US CISA added the vulnerability CVE-2023-29552 in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2023-29552 (CVSS score: 7.5) in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities catalog. The Service Location Protocol (SLP) is a legacy service discovery protocol that allows computers and other devices to […]
Security firm Sumo Logic disclosed a security breach after discovering the compromise of its AWS account compromised last week. Sumo Logic is a cybersecurity company that specializes in cloud-based log management and analytics. The company disclosed a security breach after discovering that its AWS account was compromised last week. The company discovered the security breach […]
The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) to warn of ransomware initial access trends and provide recommendations to reduce the attack surface to ransomware attacks. As of July 2023, […]
Five Canadian hospitals were victims of a ransomware attack, threat actors claim to have stolen data from them and leaked them. Five Canadian hospitals revealed they were victims of ransomware attacks after threat actors leaked alleged stolen data. The impacted hospitals are Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, HĂ´tel-Dieu Grace Healthcare, and Windsor […]
Royal Mail has left an open redirect vulnerability on one of its sites, exposing its customers to phishing attacks and malware infections. The centuries-old Royal Mail is the largest courier company in the UK, boasting twice the market share of Amazon. The centuries-old Royal Mail is the largest courier company in the UK, boasting twice […]
The North Korea-linked APT BlueNoroff used a new strain of macOS malware strain dubbed ObjCShellz, Jamf Threat Labs reported. Researchers from Jamf Threat Labs discovered a new macOS malware strain dubbed ObjCShellz and attributed it to North Korea-linked APT BlueNoroff. The experts noticed that the ObjCShellz malware shares similarities with the RustBucket malware campaign associated with the BlueNoroff APT […]
The iconic integrated resort Marina Bay Sands in Singapore has disclosed a data breach that impacted 665,000 customers. The Marina Bay Sands (MBS) luxury resort in Singapore has suffered a data breach that impacted 665,000 customers. Marina Bay Sands discovered the security breach on 20 October 2023, an unauthorized third party gained access to some […]
Veeam addressed multiple vulnerabilities in its Veeam ONE IT infrastructure monitoring and analytics platform, including two critical issues. Veeam addressed four vulnerabilities (CVE-2023-38547, CVE-2023-38548, CVE-2023-38549, CVE-2023-41723) in the Veeam ONE IT infrastructure monitoring and analytics platform. The vulnerability CVE-2023-38547 (CVSS score 9.9) can be exploited by an unauthenticated attacker to gain information about the SQL […]
Pro-Palestinian hackers group ‘Soldiers of Solomon’ claims to have hacked one of the largest Israeli flour plants causing severe damage to the operations. The Pro-Palestinian hackers group ‘Soldiers of Solomon’ announced that it had breached the infrastructure of the production plant of Flour Mills Ltd, a multinational company engaged in the processing and marketing of […]
Iran-linked Agonizing Serpens group has been targeting Israeli organizations with destructive cyber attacks since January. Iran-linked Agonizing Serpens group (aka Agrius, BlackShadow, Pink Sandstorm, DEV-0022) has been targeting Israeli organizations in higher education and tech sectors with destructive cyber attacks since January 2023. Palo Alto Networks’ s Unit 42 researchers reported that threat actors first attempt to steal sensitive […]