Attention macOS users! The newly discovered Cthulhu Stealer info-stealer, available as a MaaS, has been targeting macOS users and is capable of harvesting extensive data. In other news, a memory-only dropper named PEAKLIGHT has emerged, which decrypts and executes a PowerShell-based downloader through malicious ZIP files disguised as pirated movies. Moreover, the Log4j vulnerability continues to be a significant and evolving threat despite being over two years old. Explore further for the latest cybersecurity updates.
01
Researchers discovered a new info-stealer, Cthulhu Stealer, available as a MaaS, which targets macOS users, harvesting a wide range of data and affecting both x86_64 and Arm architectures.
02
A new memory-only dropper PEAKLIGHT, has been discovered, decrypting and executing a PowerShell-based downloader via pirated movie files that are actually malicious ZIP files with Microsoft Shortcut Files (LNK).
03
The Qilin ransomware group has been found using a credential harvesting technique to steal account credentials stored in the Google Chrome browser on specific network endpoints.
04
The CISA added several critical vulnerabilities to its KEV catalog, including Dahua IP Camera authentication bypass (CVE-2021-33044 and CVE-2021-33045), Linux kernel heap-based buffer overflow (CVE-2022-0185), and Microsoft Exchange Server information disclosure (CVE-2021-31196) vulnerabilities.
05
As part of the ClearFake campaign, malicious actors have been injecting fake pop-ups into WordPress websites to deceive users into downloading Zilla trojan malware, prompting them to execute malicious commands in Windows PowerShell.
06
The HHS issued an advisory about Everest, a Russian-speaking ransomware group, targeting the U.S. healthcare sector using tools like Cobalt Strike to facilitate its attacks.
07
SolarWinds addressed a new hardcoded credential vulnerability (CVE-2024-28987) in its Web Help Desk software, which could enable remote unauthenticated users to gain unauthorized access to vulnerable instances.
08
Even after two years, threat actors are still exploiting the Log4j vulnerability (Log4Shell), in a new opportunistic campaign to deploy the XMRig coinminer.
09
The NEBRC and NHS England announced new funding by Better Security, Better Care, to offer free cyber services and training to social care providers in the North East and Yorkshire.
10
Nortal, a strategic digital transformation partner announced the acquisition of the U.K-based cybersecurity consultancy, 3DOT Solutions, to bolster its cybersecurity and defense business in Europe, the U.S., and the GCC.
