From overlooked servers to the cutting edge of processors, cyber threats are becoming as diverse as they are dangerous. The Evasive Panda group is targeting sensitive entities in Taiwan, using the CloudScout toolset. ASEC, meanwhile, spotted mismanaged HiveOS servers being turned into cryptocurrency mining machines, hijacked through weak SSH credentials. Even the latest AMD and Intel chips aren’t safe, as speculative execution vulnerabilities allow attackers to bypass security barriers and access sensitive data. Read on for more information.
01
The Evasive Panda threat actor, linked to China, targeted a government entity and a religious organization in Taiwan using a post-compromise toolset called CloudScout.
02
ASEC identified attacks on mismanaged HiveOS servers, exploiting weak SSH credentials to access systems. Attackers install a LinuxRC backdoor and configure Ravencoin mining to hijack system resources.
03
Russian-linked APT28 hackers are targeting Ukrainian government agencies with phishing attacks that mimic Google's reCAPTCHA, tricking users into running malicious PowerShell commands.
04
A criti?cal vulnerability in CyberPanel allows zero-click, pre-authentication root RCE due to inconsistent authentication in its Django-based code. Over 22,000 vulnerable instances have been identified.
05
New research by Vipre revealed that around 12% of the 1.8 billion emails analyzed were classified as malicious, with BEC scams accounting for 58% of phishing attempts.
06
Research revealed that latest AMD and Intel processors remain vulnerable to speculative execution attacks, bypassing the Indirect Branch Predictor Barrier. While Intel issued a microcode patch (CVE-2023-38575), AMD’s IBPB is still bypassed on Linux.
07
Halloween-themed spam emails have increased by 18% compared to September, with 40% containing malicious content aimed at scamming users or harvesting personal data, reported Bitdefender.
08
A researcher released a tool named Chrome-App-Bound-Encryption-Decryption, enabling bypass of Chrome's App-Bound encryption to extract saved credentials. This tool accesses encrypted keys in Chrome's Local State file, risking sensitive data exposure.
09
Proofpoint reported a surge in cryptocurrency fraud using fake job offers, where scammers impersonate brands and use social media and messaging apps.
10
Cyber exposure management company Armis raised $200 million in a Series D funding round co-led by General Catalyst and Alkeon Capital, with participation from existing investors.
