CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, had been exploited as zero-day for a year and a half.
The post Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021 appeared first on SecurityWeek.
Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs
A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives.
The post Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs appeared first on SecurityWeek.
Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks
Microsoft says an APT with links to Iran’s military intelligence is impersonating a prominent journalist in clever spear-phishing attacks.
The post Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks appeared first on SecurityWeek.
Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days
Ivanti confirms active zero-day exploits, ships pre-patch mitigations, but says comprehensive fixes won’t be available until January 22.
The post Volexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-Days appeared first on SecurityWeek.
Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet
Malware hunters have set eyes on an impossible to kill botnet packed with end-of-life SOHO routers and connects it to a Chinese APT targeting US critical infrastructure.
The post Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet appeared first on SecurityWeek.
Apple Sets Trap to Catch iMessage Impersonators
New iMessage Contact Key Verification feature in Apple’s iOS and macOS platforms help catch impersonators on its iMessage service.
The post Apple Sets Trap to Catch iMessage Impersonators appeared first on SecurityWeek.
CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation
The US cybersecurity agency calls attention to a Russian APT targeting academia, defense, governmental organizations, NGOs and think-tanks.
The post CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation appeared first on SecurityWeek.
North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report
Recorded Future calculates that North Korean state-sponsored threat actors are believed to have stolen more than $3 billion in cryptocurrency.
The post North Korean Hackers Have Stolen Over $3 Billion in Cryptocurrency: Report appeared first on SecurityWeek.
State-Backed Hackers a Threat to Australia, Agency Warns
The AUKUS partnership, with its focus on nuclear submarines and other advanced military capabilities, is likely a target for state actors looking to steal intellectual property.
The post State-Backed Hackers a Threat to Australia, Agency Warns appeared first on SecurityWeek.
Russian Hackers Used OT Attack to Disrupt Power in Ukraine Amid Mass Missile Strikes
Mandiant says Russia’s Sandworm hackers used a novel OT attack to cause power outages that coincided with mass missile strikes on critical infrastructure across Ukraine.
The post Russian Hackers Used OT Attack to Disrupt Power in Ukraine Amid Mass Missile Strikes appeared first on SecurityWeek.
