OneBlood is a non-profit organization that provides blood and blood products to over 300 hospitals and medical facilities across the U.S. Southeast. The organization collects, tests, and distributes blood to ensure a steady supply for needy patients. A disruptive ransomware attack hit OneBlood and disrupted its medical operations. OneBlood is still operational and continues its…
Malicious actors are targeting users of a mobile currency game by using fake Android and Windows software that installs spyware and other malware. Hamster Kombat launched in March and already has more than 250 million users, likely due to the promises of winning TON-based cryptocurrency. The game is for Android users, who can earn in-game…
Cisco has addressed a critical vulnerability, tracked as CVE-2024-20419 (CVSS score of 10.0), in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers that allows attackers to change any user’s password. The issue is due to an improper implementation in the password-change process. Threat actors can trigger the vulnerability by sending specially crafted HTTP…
Black Hat USA 2024 once again served as a launchpad for several cybersecurity products and services with many notable vendors as well as up-and-coming startups showcasing their innovations at the annual conference, held this week in Las Vegas. The event, alongside the RSA Conference, remains a pivotal moment in the cybersecurity calendar, offering insights into…
A critical pre-authentication remote code execution (RCE) security vulnerability in Apache OFBiz could open organizations to data theft, lateral movement by threat actors into various applications and parts of their networks, and more. The bug, tracked as CVE-2024-38856, carries a notably high CVSS score of 9.8, given how impactful exploitation could be. Apache OFBiz is…
China-linked advanced persistent threat group APT41 appears to have compromised a government-affiliated institute in Taiwan that conducts research on advanced computing and associated technologies. The intrusion began in July 2023, with the threat actor gaining initial access to the victim environment via undetermined means. Since then, it has deployed multiple malware tools, including the well-known…
ESET, a global leader in cybersecurity, today announced the introduction of the cloud version of ESET Secure Authentication, the multifactor authentication module of the ESET PROTECT Platform. With the new offering, ESET customers can consolidate their security stack and have endpoint protection and multifactor authentication (MFA) provided natively from one vendor with a single pane…
Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024. Researchers from Bitdefender discovered the high-sophisticated Android spyware Mandrake in 2022, while investigating highly targeted attacks against specific devices. The original Mandrake campaign had two major infection waves, in…
Multiple ransomware groups have been weaponizing an authentication bypass bug in VMware ESXi hypervisors to quickly deploy malware across virtualized environments. VMware assigned the bug (CVE-2024-37085) a “medium” 6.8 out of 10 score on the CVSS scale. The average score is largely due to the fact that it requires an attacker to have existing permissions…
Lakera, the world’s leading real-time Generative AI (GenAI) Security company, has raised $20 million in a Series A funding round. Led by European VC Atomico, with participation from Citi Ventures, Dropbox Ventures, and existing investors including redalpine, this investment brings Lakera’s total funding to $30 million. This funding positions Lakera at the forefront of the…
Microsoft researchers warned that multiple ransomware gangs are exploiting the recently patched vulnerability CVE-2024-37085 (CVSS score of 6.8) in VMware ESXi flaw. “Microsoft researchers have uncovered a vulnerability in ESXi hypervisors being exploited by several ransomware operators to obtain full administrative permissions on domain-joined ESXi hypervisors.” warned Microsoft. The flaw is an authentication bypass vulnerability…
Cybersecurity researchers are sounding the alarm over an ongoing campaign that’s leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023. “Unbeknownst to…