The Information Highway

Threat update

A new phishing campaign spreading a fileless variant of Remcos RAT malware has been discovered. Read below to learn how this could impact your organization.

Threat update

A threat advisory was issued to Palo Alto customers notifying them of a vulnerability in the PAN-OS interface that can lead to remote code execution (RCE).

After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware.

More than 60,000 D-Link network-attached storage devices that have reached end-of-life are vulnerable to a command injection vulnerability with a publicly available exploit.

Attackers could exploit several vulnerabilities in the Mazda Connect infotainment unit, present in multiple car models including Mazda 3 (2014-2021), to execute arbitrary code with root permission. 

 Today, cybersecurity company Palo Alto Networks warned customers to restrict access to their next-generation firewalls because of a potential remote code execution vulnerability in the PAN-OS management interface.

Threat update

Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content.

Threat update

Synology, network-attached storage (NAS) maker, addressed critical security vulnerability, CVE-2024-10443, which impacts their DiskStation and BeePhotos applications. This is an unauthenticated vulnerability that can allow attackers to obtain root-level code execution on Synology NAS devices.

Google has left Android users puzzled after the most recent update to the Google mobile app causes links shared from the app to now be prepended with a mysterious "search.app" domain.

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services (AWS) credentials.

Hewlett Packard Enterprise (HPE) released updates for Instant AOS-8 and AOS-10 software to address two critical vulnerabilities in Aruba Networking Access Points.. 

Google's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security.

Threat update

Significant vulnerabilities in Microsoft's Azure AI Content Safety services have been discovered. These vulnerabilities enable attackers to bypass safeguards and deploy harmful AI-generated content. Continue reading this Cybersecurity Threat Advisory to learn the implications of these flaws and which security measures to implement to protect your organization.

Threat update

A new phishing campaign, identified as CRON#TRAP, are targeting Windows systems with a preloaded Linux virtual machine (VM) to evade detection to conduct malicious acts. Continue reading this Cybersecurity Threat Advisory to learn how to protect against this phishing campaign. 

A new phishing campaign dubbed 'CRON#TRAP' infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks.

A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks.

The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang.

OpenAI's new "ChatGPT search" Chrome extension feels like nothing more than a typical search hijacker, changing Chrome's settings so your address bar searches go through ChatGPT Search instead.

LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers.

Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week's Pwn2Own hacking competition within days.