top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #94 - April 22, 2024

Cisco Fixes Firewall 0-Days After Likely Nation-State Hack

Source: Data Breach Today

Probable nation-state hackers targeted Cisco firewall appliances in a campaign dating to late 2023, the networking giant disclosed Wednesday. The company released three patches - two of them rated critical - for devices running Adaptive Security Appliance and Cisco Firepower Threat Defense software. 




State Hackers' New Frontier: Network Edge Devices

Source: Info Risk Today

Russian intelligence hackers as well as Russian-speaking cybercriminals have targeted devices including firewalls, virtual private networks and email filters. Chinese hackers with Beijing's backing have particularly demonstrated in-depth knowledge of edge device.




Godfather Banking Trojan Spawns 1.2K Samples Across 57 Countries

Source: Dark Reading

North of 1,000 samples of the Godfather mobile banking Trojan are circulating in dozens of countries worldwide, targeting hundreds of banking apps. First discovered in 2022, Godfather — which can record screens and keystrokes, intercepts two-factor authentication (2FA) calls and texts, initiates bank transfers, and more — has quickly become one of the most widespread malware-as-a-service offerings in cybercrime, especially mobile cybercrime.




LA County Health Services: Patients' data exposed in phishing attack

Source: Bleeping Computer

"Between February 19, 2024, and February 20, 2024, DHS experienced a phishing attack. Specifically, a hacker was able to gain log-in credentials of 23 DHS employees through a phishing e-mail," the notifications revealed. "In this case, the DHS employees clicked on the link located in the body of the e-mail, thinking that they were accessing a legitimate message from a trustworthy sender."




North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures

Source: The Hacker News

These initial access vectors trick targets into launching a malicious optical disc image (ISO) file bearing three files, one of which masquerades as an Amazon VNC client ("AmazonVNC.exe") that, in reality, is a renamed version of a legitimate Windows application called "choice.exe."



95 views

Comments


Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page