This botnet exploits the CVE-2015-2051 flaw to download a dropper script, and then deploys the Goldoon malware for DDoS attacks. The botnet uses various autorun methods for persistence and connects to a C2 server for instructions.

This flaw allows for an account takeover via Password Reset, enabling attackers to hijack accounts without any interaction. The affected versions range from 16.1 to 16.7, with GitLab releasing patches for versions 16.1.6 to 16.7.2.

The initiative is designed to mitigate the threat of consumer-grade devices being targeted by commercial spyware, potentially enabling sophisticated threat actors to use these as a stepping stone into back-end corporate systems and data.

HPE Aruba Networking has issued its April 2024 security advisory detailing critical remote code execution (RCE) vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system.

LockBit, Black Basta, and Play have been observed to be the most active ransomware groups in Q1 2024, with Black Basta experiencing a notable 41% increase in activity, according to a report by ReliaQuest.

According to Verizon’s 2024 Data Breach Investigations Report, this method of gaining unauthorized access leading to a breach accounted for 14% of malicious actors’ way into a network. It is the third most used after credential theft and phishing.

Elisity, a leader in identity-based microsegmentation, has secured $37 million in Series B funding from Insight Partners to enhance its AI capabilities for cyber threat anticipation.

Most businesses see offensive AI fast becoming a standard tool for cybercriminals, with 93% of security leaders expecting to face daily AI-driven attacks, according to Netacea.

The extension round was led by existing investors Accel, Cyberstarts, and Sequoia Capital, along with private investors. Oasis has now raised a total of $75 million, including its seed round and previous Series A.

The alert says that water operators are employing poor security standards that have allowed the hackers to breach their networks, including the use of default passwords that are included when the water system management tools are first installed.