purchased credentials and personal information from a dark web marketplace, using it to execute fraudulent money transfers that resulted in over $2 million in losses. The US Justice Department highlighted this case as part of its ongoing efforts to combat international cybercrime.
Spanish authorities have arrested three individuals believed to be part of NoName057(16), a pro-Russian hacker group specializing in DDoS attacks. This group is notorious for targeting governments and critical infrastructure, and the arrests represent a significant step in disrupting their operations.
Web3 identity solutions provider Fractal ID has revealed a data breach affecting 6,300 users, which represents less than 1% of its user base. The breach occurred after a threat actor compromised credentials for an operator account with admin privileges. This incident highlights the ongoing risks associated with credential theft and the importance of stringent access controls.
Oracle has agreed to a $115 million settlement in response to a lawsuit accusing the company of collecting and selling personal information to marketers. Although Oracle denies any wrongdoing, the settlement reflects the growing scrutiny and regulatory pressures around data privacy and the handling of personal information.
Symantec’s recent analysis indicates that AI is being leveraged to generate code used in malware campaigns. Scripts used to deliver malware such as Rhadamanthys, NetSupport, CleanUpLoader, ModiLoader, LokiBot, and Dunihi suggest they were generated using large language models (LLMs). This trend underscores the evolving landscape of cyber threats and the need for advanced defenses.
Managed Detection and Response (MDR) firm Ontinue has reported a new PlugX Remote Access Trojan (RAT) campaign leveraging the Steam gaming platform. Typically used by Chinese threat actors in espionage campaigns, PlugX was recently targeted by French police, who delivered a self-destruct payload to infected devices. This collaborative effort marks a proactive approach in combating cyber espionage tools.
Microsoft has patched two critical privilege escalation vulnerabilities in its GroupMe mobile group messaging app. Tracked as CVE-2024-38176 and CVE-2024-38164, these flaws allowed unauthenticated attackers to elevate privileges over a network. The tech giant emphasized transparency in its disclosure, assuring users that no action is required on their part.
Tenable has disclosed Confused Function, a privilege escalation vulnerability affecting Google Cloud’s Cloud Functions serverless execution environment. Google has initiated measures to prevent potential exploitation after being notified. This disclosure highlights the continuous efforts to identify and mitigate cloud-related vulnerabilities.
Posts
0 Comments