Fancy Bear, the infamous Russian APT, has taken a diplomatic twist, using Kazakhstan government documents as phishing bait to infiltrate Central Asian officials with HATVIBE and CHERRYSPY malware. WordPress site owners face a growing threat as a new malware campaign has compromised over 5,000 websites. Attackers infiltrate these sites by creating rogue admin accounts. North Korean hackers have escalated their cryptocurrency heists, amassing over $659 million through cyberattacks, according to a joint warning from the U.S., South Korea, and Japan. Here are the top 10 highlights from the past 24 hours.
01
Fancy Bear has been using documents from the Kazakhstan government as phishing lures to infect and spy on government officials in Central Asia, with HATVIBE and CHERRYSPY malware.
02
A new malware campaign targeting WordPress sites has compromised over 5,000 websites. The attackers create rogue admin accounts, install a malicious plugin, and steal sensitive data.
03
The Sign in with Google authentication system has a critical flaw that affects around six million Americans currently working for tech startups.
04
The U.S., South Korea, and Japan issued a joint statement warning that North Korean state-backed hackers have stolen over $659 million worth of cryptocurrency in multiple cyberattacks, as of September 2024.
05
The CISA has urged federal agencies to patch a second vulnerability in BeyondTrust Privileged Remote Access and Remote Support solutions due to active exploitation by Chinese hackers.
06
A supply chain attack compromised Kong Ingress Controller v.3.4.0, with an attacker replacing the legitimate image with a malicious one containing cryptojacking code.
07
The Telegram-based marketplace HuiOne Guarantee and its vendors have received over $24 billion in cryptocurrency, making it the largest illicit online marketplace.
08
Microsoft's January 2025 Patch Tuesday addressed 159 security flaws, including eight zero-day vulnerabilities, three of which are being actively exploited in attacks.
09
The DoJ announced that the FBI has deleted the PlugX malware from over 4,200 computers in the U.S., targeting victims including European shipping companies, governments, and Chinese dissident groups.
10
MorganFranklin Cyber completed a management buyout to become a standalone firm, backed by private equity firm M|C Partners.
