top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #80 - January 15, 2024

NetScaler, Atlassian, VMware Disclose Critical Flaws

Source: Data Breach Today

IT infrastructure mainstays including NetScaler, Atlassian and VMware on Tuesday released fixes for vulnerabilities including some allowing malicious takeover of appliances. NetScaler - formerly known as Citrix - warned customers of two zero-day vulnerabilities that researchers say are being exploited in the wild.




Nearly 7K WordPress Sites Compromised by Balada Injector

Source: Dark Reading

About 6,700 WordPress websites have been infected with the Balada Injector malware, after using a Popup Builder plug-in with a cross-site scripting (XSS) vulnerability tracked as CVE-2023-6000.




FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials

Source: Bleeping Computer

CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads. This botnet was first spotted by Lacework Labs in 2022 and was controlling over 40,000 devices almost one year ago, according to Fortiguard Labs data.




Money Launderers, Fraudsters Flocking to Tether: UN Report

Source: Info Risk Today

Cryptocurrency Has 'Supercharged' Organized Crime in Southeast Asia. Digital money is energizing Southeast Asian organized crime as a method for money laundering and as a way of reaping new revenue, warn experts who say the Tether plays a heavy role in the rapidly evolving state of law-breaking in Myanmar, Thailand and elsewhere.




Mississippi Health System Ransomware Attack Affects 253,000

Source: Data Breach Today

A Mississippi health system is notifying nearly 253,000 individuals that their sensitive information was potentially compromised in a "malicious and sophisticated ransomware" attack that also took IT systems offline for several days last summer. The cybercriminal gang Rhysida had claimed responsibility for the assault.



112 views

Comments


Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page