The Information Highway

Google Play, the official store for Android, distributed over a period of one year more than 200 malicious applications, which cumulatively counted nearly eight million downloads.

Cisco has confirmed that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum.

CISA is warning that threat actors have been observed abusing unencrypted persistent F5 BIG-IP cookies to identify and target other internal devices on the targeted network.

Casio now confirms it suffered a ransomware attack earlier this month, warning that the personal and confidential data of employees, job candidates, and some customers was also stolen.

Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup & Replication (VBR) servers.

Fidelity Investments, a Boston-based multinational financial services company, disclosed that the personal information of over 77,000 customers was exposed after its systems were breached in August.

Today, CISA revealed that attackers actively exploit a critical FortiOS remote code execution (RCE) vulnerability in the wild.

Threat update

A critical security flaw in the Apache Avro Java Software Development Kit (SDK), tracked as CVE-2024-47561, poses a significant threat to systems using this data serialization framework. A successful exploitation allows an attacker to execute arbitrary code on vulnerable instances. Continue reading this Cybersecurity Threat Advisory to learn how you can mitigate your risk.

On Thursday, K-12 school district Highline Public Schools confirmed that a ransomware attack forced it to shut down all schools in early September. 

Canadian video game developer Red Barrels is warning that the development of its Outlast games will likely be delayed after the company suffered a cyberattack impacting its internal IT systems and data. 

A recently disclosed vulnerability in the Common Unix Printing System (CUPS) open-source printing system can be exploited by threat actors to launch distributed denial-of-service (DDoS) attacks with a 600x amplification factor.

Threat update

 A new cryptojacking campaign exploiting the Docker Engine API has been discovered. The large-scale hacking campaign is targeting Docker Swarm, Kubernetes, and Secure Socket Shell (SSH) servers. Continue reading this Cybersecurity Threat Advisory to learn how to mitigate your risk from these vulnerabilities.

Adobe Commerce and Magento online stores are being targeted in "CosmicSting" attacks at an alarming rate, with threat actors hacking approximately 5% of all stores.

Threat update

There is a critical remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS) version 9.0, tracked as CVE-2024-45519. The vulnerability allows unauthenticated attackers to remotely execute arbitrary commands by exploiting weaknesses in Zimbra's SMTP PostJournal service. 

 A new 'FakeUpdate' campaign targeting users in France leverages compromised websites to show fake browser and application updates that spread a new version of the WarmCookie backdoor.

U.S. cybersecurity agency CISA is warning about two critical vulnerabilities that allow authentication bypass and remote code execution in Optigo Networks ONS-S8 Aggregation Switch products used in critical infrastructure.

 A critical vulnerability in NVIDIA Container Toolkit impacts all AI applications in a cloud or on-premises environment that rely on it to access GPU resources.

Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets. 

A new variant of the RomCom malware called SnipBot, has been used in attacks that pivot on the network to steal data from compromised systems.

A group of security researchers discovered critical flaws in Kia's dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle's license plate.