Cybercriminals have your businesses in their crosshairs. They are now after the latest generation Mac devices powered by ARM-based M1 chips. For this, a custom-made malware called GoSearch22, distributed in the form of an extension, is being used.
A two-year-long cryptojacking operation launched by the WatchDog botnet has also grabbed the attention of researchers. The attackers had used 33 different exploits to target 32 vulnerabilities in Drupal, Elasticsearch, Redis, SQL Server, ThinkPHP, Oracle WebLogic, and
Spring Data Commons.
And, the list continues with the unraveling of a new variant of Masslogger trojan that steals Microsoft Outlook, Google Chrome, and Messenger service account details.
Top Breaches Reported in the Last 24 Hours
Singtel’s customers impacted
has revealed that 129,000 customers were impacted by a recently disclosed breach. This also includes some employees, partners, and corporate customers. The incident occurred after the malicious party gained access to a legacy file-sharing system used by the customers of the organization.
SolarWinds attack hit 100 firms
A new report from the White House has revealed
that the SolarWinds hack had breached almost 100 U.S. companies, making them potential targets for follow-up attacks. These firms were using the tainted Orion product from SolarWinds.
Faulty PACS system
Vulnerabilities in the PACS system
had left patient data at risk of unauthorized access for more than a year. Names, birth dates, types of image procedures, and study numbers of about 100,000 patients were available from July 2019 to December 2020.
$20 million ransom for KIA Motors
Kia Motors America
has suffered a ransomware attack by the DoppelPaymer gang. Following the attack, the gang has demanded a ransom of $20 million to decrypt files and not leak them online. The attack has affected the company’s mobile UVO Link apps, phone services, payment systems, owner’s portal, and internal sites.
Top Malware Reported in the Last 24 Hours
A Safari adware extension called GoSearch22
is the first-ever malware designed to target Macs powered by ARM-based M1 chips. Distributed as an extension, the adware is a variant of the Pirrit advertising malware. The malware is capable of collecting browser data and serves a large number of ads, such as banners and popups.
Researchers have tracked a cryptojacking campaign that was active for almost two years and involved the use of the WatchDog botnet
. The operators had used 33 different exploits to target 32 vulnerabilities in Drupal, Elasticsearch, Redis, SQL Server, ThinkPHP, Oracle WebLogic, and
Spring Data Commons.
New Masslogger trojan strain
A new variant of the Masslogger trojan
is being used in attacks aimed at stealing Microsoft Outlook, Google Chrome, and Messenger service account details. The campaign is currently focused on victims in Turkey, Latvia, Spain, Bulgaria, Hungary, Estonia, Romania, and Italy.
Top Vulnerabilities Reported in the Last 24 Hours
Buggy Ninja Forms plugin
Four flaws discovered in the Ninja Forms WordPress plugin
can allow attackers to perform site takeover, install arbitrary add-ons, redirect site owners to malicious destinations, and hijack emails. The owner of the plugin has patched all four bugs in version 220.127.116.11.