Security Bulletin

BleepingComputer reports that operations at the American Radio Relay League have been interrupted following a cyberattack against its IT systems that impacted its email and various online services.

Health plan and insurer administrative services provider WebTPA had data from more than 2.4 million individuals compromised following a security breach last April, reports The Record, a news site by cybersecurity firm Recorded Future.

Threat actors have been distributing the novel Antidot Android banking trojan as fraudulent Google Play updates to facilitate credential compromise and other malicious actions, SecurityWeek reports.

More phishing campaigns have been leveraging the Latrodectus malware loader since March, with the loader updated with more extensive enumeration and execution capabilities, as well as self-delete functionality, according to The Hacker News.

Fraudulent Google ads for the WinSCP and PuTTy utilities have been leveraged to attempt ransomware distribution as part of a malvertising campaign against Windows system administrators, reports BleepingComputer.

Cryptojacking operation Kinsing, also known as H2Miner, had its botnet strengthened with the addition of new security vulnerabilities, reports The Hacker News.

Security Affairs reports that North Korean state-sponsored cyberespionage operation Kimsuky, also known as APT43, Springtail, Black Banshee, Velvet Chollima, Thallium, and ARCHIPELAGO, has been targeting South Korean entities with the new Gomir Linux...

Nearly 1,500 banks across more than 60 countries had their customer accounts targeted in a widespread Grandoreiro banking trojan campaign, which commenced just two months after the trojan was dismantled in an international law enforcement operation...

Antidot uses overlay attacks and keylogging to target users' financial data.

For the past five years, the Space ISAC has been bringing the global space industry together.

Lumu's Ricardo Villadiego on the the relentless tactics of attackers and the innovations cybersecurity needs to meet demands.

Pentera's Jay Mar-Tang on the challenge of security validation and pentesting in the cloud.