Daily Cyber Brief

The FBI thwarted an Iranian cyberattack on Boston's children's hospital, the FluBot operation was shut down by Europol, and Chinese APTs found using Microsoft 0-days...

Cybersecurity

Cyber Command chief confirms US took part in offensive cyber operations

U.S. Cyber Command Director Gen. Paul Nakasone confirmed for the first time that the U.S. had conducted offensive cyber operations in support of Ukraine. “We’ve conducted a series of operations across the full spectrum: offensive, defensive, [and] information operations,”…

FBI thwarted 'despicable' cyber attack on Boston children's hospital, director says

The FBI thwarted a planned cyberattack on a children's hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government, FBI Director Christopher Wray said Wednesday. Wray told a Boston College cybersecurity conference that his agents…

Europol shuts down FluBot malware operation alongside 11 countries

Europol announced on Wednesday that it coordinated with nearly a dozen countries to take down the operation behind the prolific Android malware FluBot. Since 2020, the FluBot malware strain has been accused of infecting at least 60,000 devices, with most victims…

Hundreds of Elasticsearch databases targeted in ransom attacks

Hackers have targeted poorly secured Elasticsearch databases and replaced 450 indexes with ransom notes asking for $620 to restore contents, amounting to a total demand of $279,000. The threat actors set a seven-day deadline for the payments and threaten to double the…

US Agencies: Karakurt extortion group demanding up to $13 million in attacks

The Karakurt data extortion group is holing victim data for ransoms of $25,000 to $13 million in Bitcoin, according to a new alert from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Treasury Department. The U.S. agencies said Karakurt victims have…

New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email

A new unpatched security vulnerability has been disclosed in the open-source Horde Webmail client that could be exploited to achieve remote code execution on the email server simply by sending a specially crafted email to a victim. "Once the email is viewed, the attacker can…

Feds Seize Domains Dealing Stolen Personal Data

The Justice Department and FBI today announced that three separate Internet domains have been seized for offering access to stolen data and performing network attacks. The domains include WeLeakInfo.to, ipress.in, and ovh-booter.com, the announcement said…

New Windows Search zero-day added to Microsoft protocol nightmare

A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by launching a Word document. The security issue can be leveraged because Windows supports a URI protocol…

Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability

An advanced persistent threat (APT) actor aligned with Chinese state interests has been observed weaponizing the new zero-day flaw in Microsoft Office to achieve code execution on affected systems. "TA413 CN APT spotted [in-the-wild] exploiting the Follina zero-day…

Ransomware Group Claims to Have Breached Foxconn Factory

Cybercriminals claim to have breached the systems of an important Foxconn factory in Mexico and they are threatening to leak stolen files if the company doesn’t pay a ransom. Foxconn Baja California, located in the city of Tijuana at the border with California…

Daily Cyber Brief

The FBI thwarted an Iranian cyberattack on Boston's children's hospital, the FluBot operation was shut down by Europol, and Chinese APTs found using Microsoft 0-days...

Cybersecurity

Join the conversation

Overt Operator