Daily Cyber News Feed's Avatar

Daily Cyber News Feed

@bluecyber.bsky.social

Daily Cyber News Feed on Blue

85 Followers  |  51 Following  |  828 Posts  |  Joined: 29.11.2023  |  2.2919

Latest posts by bluecyber.bsky.social on Bluesky

Preview
Hackers steal sensitive data from Pennsylvania county during ransomware attack The government of Union County in central Pennsylvania said a recent ransomware attack exposed information related to law enforcement and other government business.

β€œThe affected information appears to be mostly related to individuals involved with County law enforcement, court related matters, and/or other County business,” the county said.

therecord.media/union-county...

25.03.2025 02:06 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Weaver Ant: Tracking a China-Nexus Cyber Espionage Operation Sygnia investigates Weaver Ant, a stealthy China-nexus threat actor targeting telecom providers. Learn how web shells enable persistence and espionage.

Original Article

www.sygnia.co/threat-repor...

25.03.2025 00:24 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Chinese hackers spent four years inside Asian telco’s networks The hackers compromised home routers made by Zyxel to gain entry into a β€œmajor” telecommunications company's environment.

An Asian telecommunications company was allegedly breached by Chinese government hackers who spent four years inside its systems.

The company said the hackers compromised home routers made by Zyxel to gain entry into the β€œmajor” telco’s environment.

therecord.media/chinese-hack...

25.03.2025 00:23 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
FBI Denver Warns of Online File Converter Scam | Federal Bureau of Investigation The FBI Denver Field Office is warning that agents are increasingly seeing a scam involving free online document converter tools.

www.fbi.gov/contact-us/f...

23.03.2025 14:50 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
FBI warnings are trueβ€”fake file converters do push malware The FBI is warning that fake online document converters are being used to steal people's information and, in worst-case scenarios, lead to ransomware attacks.

The FBI is warning that fake online document converters are being used to steal peoples’ information and, in worst-case scenarios, to deploy ransomware on victims' devices.

www.bleepingcomputer.com/news/securit...

23.03.2025 14:49 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Microsoft Trust Signing service abused to code-sign malware Cybercriminals are abusing Microsoft'sΒ Trusted Signing platform to code-sign malware executables with short-lived three-day certificates.

Cybercriminals are abusing Microsoft's Trusted Signing platform to code-sign malware executables with short-lived three-day certificates

www.bleepingcomputer.com/news/securit...

22.03.2025 16:34 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Cloudflare now blocks all unencrypted traffic to its API endpoints Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com.

Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com.

The move prevents unencrypted API requests from being sent, even accidentally.

www.bleepingcomputer.com/news/securit...

22.03.2025 16:23 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility Active exploitation of Cisco CVE-2024-20439 & 20440 in Smart Licensing forces urgent patching of vulnerable versions.

Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts

CVE-2024-20439 (9.8)

CVE-2024-20440 (9.8)

thehackernews.com/2025/03/ongo...

22.03.2025 01:37 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Operation FishMedley targeting governments, NGOs, and think tanks ESET Research is publishing its investigation of Operation FishMedley, a global espionage operation by the China-aligned APT group FishMonger.

www.welivesecurity.com/en/eset-rese...

22.03.2025 01:09 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families China-linked APT Aquatic Panda targeted 7 organizations in a 10-month espionage campaign using five malware families.

The China-linked APT Aquatic Panda has been linked to a "global espionage campaign" targeting governments, catholic charities, NGOs and think tanks across Taiwan, Hungary, Turkey, Thailand, France, and the United States. The activity took place Jan-Oct 2022.

thehackernews.com/2025/03/chin...

22.03.2025 01:09 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools UAT-5918 has attacked Taiwan infrastructure since 2023 using web shells and open-source tools to steal credentials.

thehackernews.com/2025/03/uat-...

22.03.2025 01:04 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Pentagon CIO calls for more offensive cyber capability Katie Arrington said her role is to help alleviate policies that are hindering DOD personnel from countering adversaries.

β€œWe’re fighting a war right now one-handed. My job, and the role that I’m in is [to] give you both your hands, because you need them. Policies are in place, and yes, we need to modify some. We need more offensive capability”

defensescoop.com/2025/03/20/k...

22.03.2025 01:01 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
CISA tags NAKIVO backup flaw as actively exploited in attacks CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO's Backup & Replication software.

CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO's Backup & Replication software.

20.03.2025 17:13 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 1
Preview
Veeam RCE bug lets domain users hack backup servers, patch now Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in itsΒ Backup & Replication software that impacts domain-joined installations. [...]
20.03.2025 23:30 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Veeam RCE bug lets domain users hack backup servers, patch now Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in itsΒ Backup & Replication software that impacts domain-joined installations.

Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in itsΒ Backup & Replication software that impacts domain-joined installations.
www.bleepingcomputer.com/news/securit...

20.03.2025 23:31 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
North Korea launches new unit with a focus on AI hacking, per report | TechCrunch North Korea is reportedly launching a new cybersecurity unit called Research Center 227 within its intelligence agency Reconnaissance General Bureau (RGB).

