Avatar
Herjan Security 2y ago

Summary:

1. Akira ransomware targets Cisco VPNs without MFA, raising concerns about remote access security.

2. Weaponized Telegram mods pose risks as threat actors sell their versions.

3. Loda malware is a remote access trojan that steals sensitive information.

4. SriLanka government offices suffer a massive ransomware attack.

5. OriginBotnet attack delivers malware through a malicious Word document.

6. APT36 uses customized malware for targeted espionage in South Asia.

7. UNC3944 employs phone-based social engineering and SMS phishing attacks.

8. Hive0117 group launches phishing campaign targeting industries in Russia and neighboring countries.

9. Gamaredon group distributes malware disguised as MS Word documents via spear phishing.

10. Ballistic Bobcat APT group deploys the Sponsor backdoor for cyber espionage.

11. Windows Arbitrary File Deletion vulnerability can be used for full system compromise.

12. Free Download Manager for Linux is weaponized by threat actors to steal data and passwords.

13. MrTonyScam botnet orchestrates a massive Messenger phishing campaign on Facebook.

14. Storm-0324 threat actor uses Microsoft Teams for phishing emails to attack organizations.

15. 3AM ransomware surfaces and encrypts files in a limited manner.

16. Memory corruption flaws in the ncurses library allow threat actors to gain escalated privileges.

17. Proton Mail vulnerabilities jeopardize user privacy and confidentiality.

18. Chrome and Adobe release security updates to patch critical vulnerabilities.

19. Kubernetes, GitHub, and Mozilla face critical vulnerabilities.

20. Notepad++ and Trellix address vulnerabilities in their software.

21. Windows 11 and Azure HDInsight have code execution and XSS vulnerabilities.

22. Research papers highlight the challenges in detecting malicious HTTP traffic.

Hashtags:

#CyberSecurity #Threats #Vulnerabilities #Ransomware #Malware #Phishing #APTs #RemoteAccess #DataBreach #ZeroDay #SoftwareSecurity #Privacy #ChromeUpdate #AdobePatch #MicrosoftTeams #Windows11Vulnerability #XSS #SecurityUpdate

https://cybersecuritynews.com/threat-vulnerability-roundup-september/

Reply to this note

Please Login to reply.

Discussion

No replies yet.