Top News

• New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks

"A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon."

Link

TLP¹ : Green

Top News

• Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network

"Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting them millions of dollars in illicit revenue."

Link

Top News

• Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing

"Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks."

Link

TLP¹ : Green

Top News

• New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam

"A phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures."

Link

TLP¹ : Green

Top News

• AutoSpill attack steals credentials from Android password managers

"Security researchers developed a new attack, which they named AutoSpill, to steal account credentials on Android during the autofill operation."

Link

TLP¹ : Green

Top News

• New Stealthy 'Krasue' Linux Trojan Targeting Telecom Firms in Thailand

"A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since 2021."

Link

Top News

• Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts

"Threat actors can take advantage of Amazon Web Services Security Token Service (AWS STS) as a way to infiltrate cloud accounts and conduct follow-on attacks."

Link

TLP¹ : Green

Top News

• Britain says no evidence of Sellafield nuclear site hacking

"Britain has no records or evidence to suggest that networks at the Sellafield nuclear site were the victim of a successful cyber attack by state actors, the government said on Monday following a report by the Guardian newspaper."

Link

Top News

• Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

"Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vector."

Link

TLP¹ : Green

Top News

• Google Unveils RETVec - Gmail's New Defense Against Spam and Malicious Emails

"Google has revealed a new multilingual text vectorizer called RETVec (short for Resilient and Efficient Text Vectorizer) to help detect potentially harmful content such as spam and malicious emails in Gmail."

Link