"The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they're uniquely problematic, and how to mitigate them."
"A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as part of a supply chain attack."
"A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deploy LockBit (aka Bitwise Spider or Syrphid) in the target network."
"A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and OriginBotnet, to gather a wide range of information from compromised Windows machines."
"The damage from hacking the account of the creator of the Ethereum cryptocurrency Vitalik Buterin at X (Twitter) was estimated at $691,000."
TLP1 : Green
"Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group's Pegasus mercenary spyware."
"Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forge tokens and access Outlook by compromising an engineer's corporate account."
"A previously undocumented "phishing empire" has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years."
TLP1 : Green
"Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes."
TLP1 : Green
"X, the social media site formerly known as Twitter, has updated its privacy policy to collect users' biometric data to tackle fraud and impersonation on the platform."
TLP1 : Green
