Threat Intelligence Cybersecurity Hacking News

In recent vulnerabilities, millions of OT devices are at high risk of supply chain attack as a set of 14 new vulnerabilities unearthed in the widely used NicheStack TCP/IP stack. Target against most major telecommunications companies in Southeast Asia, the campaigns were launched by three distinct Chinese threat actor groups - SoftCell, Naikon, and Emissary Panda.

Top Breaches Reported in the Last 48 Hours

Misconfigured Elasticsearch database

Comparitech researchers published a report that revealed details of Elasticsearch's unsecured marketing database that leaked private details of about 35 million residents across Chicago, San Diego, and Los Angeles.

School District No. 73 hacked

KAMLOOPS — School District No. 73 (SD73, Kamloops-Thompson) insurance provider for international students suffers cybersecurity breach. The exposed sophisticated data included the identity and contact information of students.

Ransomware attack

In a recent attack, Lazio region in Italy has published are report of a ransomware attack that has disabled the regions' IT system including the COVID-19 vaccination registration portal.

Top Malware Reported in the Last 48 Hours

APT31 deploys new RAT

A new series of attacks linked with Chinese hacking group APT131 has been found using a new RAT to target Mongolia, Belarus, Canada, the United States.

Top Vulnerabilities Reported in the Last 48 Hours

INFRA:HALT vulnerability

Cybersecurity researchers on Wednesday disclosed 14 vulnerabilities affecting a commonly-used TCP/IP stack used in millions of Operational Technology (OT) devices manufactured by no fewer than 200 vendors and deployed in manufacturing plants, power generation, water treatment, and critical infrastructure sectors. These flaws can enable hackers to achieve remote code execution DOS, information leak, TCP spoofing, and DNS cache poisoning.

Google high-risk Patches

Google this week pushed a major security-themed Android update with fixes for more than 30 security flaws that expose mobile users to a range of malicious hacker attacks. The critical security vulnerability in the Media Framework component could enable a local malicious application to bypass operating system protections that isolate application data from other apps.

Chromium critical bugs

Security researchers found a dangerous bug in chromium that allowed malicious parties to inject malicious code into embedded site pages. This can further enable attackers to steal sophisticated information from the victim's device.

New Cobalt Strike bugs

Security researchers have disclosed Cobalt Strike denial of service (DOS) vulnerabilities that could allow blocking beacon command and control c2 communication channels and new deployments. DoS vulnerabilities collectively tracked as Hotcobalt (CVE-2021-36798) were patched in the Cobalt Strike beacon with the release of version 4.4.