Daily Cyber Brief
The FBI thwarted an Iranian cyberattack on Boston's children's hospital, the FluBot operation was shut down by Europol, and Chinese APTs found using Microsoft 0-days...
Cybersecurity
Cyber Command chief confirms US took part in offensive cyber operations
U.S. Cyber Command Director Gen. Paul Nakasone confirmed for the first time that the U.S. had conducted offensive cyber operations in support of Ukraine. “We’ve conducted a series of operations across the full spectrum: offensive, defensive, [and] information operations,”…
FBI thwarted 'despicable' cyber attack on Boston children's hospital, director says
The FBI thwarted a planned cyberattack on a children's hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government, FBI Director Christopher Wray said Wednesday. Wray told a Boston College cybersecurity conference that his agents…
Europol shuts down FluBot malware operation alongside 11 countries
Europol announced on Wednesday that it coordinated with nearly a dozen countries to take down the operation behind the prolific Android malware FluBot. Since 2020, the FluBot malware strain has been accused of infecting at least 60,000 devices, with most victims…
Hundreds of Elasticsearch databases targeted in ransom attacks
Hackers have targeted poorly secured Elasticsearch databases and replaced 450 indexes with ransom notes asking for $620 to restore contents, amounting to a total demand of $279,000. The threat actors set a seven-day deadline for the payments and threaten to double the…
US Agencies: Karakurt extortion group demanding up to $13 million in attacks
The Karakurt data extortion group is holing victim data for ransoms of $25,000 to $13 million in Bitcoin, according to a new alert from the FBI, Cybersecurity and Infrastructure Security Agency (CISA), and the Treasury Department. The U.S. agencies said Karakurt victims have…
New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email
A new unpatched security vulnerability has been disclosed in the open-source Horde Webmail client that could be exploited to achieve remote code execution on the email server simply by sending a specially crafted email to a victim. "Once the email is viewed, the attacker can…
Feds Seize Domains Dealing Stolen Personal Data
The Justice Department and FBI today announced that three separate Internet domains have been seized for offering access to stolen data and performing network attacks. The domains include WeLeakInfo.to, ipress.in, and ovh-booter.com, the announcement said…
New Windows Search zero-day added to Microsoft protocol nightmare
A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by launching a Word document. The security issue can be leveraged because Windows supports a URI protocol…
Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability
An advanced persistent threat (APT) actor aligned with Chinese state interests has been observed weaponizing the new zero-day flaw in Microsoft Office to achieve code execution on affected systems. "TA413 CN APT spotted [in-the-wild] exploiting the Follina zero-day…
Ransomware Group Claims to Have Breached Foxconn Factory
Cybercriminals claim to have breached the systems of an important Foxconn factory in Mexico and they are threatening to leak stolen files if the company doesn’t pay a ransom. Foxconn Baja California, located in the city of Tijuana at the border with California…
Create your profile
Only paid subscribers can comment on this post
Check your email
For your security, we need to re-authenticate you.
Click the link we sent to , or click here to sign in.