NEW: North Korea is reportedly launching a new cybersecurity research unit called Research Center 227, which will be housed within the intelligence agency Reconnaissance General Bureau (RGB), and will focus on AI-based hacking and stealing digital assets.

techcrunch.com/2025/03/20/n...

20.03.2025 20:09 β€” πŸ‘ 29    πŸ” 15    πŸ’¬ 1    πŸ“Œ 2
Preview
Volt Typhoon hackers were in Massachusetts utility’s systems for 10 months The Littleton Electric Light & Water Department was one of a range of critical infrastructure organizations targeted by the Chinese nation-state hackers.

Volt Typhoon spent more than 300 days inside the systems of the water and electricity utility for Littleton, Massachusetts, Dragos said today

therecord.media/volt-typhoon...

12.03.2025 19:44 β€” πŸ‘ 9    πŸ” 7    πŸ’¬ 0    πŸ“Œ 0
Preview
UAT-5918 targets critical infrastructure entities in Taiwan UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activitie...

blog.talosintelligence.com/uat-5918-tar...

21.03.2025 02:15 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Taiwan critical infrastructure targeted by hackers with possible ties to Volt Typhoon Researchers at Cisco Talos identified a hacking operation against Taiwan that appears to overlap with Chinese state-backed campaigns known as Volt Typhoon and Flax Typhoon.

Hackers with apparent ties to several China-based groups like Volt Typhoon are targeting critical infrastructure in Taiwan as part of an ongoing campaign.

therecord.media/taiwan-criti...

21.03.2025 01:43 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 2    πŸ“Œ 1
Cisco Security Advisory: Cisco Smart Licensing Utility Vulnerabilities Multiple vulnerabilities in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to collect sensitive information or administer Cisco Smart Licensing Utility services on a sys...

sec.cloudapps.cisco.com/security/cen...

21.03.2025 01:36 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Cisco warns of backdoor admin account in Smart Licensing Utility Cisco has removed aΒ backdoor account in the Cisco Smart Licensing Utility (CSLU) that can be usedΒ to log into unpatched systems with administrative privileges.

www.bleepingcomputer.com/news/securit...

21.03.2025 01:35 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Critical Cisco Smart Licensing Utility flaws now exploited in attacks Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account.

Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account, CVE-2024-20439

www.bleepingcomputer.com/news/securit...

21.03.2025 01:35 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 2    πŸ“Œ 0
CVE-2024-48248 Welcome to the NAKIVO Backup & Replication Knowledge Base. Find the answers to your questions regarding the product.

helpcenter.nakivo.com/Knowledge-Ba...

21.03.2025 01:27 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO Backup & Replication (CVE-2024-48248) As an industry, we believe that we’ve come to a common consensus after 25 years of circular debates - disclosure is terrible, information is actually dangerous, it’s best that it’s not shared, and the...

labs.watchtowr.com/the-best-sec...

21.03.2025 01:26 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
NVD - CVE-2024-48248

nvd.nist.gov/vuln/detail/...

21.03.2025 01:26 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
CISA tags NAKIVO backup flaw as actively exploited in attacks CISA has warned U.S. federal agencies to secure their networks against attacks exploiting a high-severity vulnerability in NAKIVO's Backup & Replication software.

NAKIVO's Backup & Replication software, CVE-2024-48248 (8.6), which can be exploited by unauthenticated attackers to read arbitrary files on vulnerable devices, added to CISA KEV.

www.bleepingcomputer.com/news/securit...

21.03.2025 01:26 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 3    πŸ“Œ 0
Preview
Trump executive order consolidates federal IT contracting under GSA GSA will be given authority to "defer or decline" being the executive agent of IT governmentwide contracts "when necessary to ensure continuity of service or as otherwise appropriate."

As part of GSA’s new role, the administrator will be able to β€œdefer or decline” being the executive agent of IT governmentwide contracts β€œwhen necessary to ensure continuity of service or as otherwise appropriate.”

fedscoop.com/trump-execut...

21.03.2025 01:15 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.

BeyondTrust completed an investigation into a recent cybersecurity incident that targeted some of the company's Remote Support SaaS instances by making use of a compromised API key.

The company said the breach involved 17 Remote Support SaaS customers.

thehackernews.com/2025/02/beyo...

01.02.2025 18:10 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Google says hackers abuse Gemini AI to empower their attacks Multiple state-sponsored groups are experimentingΒ with the AI-powered Gemini assistant from Google to increase productivity and to conduct research on potential infrastructure for attacks or for reconnaissance on targets.

Multiple state-sponsored groups are experimentingΒ with the AI-powered Gemini assistant from Google to increase productivity and to conduct research on potential infrastructure for attacks or for reconnaissance on targets.

01.02.2025 12:15 β€” πŸ‘ 13    πŸ” 5    πŸ’¬ 2    πŸ“Œ 1
Preview
Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists Meta-owned WhatsApp disrupted a zero-click spyware campaign by Paragon Solutions, targeting 90 journalists and activists.

Meta said it disrupted a campaign that involved the use of spyware to target journalists and civil society members.

The campaign, which targeted around 90 members, involved the use of spyware from an Israeli company known as Paragon Solutions.

thehackernews.com/2025/02/meta...

01.02.2025 17:49 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

@bluecyber is following 18 prominent accounts