The Information Highway

Nidec Corporation is informing that hackers behind a ransomware attack is suffered earlier this year stole data and leaked it on the dark web.

The latest generations of Intel processors, including Xeon chips, and AMD's older microarchitectures on Linux are vulnerable to new speculative execution attacks that bypass existing 'Spectre' mitigations.

Threat update

Three Ivanti Cloud Service Appliance (CSA) vulnerabilities are being exploited and weaponized in the wild. Read this Cybersecurity Threat Advisory to learn how you can mitigate your risk of being targeted.

Threat update

 Researchers have observed the well-known cyber espionage group OilRig exploiting a now-patched privilege escalation vulnerability (CVE-2024-30088) in the Windows Kernel to conduct espionage operations. Read this Cybersecurity Threat Advisory to learn more about the espionage campaign and how to avoid becoming a victim of the campaign.

Threat update

A Mozilla Firefox critical zero-day vulnerability, CVE-2024-9680, has emerged. This vulnerability allows an attacker to have unauthorized access and potential remote code execution on the affected OS. Continue reading this Cybersecurity Threat Advisory for recommendations to remediate this threat.

Microsoft is warning enterprise customers that, for almost a month, a bug caused critical logs to be partially lost, putting at risk companies that rely on this data to detect unauthorized activity.

A tool for red-team operations called EDRSilencer has been observed in malicious incidents attempting to identify security tools and mute their alerts to management consoles.

Google Play, the official store for Android, distributed over a period of one year more than 200 malicious applications, which cumulatively counted nearly eight million downloads.

Cisco has confirmed that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum.

CISA is warning that threat actors have been observed abusing unencrypted persistent F5 BIG-IP cookies to identify and target other internal devices on the targeted network.

Casio now confirms it suffered a ransomware attack earlier this month, warning that the personal and confidential data of employees, job candidates, and some customers was also stolen.

Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup & Replication (VBR) servers.

Fidelity Investments, a Boston-based multinational financial services company, disclosed that the personal information of over 77,000 customers was exposed after its systems were breached in August.

Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild.

Threat update

A critical security flaw in the Apache Avro Java Software Development Kit (SDK), tracked as CVE-2024-47561, poses a significant threat to systems using this data serialization framework. A successful exploitation allows an attacker to execute arbitrary code on vulnerable instances. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate your risk.

On Thursday, K-12 school district Highline Public Schools confirmed that a ransomware attack forced it to shut down all schools in early September. 

Canadian video game developer Red Barrels is warning that the development of its Outlast games will likely be delayed after the company suffered a cyberattack impacting its internal IT systems and data. 

A recently disclosed vulnerability in the Common Unix Printing System (CUPS) open-source printing system can be exploited by threat actors to launch distributed denial-of-service (DDoS) attacks with a 600x amplification factor.

Threat update

 A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk from these vulnerabilities.

Adobe Commerce and Magento online stores are being targeted in "CosmicSting" attacks at an alarming rate, with threat actors hacking approximately 5% of all stores.