NetScaler, Atlassian, VMware Disclose Critical Flaws
Source: Data Breach Today
IT infrastructure mainstays including NetScaler, Atlassian and VMware on Tuesday released fixes for vulnerabilities including some allowing malicious takeover of appliances. NetScaler - formerly known as Citrix - warned customers of two zero-day vulnerabilities that researchers say are being exploited in the wild.
Nearly 7K WordPress Sites Compromised by Balada Injector
Source: Dark Reading
About 6,700 WordPress websites have been infected with the Balada Injector malware, after using a Popup Builder plug-in with a cross-site scripting (XSS) vulnerability tracked as CVE-2023-6000.
FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials
Source: Bleeping Computer
CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads. This botnet was first spotted by Lacework Labs in 2022 and was controlling over 40,000 devices almost one year ago, according to Fortiguard Labs data.
Money Launderers, Fraudsters Flocking to Tether: UN Report
Source: Info Risk Today
Cryptocurrency Has 'Supercharged' Organized Crime in Southeast Asia. Digital money is energizing Southeast Asian organized crime as a method for money laundering and as a way of reaping new revenue, warn experts who say the Tether plays a heavy role in the rapidly evolving state of law-breaking in Myanmar, Thailand and elsewhere.
Mississippi Health System Ransomware Attack Affects 253,000
Source: Data Breach Today
A Mississippi health system is notifying nearly 253,000 individuals that their sensitive information was potentially compromised in a "malicious and sophisticated ransomware" attack that also took IT systems offline for several days last summer. The cybercriminal gang Rhysida had claimed responsibility for the assault.
Comments