The popular cybersecurity researcher Patrick Wardle dissected the new macOS ransomware Turtle used to target Apple devices. The popular cyber security researcher Patrick Wardle published a detailed analysis of the new macOS ransomware Turtle. Wardle pointed out that since Turtle was uploaded on Virus Total, it was labeled as malicious by 24 anti-malware solutions, suggesting […]
The US Department of the Treasuryâs Office of Foreign Assets Control (OFAC) announced sanctions against North Korea-linked APT group Kimsuky. The US Department of the Treasuryâs Office of Foreign Assets Control (OFAC) this week announced sanctions against the North Korea-linked APT group Kimsuky. Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium, Velvet Chollima, APT43) was first spotted by Kaspersky researchers in […]
The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. Â A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least […]
US CISA added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The two issues are: CVE-2023-6345 – The CVE-2023-5217 is a high-severity integer overflow in Skia. Skia is an open-source 2D graphics library that provides […]
Apple released emergency security updates to fix two actively exploited zero-day flaws impacting iPhone, iPad, and Mac devices. Apple released emergency security updates to address two zero-day vulnerabilities impacting iPhone, iPad, and Mac devices. The flaws are actively exploited in attacks in the wild, both issues reside in the WebKit browser engine. The first vulnerability, […]
A critical vulnerability in Zoom Room allowed threat actors to take over meetings and steal sensitive data. Researchers at AppOms discovered a vulnerability in Zoom Room as part of the HackerOne live hacking event H1-4420. Zoom Rooms is a feature of the Zoom video conferencing platform designed to enhance collaboration in physical meeting spaces, such as conference […]
The Rhysida ransomware group claimed to have hacked King Edward VIIâs Hospital in London. King Edward VII’s Hospital is a private hospital located on Beaumont Street in the Marylebone district of central London. It is a leading provider of acute and specialist medical care, with a focus on musculoskeletal health, urology, women’s health, and digestive […]
Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day, tracked as CVE-2023-6345, in the Chrome browser. The CVE-2023-5217 is a high-severity integer overflow in Skia. Skia is an open-source 2D graphics library […]
Thousands of secrets have been left exposed on Docker Hub, a platform where web developers collaborate on their code for web applications. While some are harmless API keys, others could lead to unauthorized access, data breaches, or identity theft, the latest Cybernews research reveals. The Docker Hub store has at least 5,493 container images that […]
Threat actors started exploiting a critical ownCloud vulnerability (CVE-2023-49103) that can lead to sensitive information disclosure. ownCloud is an open-source software platform designed for file synchronization and sharing. It allows individuals and organizations to create their own private cloud storage services, giving them control over their data while facilitating collaboration and file access across multiple […]