From opalsec.io
Daily News Update: Thursday, April 3, 2025 (Australia/Melbourne)
2 2
Hunters International's transition to Data Extortion model could indicate the "impose cost" offensive targeting Ransomware is paying off. Trump Administration uses commercial email for sensitive military discussions. Verizon API flaw allowed unrestricted access to customer call history.
#edr #cisco #github #infosec #malware #privacy #verizon #dataleak #databreach #ransomware
23h ago
From opalsec.io
Daily News Update: Friday, April 4, 2025 (Australia/Melbourne)
1 1
Chinese group exploiting Ivanti RCE bug since mid-March to drop web shells; DNS Fast Flux increasingly used by cyber crims & nation-states; GitHub Supply Chain attack traced to leaked Access Token in a CI workflow; Oracle says breach is of legacy system - receipts show otherwise.
#dns #cisa #github #ivanti #oracle #infosec #privacy #ukraine #zeroday #aiincyber
10h ago
From opalsec.io
Daily News Update: Wednesday, April 2, 2025 (Australia/Melbourne)
0 1
Increased scans of Palo Alto GlobalProtect devices may indicate imminent attack. Nakasone names China the biggest Cyber threat to the US. DPRK expands prolific IT Worker campaigns to Europe. Talos finds Identity a key culprit in 69% of Ransomware incidents.
on Wed, 10AM
From opalsec.io
Daily News Update: Monday, April 1, 2025 (Australia/Melbourne)
0 2
DPRK actors actively infiltrate global businesses, gaining privileged access and pivoting to 3rd parties. Lazarus adopts "ClickFix" tactics, luring job seekers and targeting non-technical roles. Attackers abuse malicious WordPress mu-plugins, a stealthy technique to inject code into every page.
on Tue, 10AM
From opalsec.io
Daily News Update: Sunday, March 31, 2025 (Australia/Melbourne)
0 1
Crocodilus malware is targets Android crypto wallets with social engineering, bypassing typical security measures to steal seed phrases. Microsoft's "Quick Machine Recovery" tool could automatically fix boot crashes caused by bad drivers or configurations, e.g. CrowdStrike's faulty update from 2024.
on Mon, 10AM
From opalsec.io
Daily News Update: Sunday, March 30, 2025 (Australia/Melbourne)
0 2
Malware authors increasingly use niche languages like Rust, Nim, and even Phix to bypass traditional security tools and complicate static analysis. The DOJ seized $8.2M in USDT from romance scams, revealing sophisticated manipulation tactics and links to human trafficking in Cambodia and Myanmar.
on Sun, 9AM
From opalsec.io
Daily News Update: Saturday, March 29, 2025 (Australia/Melbourne)
0 9
A breach at Oracle Health compromised patient data, with Oracle allegedly shifting responsibility to hospitals and avoiding documentation. A Walmart subsidiary is investigating claims of a Clop ransomware attack, potentially linked to the Cleo file transfer vulnerability.
on Sat, 1AM
From opalsec.io
Daily News Update: Friday, March 28, 2025 (Australia/Melbourne)
0 1
Infostealer Campaign Compromises 10 npm Packages Ten npm packages were updated with malicious code to steal environment variables and other sensitive data from developers' systems. The campaign targeted multiple cryptocurrency-related packages, and the popular 'country-currency-map' package was...
on Fri, 12PM
From opalsec.io
Daily News Update: Thursday, March 27, 2025 (Australia/Melbourne)
0 0
Audio Summary: Thursday, March 27, 2025 (Australia/Melbourne)0:00/292.1521× Chinese ‘FamousSparrow’ Hackers Resurface The Chinese government-backed hacking group FamousSparrow, thought to be dormant since 2022, has allegedly been targeting organisations in the U.S., Mexico, and...
on Mar 27
From opalsec.io
Daily News Update: Wednesday, March 26, 2025 (Australia/Melbourne)
0 0
Audio Summary: Wednesday, March 26, 2025 (Australia/Melbourne)0:00/305.0161× EncryptHub Linked to MMC Zero-Day Attacks on Windows Systems Trend Micro have linked the threat actor EncryptHub to attacks exploiting a zero-day vulnerability in Microsoft Management Console (MMC) vulnerability...
on Mar 26
From opalsec.io
Daily News Update: Tuesday, March 25, 2025 (Australia/Melbourne)
0 0
Audio Summary: Tuesday, March 25, 2025 (Australia/Melbourne)0:00/390.3121× Critical Flaw in Next.js Allows Authorization Bypass A critical severity vulnerability, tracked as CVE-2025-29927, has been discovered in the Next.js web development framework, potentially allowing attackers to...
on Mar 25