Latest News Articles
--- TLP:WHITE ---
News
−Two Sudanese Nationals Indicted for Alleged Role in Anonymous Sudan Cyberattacks
A federal grand jury indictment unsealed today charges two Sudanese nationals with operating and controlling Anonymous Sudan, an online cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDoS) attacks against critical infrastructure, corporate networks, and government agencies in the United States and around the world.
https://www.justice.gov/usao-cdca/pr/two-sudanese-nationals-indicted-alleged-role-anonymous-sudan-cyberattacks-hospitals− Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant
Cisco Talos has observed a new wave of attacks active since at least late 2023, from a Russian speaking group we track as “UAT-5647”, against Ukrainian government entities and unknown Polish entities.
https://blog.talosintelligence.com/uat-5647-romcom/−Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
Iranian hackers have been using brute force attack to gain access to government and critical infrastructure systems. These attacks have been different from previous ones as there has not been an attempt to disrupt operations.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-290aVulnerabilities
− How Low Can You Go? An Analysis of 2023 Time-to-Exploit Trends
Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software.
https://cloud.google.com/blog/topics/threat-intelligence/time-to-exploit-trends-2023−Security Vulnerability fixed in Firefox, Firefox ESR and Thunderbird
Mozilla has disclosed a vulnerability that affects it’s Firefox, Firefox ESR and Thunderbird products.CVE-2024-9680 refers to a critical, actively exploited “Use-After-Free” vulnerability in the animation timeline component of Mozilla’s web developer tools, which has the potential to lead to arbitrary code being executed. Mozilla has disclosed that they have had reports of this vulnerability being exploited in the wild.
https://www.ncsc.gov.ie/pdfs/2410220128_Security_Vulnerability_in_Firefox.pdfCommunity News
− Call for Experts: Join the ENISA Ad Hoc Working Group on EU Digital Identity Wallets Cybersecurity Certification
The European Union Agency for Cybersecurity (ENISA) launches a call for expression of interest to create an Ad Hoc Working Group on the certification of EU Digital Identity Wallets.
https://www.enisa.europa.eu/news/call-for-experts-join-the-enisa-ad-hoc-working-group-on-eu-digital-identity-wallets-cybersecurity-certification--- TLP:WHITE ---