Category: Cyber Security News & Updates

Void Banshee’ Exploits Second Microsoft Zero-Day Void Banshee, an advanced persistent threat group, has been exploiting two similar zero-day vulnerabilities in Microsoft’s MSHTML platform, identified as CVE-2024-43461 and CVE-2024-38112. These flaws allow attackers to execute

Fortinet Confirms Customer Data Breach Via Third Party Fortinet confirmed a data breach affecting a small number of customers after a hacker leaked 440GB of data from a third-party cloud-based SharePoint site. The incident highlights

Data Leak Exposes 14,000 US Medical Professionals: What We Know So Far A misconfiguration in the systems of MNA Healthcare, a Florida-based recruitment company, exposed a database backup containing sensitive information of 14,000 medical professionals.

Payment Gateway Data Breach Affects 1.7 Million Credit Card Owners Payment gateway provider Slim CD has reported a data breach affecting 1.7 million individuals, with unauthorized access occurring from August 2023 to June 2024. Although

U.S. Seizes 32 Pro-Russian Propaganda Domains In Major Disinformation Crackdown The U.S. Department of Justice (DoJ) seized 32 pro-Russian propaganda domains used by the Kremlin-backed Doppelganger campaign to covertly spread disinformation, bolster pro-Russian policies, and

Hackers Use Rare Stealth Techniques To Down Asian Military, Govt Orgs Cyber attackers resembling APT41 are leveraging two rare techniques—GrimResource and AppDomainManager Injection—to compromise high-level organizations in Southeast Asia, including government and military entities. GrimResource

Hacktivists Exploits Winrar Vulnerability In Attacks Against Russia And Belarus Hacktivist group Head Mare has been targeting organizations in Russia and Belarus by exploiting the CVE-2023-38831 vulnerability in WinRAR to deploy custom malware and ransomware.

Cyberattackers Exploit Google Sheets For Malware Control In Likely Espionage Campaign A sophisticated malware campaign exploiting Google Sheets as a command-and-control (C2) platform has been detected, targeting over 70 global organizations across various sectors, with

Blackbyte Ransomware Still Capitalizing On Known Vmware ESXi Flaw Despite repeated warnings, the ransomware group BlackByte is actively exploiting an authentication bypass vulnerability in VMware ESXi, allowing them to gain full control over virtual machines

Dick’s Sporting Goods Says Confidential Data Exposed In Cyberattack DICK’S Sporting Goods has disclosed a cyberattack that exposed confidential information within its systems. Upon detecting the breach, the company activated its cybersecurity response plan, shut