The Information Highway

The RansomHub ransomware gang is behind the recent cyberattack on oil and gas services giant Halliburton, which disrupted the company's IT systems and business operations.

Threat actors target Middle Eastern organizations with malware disguised as the legitimate Palo Alto GlobalProtect Tool that can steal data and execute remote PowerShell commands to infiltrate internal networks further.

The malicious PoorTry kernel-mode Windows driver used by multiple ransomware gangs to turn off Endpoint Detection and Response (EDR) solutions has evolved into an EDR wiper, deleting files crucial for the operation of security solutions and making restoration harder. 

DICK'S Sporting Goods, the largest chain of sporting goods retail stores in the United States, disclosed that confidential information was exposed in a cyberattack detected last Wednesday.

Threat update

A critical vulnerability has been identified in the SonicWall SonicOS management access. 

Park'N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network. 

A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their credentials. 

Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests.

Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year.

The Seattle-Tacoma International Airport has confirmed that a cyberattack is likely behind the ongoing IT systems outage that disrupted reservation check-in systems and delayed flights over the weekend. 

Threat update

Researchers discovered that externally-facing Oracle NetSuite e-commerce sites may expose sensitive customer information when configured inaccurately.

Halliburton, one of the world's largest providers of services to the energy industry, has confirmed a cyberattack that forced it to shut down some of its systems earlier this week.

Threat update

CVE-2024-38856 is a new Apache OFBiz ERP system critical zero-day vulnerability. If you are using this system, please continue reading to learn which steps you should take to mitigate your risk. 

In today's digital landscape, email remains a fundamental communication tool for businesses. However, its ubiquity makes it a prime target for cyber threats. Understanding these threats is the first step in fortifying your email security. In this blog post, we'll explore the technical intricacies of various email threats and how you can protect your business from these ever-evolving dangers. 

It takes less than a minute for someone to fall for a phishing scam. According to the 2024 Data Breach Investigations Report, the median time for a recipient to click on a malicious link after opening the email is 21 seconds, followed by 28 seconds to enter the requested data.

Threat update

A VMware ESXi vulnerability, known as CVE-2024-37085, has been discovered and it is actively exploited by several ransomware groups. Review this Cybersecurity Threat Advisory to learn how to limit the impact of this flaw. 

Fake IT support sites promote malicious PowerShell "fixes" for common Windows errors, like the 0x80070643 error, to infect devices with information-stealing malware.

Juniper Networks has released an emergency update to address a maximum severity vulnerability that leads to authentication bypass in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router products.

Hackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords.

Agropur, one of the largest dairy cooperatives in North America, is notifying customers of a data breach after some of its shared online directories were exposed.