Think of vice as a bad habit? Well, the Vice Society threat actor is wreaking havoc on the U.S. healthcare sector with an INC ransomware strain. In a separate development, a phishing attack has been identified where attackers impersonate a company’s HR department, sending emails and leading recipients to a fake Microsoft login page. Meanwhile, QR code parking scams are rising in the U.K. and globally, with attackers using malicious websites to steal motorists’ personal and payment information. Here are the latest 10 cybersecurity news highlights from the last 24 hours.
01
Microsoft warned against the financially motivated threat actor, Vice Society, that has been observed deploying the INC ransomware strain in a campaign dubbed Vanilla Tempest, specifically targeting the U.S. healthcare sector.
02
A phishing attack impersonating a company’s HR department has been discovered, with emails urging recipients to review a revised employee handbook and directing them to a fake Microsoft login page to steal their credentials.
03
The TeamTNT threat group has been targeting VPS cloud infrastructures on CentOS using Diamorphine rootkit to kill cryptocurrency mining processes, remove Docker containers, and update DNS settings to Google servers.
04
Scammers are exploiting Facebook by creating fake funeral group pages and offering fraudulent streaming services to gather credit card information from unsuspecting friends and family of the deceased.
05
QR code parking scams are on the rise in the U.K and globally, targeting unsuspecting motorists with malicious websites designed to steal personal and payment information.
06
The FBI and cybersecurity researchers disrupted a massive Chinese botnet, Raptor Train, that infected over 260,000 networking devices to target critical infrastructure in the U.S. and in other countries.
07
Europol and law enforcement from nine countries dismantled Ghost, an encrypted communication platform, which was used for drug trafficking and money laundering.
08
GitLab addressed a critical SAML authentication bypass vulnerability, CVE-2024-45409, impacting self-managed installations of the GitLab Community Edition and Enterprise Edition.
09
Millbeck Communications patched a command injection (CVE-2024-45682) and a reflected XSS (CVE-2024-38380) vulnerability in its Proroute H685t-w 4G Router. Successful exploitation of these flaws could allow an attacker to execute arbitrary commands on the device’s operating system.
10
A strategic intelligence startup, Strider Technologies, raised $55 million in a Series C investment led by Pelion Venture Partners, with participation from AXA Venture Partners, Valor Equity Partners, DataTribe, and Cyfr Capital.
