InfoSec News 20251003
Top News
-
Confucius Hacker Group Weaponizes Documents to Infect Windows Systems with AnonDoor Malware
"The Confucius hacking group, a long-running cyber-espionage operation with suspected state-sponsored ties, has significantly evolved its attack methodologies over the past year, transitioning from document stealers like WooperStealer to sophisticated Python-based backdoors including AnonDoor malware."
TLP1 : Green
-
Microsoft Outlook stops displaying inline SVG images used in attacks
"Microsoft says Outlook for Web and the new Outlook for Windows will no longer display risky inline SVG images that are being used in attacks."
TLP1 : Green
-
Google warns of Cl0p extortion campaign against Oracle E-Business users
"Google observed Cl0p ransomware group sending extortion emails to executives, claiming theft of Oracle E-Business Suite data."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
New "Cavalry Werewolf" Attack Hits Russian Agencies with FoalShell and StallionRAT
"A threat actor that's known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Customer details stolen in Renault UK cyber attack
"The car firm has insisted that the breach was an "isolated incident" and that no financial information was accessed."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
CISA Flags Meteobridge CVE-2025-4008 Flaw as Actively Exploited in the Wild
"The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting Smartbedded Meteobridge to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation."
TLP1 : Green
-
Unauthenticated RCE Flaw Patched in DrayTek Routers
"The security defect can be exploited remotely via crafted HTTP/S requests to a vulnerable device’s web user interface."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Access 8 CISSP security & risk management training courses for $30
"If you’re serious about advancing in cybersecurity, here’s a deal to help you get started preparing for one of the toughest cybersecurity certifications out there. You can grab the CISSP Security & Risk Management Training Bundle for just $29.97 (MSRP $424) through October 12."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Self-Propagating Malware Spreading Via WhatsApp, Targets Brazilian Users
"Trend™ Research has identified an active campaign spreading via WhatsApp through a ZIP file attachment. When executed, the malware establishes persistence and hijacks the compromised WhatsApp account to send copies of itself to the victim’s contacts."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.