Daily Cyber Brief
Exposing the teams under TA410, new Bumblebee malware used, and DDoS attacks from compromised WordPress sites...
Cybersecurity
Russia’s relentless digital assaults on Ukraine may have caused less damage than many anticipated. But most of its hacking is focused on a different goal that gets less attention but has chilling potential consequences: data collection. Ukrainian agencies breached on the eve…
The websites of Israeli radio stations 100FM and Radio Lev HaMedina were hacked on Thursday evening by a group of pro-Iranian hackers known as Hackers of Savior, according to Ynet. On the Radio Lev HaMedina website, the hackers took down the live video broadcast…
Decentralized finance (DeFi) platform Deus Finance confirmed reports that an attacker used an illicit method to steal millions of dollars on Wednesday evening. Two blockchain security firms, PeckShield and CertiK, said Deus Finance was hit with a variation of a…
A cyberespionage threat actor known for targeting a variety of critical infrastructure sectors in Africa, the Middle East, and the U.S. has been observed using an upgraded version of a remote access trojan with information stealing capabilities. Calling TA410 an umbrella group…
A newly discovered malware loader called Bumblebee is likely the latest development of the Conti syndicate, designed to replace the BazarLoader backdoor used to deliver ransomware payloads. The emergence of Bumblebee in phishing campaigns in March coincides with a…
GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations. GitHub revealed details tied to last week’s incident…
Ukraine's computer emergency response team (CERT-UA) has published an announcement warning of ongoing DDoS (distributed denial of service) attacks targeting pro-Ukraine sites and the government web portal. The threat actors, who at this time remain unknown…
Microsoft has patched a dangerous pair of vulnerabilities in its Azure Database for PostgreSQL Flexible Server that gave attackers unauthorized cross-account access to databases in cloud hosted environments. The first is a privilege escalation bug in a…
A 'logical flaw' in the npm registry enabled authors of malicious packages to quietly add anyone and any number of users as 'maintainers' to their packages in an attempt to boost the trust in their packages. The GitHub-owned repository of NodeJS components has now fixed…
Researchers have discovered hundreds of thousands of databases exposed to the public-facing internet over the past year, putting them at risk of compromise, according to Group-IB. The Singapore-based cybersecurity company’s Attack Surface Management team said it…