From precision strikes to billion-dollar scams, cybercriminals are hitting hard on all fronts. A pinpoint phishing campaign targeted a handful of UAE entities in aviation and satellite communications, delivering a sneaky new Golang backdoor. Meanwhile, unidentified attackers unleashed brute-force assaults on over 4,000 IP addresses tied to ISPs in China and the U.S. West Coast, hunting for weak credentials. Across Europe, the online gambling sector is reeling, bleeding over $5 billion annually to fraud, with many operators losing part of their revenue. Here are the top 10 highlights from the past 24 hours.
01
A highly targeted phishing campaign was aimed at less than five entities in the UAE, particularly in the aviation and satellite communications sectors, to deliver a previously undocumented Golang backdoor named Sosano.
02
Unidentified threat actors targeted over 4,000 IP addresses of ISPs in China and the U.S. West Coast, using brute-force attacks to exploit weak credentials.
03
A new ClickFix phishing campaign is using malicious PowerShell commands to deploy the Havoc post-exploitation framework, granting remote access to compromised devices.
04
Threat actors, tracked under the name TGR-UNK-0011 or JavaGhost, are exploiting misconfigurations in AWS environments to send phishing emails for financial gain.
05
Google released its Android Security Bulletin, addressing 44 vulnerabilities, two (CVE-2024-43093 and CVE-2024-50302) of which are being actively exploited.
06
The CISA warned U.S. federal agencies about actively exploited vulnerabilities in Cisco (CVE-2023-20118) and Windows (CVE-2018-8639) systems.
07
The European online gambling (iGaming) sector is losing over €5 billion ($5.2 billion) annually to fraud, with nearly half of compliance professionals reporting losses of over 10% of their revenue.
08
Broadcom released a security alert regarding three zero-day vulnerabilities in VMware ESXi, Workstation, and Fusion, which have been exploited in the wild, with patches available for each impacted product.
09
Latin America is experiencing an accelerated rate of cyberthreats, with a 53% YOY rise in weekly cyberattacks against organizations, followed by Africa (37%) and Europe (35%).
10
Over 40% of networks allow unrestricted communication with at least one major cloud provider, enabling cybercriminals to exfiltrate data and deploy malware through trusted cloud services.
