BleepingComputer:
- TeamViewer Corporate Network Breach: TeamViewer has confirmed a breach of its corporate network, attributed to the Russian state-sponsored group Midnight Blizzard. The company reassured that customer data and the product environment were not compromised. Investigations are ongoing to assess the full impact of the attack. Read more.
- Linux Privilege Elevation Flaw Alert: CISA has issued a warning about an actively exploited Linux kernel vulnerability (CVE-2024-1086) that allows local attackers to gain root-level privileges. This flaw affects the netfilter: nf_tables component and has been patched in several stable kernel versions. Read more.
DarkReading:
- New Campaign by Earth Lusca: The Earth Lusca threat actor has been targeting high-value entities in government and private sectors globally. This group is known for espionage and financially motivated attacks. Read more.
- Critical Flaw in Cisco ASA and FTD Firewalls: The ArcaneDoor hacking group has been exploiting two zero-day vulnerabilities in Cisco ASA and FTD firewalls. These flaws have allowed the deployment of custom malware and backdoors, compromising government networks worldwide. Cisco has released patches to address these vulnerabilities. Read more.
The Hacker News:
- Critical Bugs in PJSIP SIP and Media Stack: Five security vulnerabilities have been disclosed in the PJSIP open-source multimedia communication library, which could lead to arbitrary code execution and denial-of-service (DoS). Users are advised to update to the latest patched versions to mitigate these risks. Read more.
- Europol Shuts Down VPNLab: Europol has taken down VPNLab.net, a VPN service favored by cybercriminals for deploying ransomware and other cybercrimes. The coordinated law enforcement operation has successfully disrupted this service. Read more.
SecurityWeek:
- WazirX Cryptocurrency Exchange Breach: WazirX, a major cryptocurrency exchange, has suffered a security breach leading to the loss of $230 million. The breach was due to vulnerabilities in the platform's infrastructure. Read more.
- North Korean Hackers Update Malware: North Korean hackers have updated their BeaverTail malware to target macOS users, expanding their capabilities and reach. This update demonstrates the evolving threat landscape posed by state-sponsored actors. Read more.
Wired:
- Impact of CrowdStrike Update Mishap: A faulty update from CrowdStrike has caused significant disruptions, crashing Windows systems globally and impacting numerous businesses. Cybercriminals have exploited this mishap to distribute Remcos RAT malware, further complicating the situation. Read more.
For more detailed information, you can visit BleepingComputer, DarkReading, The Hacker News, SecurityWeek, and Wired.