Ivanti Reveals 2 New Zero-Day Flaws, One Under Active Exploitation

Jan 31, 2024NewsroomVulnerability / Zero Day Ivanti has alerted to two new critical flaws in its Connect Secure and Policy Secure products, one of which it says is subject to targeted exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-21888 (CVSS score: 8.8) – A privilege escalation vulnerability in the web … Read more

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware

Jan 31, 2024NewsroomCyber ​​Crime / Hacking News Cybersecurity researchers call attention to the “democratization” of the phishing ecosystem due to the emergence of Telegram as a center of cybercrime, which allows threat actors to mount a mass attack in a small amount of time. $230. “This messaging app has become a bustling hub where seasoned … Read more

RBI restricts Paytm Payments Bank from taking new deposits, credit transactions

The Reserve Bank of India on Wednesday restricted Paytm Payments Bank Ltd from taking new deposits and credit transactions on its services due to non-compliance with regulations and supervisory concerns. An audit report “revealed persistent non-compliance and continuing material supervisory concerns at the bank, requiring further supervisory action,” the central bank said in a release. … Read more

Italian Businesses Hit by USB Weapons That Spread Cryptojacking Malware

Jan 31, 2024NewsroomCryptocurrency / Cybersecurity A financially motivated threat actor known as UNC4990 the use of weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks were isolated to several industries, including health, transportation, construction, and logistics. “UNC4990 operations typically involve widespread USB infection followed by deployment … Read more

ChatGPT, the MOVEit hack, and Pandora

ESET Research An AI chatbot inadvertently ignites a cybercrime boom, ransomware bandits rob organizations without deployment ransomware, and a new botnet enslaves Android TV boxes. 31 Jan 2024 • , 2 min. read In this episode of the ESET Research Podcast, we examine the most interesting findings of the ESET Threat Report H2 2023, including … Read more