Mind the (air) gap: GoldenJackal Targets Government Systems
New insights into GoldenJackal’s sophisticated toolsets, which have been used to carry out cyberespionage activities across Europe, South Asia, and the Middle East since 2019.
Latest
APT-C-00 OceanLotus Utilizes Advanced Dual Loader with VMP Protections
Hacking Kia: Remotely Controlling Cars With Just a License Plate
Evil Corp: The Cybercrime Syndicate that Refuses to Die
Iranian Cyber Espionage Campaign Targets Swedish SMS Service in Data Breach
Political Deepfakes Exploit Global Elections: Emerging Tactics and Impacts
Remote Code Execution Vulnerabilities Discovered in CUPS Affecting UNIX Systems
Malware
APT-C-00 OceanLotus Utilizes Advanced Dual Loader with VMP Protections
On September 23, 2024, the Advanced Threat Research Institute’s 360 Threat Intelligence Center released a detailed analysis on APT-C-00, also known as OceanLotus, a notorious advanced persistent threat (APT) group with suspected state backing.
Evil Corp: The Cybercrime Syndicate that Refuses to Die
Russian State-Sponsored Mobile Threats: A Decade of Espionage and Surveillance
Global Coalition Expands Efforts to Counter Commercial Spyware Misuse
Raptor Train: Chinese Nation-State Botnet Compromises Over 200,000 Devices
How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus
Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors
Vulnerability
Hacking Kia: Remotely Controlling Cars With Just a License Plate
On September 23, 2024, cybersecurity researcher Sammy released an alarming report detailing critical vulnerabilities in Kia vehicles that allowed attackers to remotely control key vehicle functions using only the vehicle’s license plate number.
Iranian Cyber Espionage Campaign Targets Swedish SMS Service in Data Breach
Remote Code Execution Vulnerabilities Discovered in CUPS Affecting UNIX Systems
Storm on the Horizon: Inside the AJCloud IoT Ecosystem
CVE-2024-45488: Skeleton Cookie Vulnerability Exposes Safeguard for Privileged Passwords to Full Administrative Access
Google Cloud Exploit: CloudImposer Vulnerability Exposed Millions of Servers
CISA Adds Nine Exploited Vulnerabilities to KEV Catalog Over Two Days
Exploited in the wild
Remote Code Execution Vulnerabilities Discovered in CUPS Affecting UNIX Systems
On September 26, 2024, a detailed disclosure outlined critical vulnerabilities in the Common UNIX Printing System (CUPS) that enable remote code execution (RCE) on UNIX systems, including various GNU/Linux distributions.
Storm on the Horizon: Inside the AJCloud IoT Ecosystem
CVE-2024-45488: Skeleton Cookie Vulnerability Exposes Safeguard for Privileged Passwords to Full Administrative Access
Fox Kitten APT Continues to Exploit U.S. and Foreign Organizations, New Infrastructure Revealed
Google Cloud Exploit: CloudImposer Vulnerability Exposed Millions of Servers
CISA Adds Nine Exploited Vulnerabilities to KEV Catalog Over Two Days
