Imagine a digital predator silently lurking within your device, poised to strike unexpectedly. Such was the case when threat actors exploited HTML attachments, leveraging the Windows search protocol as a gateway for malware delivery. Meanwhile, the Pakistani threat actor group Cosmic Leopard has been found targeting Indian entities with the GravityRAT and HeavyLift malware. Scammer alert! A fraudulent website has been discovered selling tickets to the Paris 2024 Summer Olympic Games. Read along for more.
01
Researchers have discovered a sophisticated malware campaign that uses the Windows search functionality embedded in HTML code to deliver malware.
02
The Pakistani threat actor group Cosmic Leopard has launched a new malware campaign Operation Celestial Force, targeting Indian defense and government sectors with GravityRAT and HeavyLift malware.
03
The Cardinal cybercrime group, which operates the Black Basta ransomware, may have exploited a recently patched Windows privilege escalation vulnerability (CVE-2024-26169) as a zero-day.
04
A recently launched phishing kit enables both red teamers and cybercriminals to create PWAs capable of displaying authentic-looking corporate login forms to steal credentials.
05
The CISA issued a warning about a phone-based impersonation fraud campaign in which scammers pretend to be CISA employees and request money or sensitive information.
06
Google issued patches for 50 security vulnerabilities in its Pixel devices, including a high-severity zero-day EoP flaw (CVE-2024-32896) that has already been exploited in targeted attacks.
07
A critical flaw (CVE-2024-27801) has been found in the low-level implementation of NSXPC that affects all Apple platforms, allowing threat actors to gain unauthorized access.
08
A fraudulent website, paris24tickets[.]com, claiming to sell tickets to the Paris 2024 Summer Olympic Games, has been identified among 338 such sites, with 51 shut down and 140 receiving formal notices from law enforcement.
09
Over 256,000 publicly exposed servers have been found vulnerable to a critical RCE flaw (CVE-2024-30080) in Microsoft Message Queuing (MSMQ) services, which could allow malicious actors to execute arbitrary code on affected systems.
10
U.S.-based cybersecurity firm Everfox (formerly Forcepoint Federal) announced the acquisition of Garrison Technology, a U.K-based hardware security supplier for government organizations and regulated industries.
