U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a VMware ESXi bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an authentication bypass VMware ESXi vulnerability, tracked as CVE-2024-37085 (CVSS score of 6.8), to its Known Exploited Vulnerabilities (KEV) catalog. This week, Microsoft warned that multiple ransomware gangs are […]
A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024. Researchers from Bitdefender […]
The APT group SideWinder launched a new espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. In the 2022 […]
Researchers detected a sophisticated phishing campaign targeting Microsoft OneDrive users to trick them into executing a PowerShell script. Over the past few weeks, the Trellix Advanced Research Center observed a sophisticated phishing campaign targeting Microsoft OneDrive users. Threat actors rely on social engineering tactics to trick users into executing a PowerShell script, which leads to […]
Microsoft warns that ransomware gangs are exploiting the recently patched CVE-2024-37085 flaw in VMware ESXi flaw. Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) in VMware ESXi flaw. “Microsoft researchers have uncovered a vulnerability in ESXi hypervisors being exploited by several ransomware operators to obtain full […]
Acronis warns of a critical vulnerability in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. Acronis is warning of a critical vulnerability, tracked as CVE-2023-45249 (CVSS score of 9.8), in its Acronis Cyber Infrastructure (ACI) solution that is being actively exploited in the wild. ACI is a comprehensive IT […]
CrowdStrike warns about a new threat actor targeting German customers by exploiting a recent issue with Falcon Sensor updates. On July 24, 2024, CrowdStrike experts identified a spear-phishing campaign targeting German customers by exploiting the recent issue with Falcon Sensor updates. A previously unknown threat actor set up a fake website, resembling a German entity, […]
Belarus-linked APT group GhostWriter targeted Ukrainian organizations with a malware family known as PicassoLoader, used to deliver various malicious payloads. The Ukrainian Government’s Computer Emergency Response Team (CERT-UA) reported a surge in activity associated with the APT group UAC-0057 (aka GhostWriter) group between July 12 and 18, 2024. Threat actors distributed documents containing macros designed […]
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Ukraine’s cyber operation shut down the ATM services of major Russian banks A bug in Chrome Password Manager […]
Ukraine launched a massive cyber operation that shut down the ATM services of the biggest Russian banks on July 27, reported the Kyiv Post. Ukraine has launched a massive cyberattack against ATMs of Russian banks, the cyber operation began on July 23. “This is an opportune moment to fully implement the Kremlin’s long-desired ‘import substitution’ […]