Security Bulletin

The developers behind a widespread worm are nesting further into networks by exploiting Windows escalation opportunities faster than organizations can patch them.

TechCrunch reports that Oklahoma-based casino and hotel resort WinStar had its customers' sensitive data inadvertently leaked by an exposed database owned by Nevada software startup Dexiga, which developed the casino resort giant's My WinStar app.

Updated Raspberry Robin malware emerges Several updates have been introduced to the Raspberry Robin malware, also known as QNAP worm, including its usage of two new exploits for one-day vulnerabilities, tracked as CVE-2023-36802 and CVE-2023-29360...

Three command-and-control servers previously linked to the ALPHV/BlackCat and Black Basta ransomware operations have been leveraged to support the novel Rust-based RustDoor backdoor, which spoofed Visual Studio to facilitate compromise file...

Federal Trade Commission Chair Lina Khan has noted that more aggressive actions will be taken by the agency against data misuse by big tech companies after it was sued by Meta to reverse a rule preventing the monetization of children's information...

More than $10 billion in fraud-related losses were reported by U.S. consumers for the first time in 2023, representing a 14% growth over 2022, even though the number of individuals who reported being targeted by fraud held steady at over 2.6 million...

BleepingComputer reports that threat actors were noted by the Cybersecurity and Infrastructure Security Agency to have commenced attacks targeting the critical remote code execution vulnerability in Fortinet's FortiOS devices, tracked as CVE-2024...

The UN is reportedly investigating dozens of crypto cyberattacks suspected to have earned the North Korean regime billions to fund its nuclear program.

The move by the State Department complements a Hive infrastructure takedown by international law enforcement.