Every day, new malware strains emerge, each more cunning and insidious, to infiltrate systems worldwide. In a new malware campaign, cybercriminals have been abusing RDPWrapper and Tailscale applications to target cryptocurrency users. On the other hand, DPRK threat actors impersonated a legitimate video call service to distribute a new version of the BeaverTrail Malware. A report revealed that 67% of organizations in the energy, oil/gas, and utilities sectors were hit by ransomware in 2024. Keep reading for the top 10 c cybersecurity updates from the last 24 hours.
01
A new sophisticated campaign targeting individuals in the cryptocurrency market has been discovered, abusing RDPWrapper and Tailscale applications to facilitate unauthorized access and control over victim systems.
02
DPRK attackers were found delivering an updated version of BeaverTail malware via an Apple macOS disk image file named ‘MiroTalk.dmg’, mimicking the legitimate video call service of the same name.
03
TE.0, a new variant of HTTP request smuggling, has been discovered affecting Google Cloud’s Load Balancer. This vulnerability compromised thousands of Google Cloud-hosted websites, impacting various services, including Identity-Aware Proxy.
04
Cybercriminals are exploiting hijacked YouTube channels to live-stream deep fake videos of Elon Musk discussing a supposed assassination attempt on Donald Trump, using QR codes in the videos to direct viewers to crypto-doubling scam websites.
05
The cybercrime gang Octo Tempest aka Scattered Spider added RansomHub and Qilin ransomware to its arsenal, stated Microsoft. The APT group also used the ransomware strains in campaigns in Q2 2024.
06
Threat actors are exploiting SEG-encoded URLs to bypass Barracuda Email Gateway Defense Link Protection, VIPRE, and other email security tools, and deliver malicious content, often spoofing popular brands like DocuSign and Microsoft.
07
Interpol’s global operation, Operation Jackal III, resulted in 300 arrests and the seizure of $3 million in assets from West African organized crime groups focused on online financial fraud, notably targeting the Nigeria-based Black Axe gang.
08
A maximum-security vulnerability, CVE-2024-20419, has been identified in Cisco Smart Software Manager On-Prem, which enables remote threat actors to change any user's password, including those of administrators, without requiring authentication.
09
In 2024, 67% of energy, oil/gas, and utilities organizations were hit by ransomware, with an average of 62% of their computers affected - well above the cross-sector average of 49%, as per a report.
10
According to a Legit Security report, out of 19,113 custom GitHub Actions in the marketplace, only 913 were created by verified GitHub users. Additionally, 18% of these actions have vulnerable dependencies, and 762 are archived and no longer receive regular updates or vulnerability fixes.
