Security Bulletin

More Latin American financial organizations have been subjected to intrusions involving the Mekotio banking trojan, also known as Melcoz, aimed at banking credential exfiltration, The Hacker News reports.

Cybersecurity investments reached $3.3 billion during the second quarter of this year, which was 71% higher than the same period last year.

Attacks leveraging cloud services and resources have been deployed by the novel CloudSorcerer advanced persistent threat operation against Russian government organizations, reports SiliconAngle.

Such a breach, which the BlackSuit ransomware group claimed to have resulted in the theft of 1.2 TB of data, "has endangered the safety and well-being of millions of public health patients."

Hong Kong-based computer hardware manufacturer Zotac had more than 20,000 data entries accidentally leaked after being uploaded to a publicly accessible file server.

Sp1d3rHunters also alleged that Ticketmaster could not use its SafeTix technology to rotate the impacted barcodes.

The exploitation of vulnerabilities in Ivanti's software underscores the need for robust cybersecurity measures and proactive response strategies to mitigate risks and protect critical assets.

Megjelent a SANS és a Nemzetbiztonsági Szakszolgálat Nemzeti Kibervédelmi Intézet közös kiadványának 2024. júliusi száma, melyben az üzenetküldéses támadásokkal foglalkozunk.

No risk to systems following claims ticket barcodes for upcoming Taylor Swift concerts were stolen, said Ticketmaster.

The newly discovered APT's main weapon is a malware tool that can change behavior depending on the process in which it is running.

Also known as Muse, DarkRace and fake LockBit 3.0, DoNex targets US, Italian and Belgian businesses.

The passwords, dumped on a cyber-underground forum on July 4 by a hacker called "ObamaCare," were collected from a variety of older and more recent breaches.