Daily Cyber Brief

New Shikitega malware targets Linux systems and IoT devices, Cobalt Strike DDoSed by anti-Russian hackers, and DangerousSavanna targeted African financial institutions...

Cybersecurity

Hotel Giant IHG Blames Cyberattack for Booking Systems Outages

InterContinental Hotels Group, also known as IHG Hotels & Resorts, has confirmed it was hit by a cyberattack that downed its booking systems and mobile apps. U.K.-headquartered IHG operates some of the world’s largest hotel chains, including the Holiday Inn, Crown Plaza…

Albania severs ties with Iran over cyber-attack

Albania has severed diplomatic ties with Iran and ordered Iranian embassy staff to leave, accusing it of orchestrating a major cyber-attack. Prime Minister Edi Rama said a probe had found "incontrovertible evidence" that Iran "hired four groups to mount the attack on…

Ukraine dismantles more bot farms spreading Russian disinformation

The Cyber Department of the Ukrainian Security Service (SSU) dismantled two more bot farms that spread Russian disinformation on social networks and messaging platforms via thousands of fake accounts. As the SSU discovered, this bot army "of almost 7,000 accounts"…

Critical RCE Vulnerability Affects Zyxel NAS Devices — Firmware Patch Released

Networking equipment maker Zyxel has released patches for a critical security flaw impacting its network-attached storage (NAS) devices. Tracked as CVE-2022-34747 (CVSS score: 9.8), the issue relates to a "format string vulnerability" affecting NAS326, NAS540, and NAS542…

Cisco won’t fix authentication bypass zero-day in EoL routers

Cisco says that a new authentication bypass flaw affecting multiple small business VPN routers will not be patched because the devices have reached end-of-life (EoL). This zero-day bug (CVE-2022-20923) is caused by a faulty password validation algorithm that attackers…

Google: Conti repurposing tools for Ukraine attacks using Follina bug, Musk impersonation

Former members of the notorious Conti ransomware group have repurposed many of their tools for attacks on Ukrainian organizations, according to a new report from Google’s Threat Analysis Group (TAG). Google researchers confirmed a report from IBM in July that found…

'DangerousSavanna' Hackers Targeted Financial Institutions in Africa For Two Years

A persistent cyber–attack campaign has emerged targeting major financial institutions in French–speaking African countries and has been active over the last two years. The campaign was discovered by Check Point Research (CPR) and dubbed 'DangerousSavanna.' It relied…

200,000 North Face accounts hacked in credential stuffing attack

Outdoor apparel brand 'The North Face' was targeted in a large-scale credential stuffing attack that has resulted in the hacking of 194,905 accounts on the thenorthface.com website. A credential stuffing attack is when threat actors use email addresses/usernames and…

New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices

A new piece of stealthy Linux malware called Shikitega has been uncovered adopting a multi-stage infection chain to compromise endpoints and IoT devices and deposit additional payloads. "An attacker can gain full control of the system, in addition to the cryptocurrency…

Ransomware gang's Cobalt Strike servers DDoSed with anti-Russia messages

Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity. The operators of Conti ransomware completed turning off their internal infrastructure in May this year but its…

Daily Cyber Brief

New Shikitega malware targets Linux systems and IoT devices, Cobalt Strike DDoSed by anti-Russian hackers, and DangerousSavanna targeted African financial institutions...

Cybersecurity

Join the conversation

Overt Operator