Daily Cyber Brief

Costa Rican government hit again by Hive ransomware gang, Microsoft offers fix for Follina vulnerability, and a cybercriminal stole $1.4M from the city of Portland...

Cybersecurity

Cyber agency: Voting software vulnerable in some states

Electronic voting machines from a leading vendor used in at least 16 states have software vulnerabilities that leave them susceptible to hacking if unaddressed, the nation’s leading cybersecurity agency says in an advisory sent to state election officials…

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The intrusion comes just weeks after Costa Rican President Rodrigo Chaves declared a state of emergency in response to a data ransom attack…

Over 3.6 million MySQL servers found exposed on the Internet

Over 3.6 million MySQL servers are publicly exposed on the Internet and responding to queries, making them an attractive target to hackers and extortionists. Of these accessible MySQL servers, 2.3 million are connected over IPv4, with 1.3 million devices over IPv6…

Costa Rican Social Security Fund hit with ransomware attack

The Costa Rican government continues to face off against ransomware gangs, confirming on Tuesday that its Social Security Fund was hit with a cyberattack. In a statement on Twitter, the Costa Rican Social Security Fund said the attack started early on Tuesday morning and…

SideWinder Hackers Launched Over a 1,000 Cyber Attacks Over the Past 2 Years

An "aggressive" advanced persistent threat (APT) group known as SideWinder has been linked to over 1,000 new attacks since April 2020. "Some of the main characteristics of this threat actor that make it stand out among the others, are the sheer number, high frequency and…

Microsoft Acknowledges Zero-Day, Follina Office Vulnerability, Suggests Fix

Microsoft released an advisory on Monday acknowledging the zero-day Office flaw dubbed ‘Follina’ and suggested a possible fix for it. The document assigned the vulnerability the identifier CVE-2022-30190 and a rating of 7.8 out of 10 on the Common Vulnerability…

New XLoader botnet uses probability theory to hide its servers

Threat analysts have spotted a new version of the XLoader botnet malware that uses probability theory to hide its command and control servers, making it difficult to disrupt the malware's operation. This helps the malware operators continue using the same…

Cybercriminal scams City of Portland, Ore. for $1.4 million

Portland, Ore. is investigating a cybersecurity breach that resulted in a $1.4 million fraudulent transaction with city funds in April — one discovered after the same compromised account tried again the next month, the city said in a press release late last week…

Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise

An analysis of the mobile threat landscape in 2022 shows that Spain and Turkey are the most targeted countries for malware campaigns, even as a mix of new and existing banking trojans are increasingly targeting Android devices to conduct on-device fraud (ODF)…

Turkish Airline Exposes Flight and Crew Info in 6.5TB Leak

A low-cost Turkish airline accidentally leaked personal information of flight crew alongside source code and flight data after misconfiguring an AWS bucket, it has emerged. A research team from security comparison site SafetyDetectives discovered the cloud data store left wide…

Daily Cyber Brief

Costa Rican government hit again by Hive ransomware gang, Microsoft offers fix for Follina vulnerability, and a cybercriminal stole $1.4M from the city of Portland...

Cybersecurity

Join the conversation

Overt Operator