"Microsoft has made a recent study and discovered that Russia indulged in over 58% of state funded attacks last year with China’s responsibility detected less that 10%. The tech giant also concluded that the threat actors from the Putin nation mostly targeted IT infrastructure based in United States followed by Ukraine, Britain and European NATO members."
"The recall is related to a series of vulnerabilities discovered by a team of cybersecurity researchers in 2018. In June 2019, the U.S. Food and Drug Administration (FDA) and Medtronic informed the public of a recall of MiniMed 508 and Paradigm series insulin pumps due to vulnerabilities that could allow an attacker to remotely hack the devices."
"Operators of an unknown ransomware gang are using a Python script to encrypt virtual machines hosted on VMware ESXi servers."
TLP1 : Green
"A new advanced threat group has been detected targeting energy and aviation firms in Russia, and institutions including governments in nine other countries. The group has not been associated with any existing APT, nor is its country of origin known. It has been named ChamelGang after its practice of blending into the background like a chameleon."
"Google has released Chrome 94.0.4606.71 for Windows, Mac, and Linux, to fix two zero-day vulnerabilities that have been exploited by attackers."
TLP1 : Green
"Edge security and content delivery giant Akamai Technologies on Wednesday announced plans to spend $600 million to acquire Guardicore, an Israeli micro-segmentation technology startup."
TLP1 : Green
"Experts spotted a new variant of the FinFisher surveillance spyware that is able to hijack and replace the Windows UEFI bootloader to infect Windows machines."
TLP1 : Green
"Microsoft has disclosed details of a vulnerability that researchers at Palo Alto Networks have named “Azurescape” because the attacks start from a container escape technique. The flaw affects Microsoft’s Azure Container Instances service and “could potentially allow a user to access other customers’ information in the ACI service,” Microsoft says"
"Hundreds of thousands of email credentials, many of which double as Active Directory domain credentials, came through to credential-trapping domains in clear text. "
TLP1 : Green
