Security Bulletin

BleepingComputer reports that the recently discovered 3AM ransomware operation, also known as ThreeAM, has been found to be associated with the Conti and Royal ransomware gangs.

Widespread phishing campaign deployed by reemerging TA866 Threat operation TA866 has reemerged with a new massive phishing campaign aimed at North America after being absent from the threat landscape for nine months, The Hacker News reports.

Attacks exploiting a critical out-of-bounds write zero-day vulnerability in VMware Center Server, tracked as CVE-2023-34048, have been deployed by Chinese cyberespionage operation UNC3886 since 2021, two years before the flaw was identified and...

Over 500 military bases across Russia and Russia-occupied regions in Ukraine, including the Russian Army's military headquarters, had their maps and construction plans exfiltrated following a cyberattack by Ukrainian hacking operation Blackjack...

Thousands of vulnerable servers may be open to cyberattacks exploiting the max-severity CVE-2023-46604 bug.

Even the most careful VMware customers may need to go back and double check that they weren't compromised by a zero-day exploit for CVE-2023-34048.

Russian state-sponsored threat actor Nobelium used a basic password-spray attack to breach Microsoft corporate email accounts, including for execs.

Based on fresh infection routines the APT is testing, it's looking to harvest threat intelligence in order to improve operational security and stealth.

The company, Modern Solutions, had misconfigured a cloud database, but argues the contractor could only have found the password through insider knowledge.