Security Bulletin

One year after its emergence in the threat landscape, Alpha ransomware has been discovered to resemble the Netwalker ransomware-as-a-service operation that was dismantled in January 2021, BleepingComputer reports.

Pennsylvania's Washington County has provided $346,687 worth of cryptocurrency to suspected Russian hackers behind a ransomware attack against its systems last month, according to The Record, a news site by cybersecurity firm Recorded Future.

Hackread reports that global human resource consulting firm Robert Half International has been claimed to be compromised by threat actors IntelBroker and Sanggiero in separate attacks earlier this month, which resulted in significant data...

Recent cyberattacks against major global financial services provider Prudential Financial and major U.S. retail mortgage lender loanDepot have been claimed by the ALPHV/BlackCat ransomware operation, reports BleepingComputer.

Operators of the SpyNote Android banking trojan have updated the payload to impersonate legitimate cryptocurrency wallets and facilitate cryptocurrency exfiltration, which represents a significant shift from the malware's prior focus on account...

Novel MMS Fingerprint attack used by NSO Group against WhatsApp WhatsApp users have been targeted by Israeli spyware firm NSO Group through the new MMS Fingerprint attack that involved the exploitation of a vulnerability in the widely used messaging...

BleepingComputer reports that mounting sanctions against various bitcoin mixing services have prompted North Korean hacking collective Lazarus Group to transition to the YoMix bitcoin mixer for its money laundering activities.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: CISA Equipment: Industrial Control Systems Network Protocol Parsers (ICSNPP) - Ethercat Plugin for Zeek Vulnerabilities: Out-of-bounds Write, Out...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: Electrical discharge machines Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.4 ATTENTION: Exploitable remotely/low attack complexity Vendor: Commend Equipment: WS203VICM Vulnerabilities: Argument Injection, Improper Access Control, Weak Encoding for Password 2. RISK EVALUATION...

CISA released three Industrial Control Systems (ICS) advisories on February 20, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-051-01 Commend WS203VICM ICSA-24...

Bruce’s story unfolds in Cincinnati, Ohio. As a young boy, he had an ambitious dream of one day becoming the President of the United States. This aspiration remained his guiding star until he began his professional career after college. His mother...