A root-server at the Internet’s core lost touch with its peers. We still don’t know why. (arstechnica.com)
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders (cloud.google.com)
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia (unit42.paloaltonetworks.com)
SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure (thehackernews.com)
Critical Fluent Bit flaw impacts all major cloud providers (www.bleepingcomputer.com) A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud providers and many technology giants.
PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) (www.helpnetsecurity.com)
A root-server at the Internet’s core lost touch with its peers. We still don’t know why. (arstechnica.com)
Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea (www.bitdefender.com)
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders (cloud.google.com)
New ransomware group abusing BitLocker (securelist.com)
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia (unit42.paloaltonetworks.com)
DNSBomb Pulsing DoS Attack (www.radware.com)
Criminal record database of millions of Americans dumped online (www.malwarebytes.com)
Breach Forums Plans Dark Web Return This Week Despite FBI Crackdown (www.hackread.com)
GitHub Fixes Maximum Severity Flaw in Enterprise Server (www.infosecurity-magazine.com)
Over 200K Likely Vulnerable Confluence Data Center Instances Exposed (cybernews.com)
Intercontinental Exchange to pay $10M SEC penalty over VPN breach (www.bleepingcomputer.com)
Some Microsoft services, DuckDuckGo hit by global outage (techcentral.co.za)
MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks (thehackernews.com)
Russia's Turla APT Abuses MSBuild to Deliver TinyTurla Backdoor (www.darkreading.com)
Novel EDR-Killing 'GhostEngine' Malware Is Built for Stealth (www.darkreading.com)
SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure (thehackernews.com)
Holes in Your Bitbucket: Why Your CI/CD Pipeline Is Leaking Secrets (cloud.google.com)
Iranian State Hackers Partner Up for Large-Scale Attacks, Report (www.hackread.com)
Critical GitHub Enterprise Server Flaw Allows Authentication Bypass (thehackernews.com)
Critical Fluent Bit flaw impacts all major cloud providers (www.bleepingcomputer.com)
A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud providers and many technology giants.
Bad Karma, No Justice: Void Manticore Destructive Activities in Israel (research.checkpoint.com)
Hacktivist Groups Target Indian Elections, Leak Personal Data, Says Report (www.hackread.com)
Critical Bug Allows DoS, RCE, Data Leaks in All Major Cloud Platforms (www.darkreading.com)
PoC exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026) (www.helpnetsecurity.com)