Recent malware campaigns have highlighted diverse targeting strategies by cybercriminals. The Ajina.Banker Android malware is actively attacking banking customers in Central Asia, distributing through Telegram channels under the guise of legitimate applications. Meanwhile, a new Linux malware strain has been exploiting Oracle WebLogic servers, deploying Hadooken malware to drop two payloads. In another instance, researchers have observed RCE attacks on Progress Software’s WhatsUp Gold with hackers rapidly weaponizing publicly available PoC exploits shortly after their release. Take a look at the 10 key cybersecurity news from the last day.
01
The Ajina.Banker malware campaign has been targeting bank customers in Central Asia, spreading malicious Android malware disguised as legitimate applications through Telegram channels.
02
A new Linux malware has been targeting Oracle WebLogic servers to execute Hadooken malware, thereby dropping two payloads—the Tsunami malware and a cryptominer.
03
An Android-based TV box malware, Vo1d, has been found infecting nearly 1.3 million devices belonging to users in 197 countries. This backdoor is capable of secretly downloading and installing third-party software.
04
Citrix released a security bulletin for two critical vulnerabilities (CVE-2024-7889, CVE-2024-7890) in the Citrix Workspace app for Windows, which allows local privilege escalation that could let attackers gain system-level access.
05
DomainTools found multiple threat clusters using website templates, domain registrars, and redirections to exploit the retail sector through domain fraud, brand impersonation for financial fraud, and cryptocurrency-themed Ponzi schemes.
06
GitLab patched 17 vulnerabilities affecting both its enterprise and community versions, including a critical severity pipeline execution bug (CVE-2024-6678) that could allow an attacker to trigger a pipeline as an arbitrary user.
07
A recent malware campaign was seen delivering an Excel file via phishing, exploiting a critical vulnerability (CVE-2017-0199) in Microsoft Office and WordPad to execute a fileless Remcos RAT variant.
08
Researchers identified RCE attacks on Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671. Hackers exploited the publicly available PoC just after its release.
09
Aembit, a non-human identity and access management provider, secured $25 million in its Series A funding round led by Acrew Capital, with participation from Ballistic Ventures, CrowdStrike Falcon Fund, Okta Ventures, and Ten Eleven Ventures.
10
The credit card giant, Mastercard, announced the acquisition of threat intelligence company Recorded Future from Insight Partners for $2.65 billion.
