Security Bulletin

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

[This is a Guest Diary by Keegan Hamlin, an ISC intern as part of the SANS.edu BACS program]

Almost 2 years ago, a reader asked us about TCP connections they observed. The data of these TCP connections starts with "MGLNDD_": " MGLNDD_* Scans".

Several new features have been added by DevOps security firm Cycode to its application security posture management platform led by the inclusion of generative artificial intelligence into its Risk Intelligence Graph, reports SiliconAngle.

BleepingComputer reports vulnerable ConnectWise ScreenConnect servers impacted by the CVE-2024-1708 and CVE-2024-1709 flaws were observed by Sophos X-Ops researchers to have been subjected to numerous LockBit ransomware attacks since Feb. 21 .

LockBit has been developing a new cross-platform ransomware variant to supersede LockBit 3.0 as the ransomware gang was taken down by an international law enforcement operation, The Register reports.

Attacks with the Konni RAT backdoor, also known as UpDog, have been deployed by North Korean threat actors under the Konni activity cluster.

Change Healthcare attack linked to state-backed threat actors Major U.S. healthcare revenue and payment cycle management provider Change Healthcare was noted by its parent firm UnitedHealth Group to have been targeted by suspected state-sponsored...

Cybernews reports that major U.S. mortgage and loan firm Mr.

Several Maryville drug rehabilitation centers across New Jersey have been impacted by a data breach following a cyberattack in August, reports NJ.com.

All five production plants of German battery manufacturer Varta in Germany, Romania, and Indonesia have yet to restart production almost two weeks following a cyberattack that disrupted its IT systems, according to The Record, a news site by...

CNN reports that Avast has been imposed a $16.5 million fine by the Federal Trade Commission for misleading customers with claims of protecting their browsing data but proceeding to gather and sell such data without prior consent.