Jan 14, 2025Ravie LakshmananCryptocurrency / Online Scam The Telegram-based online marketplace known as HuiOne Guarantee and its vendors have cumulatively received at least $24 billion in cryptocurrency, dwarfing the now-defunct Hydra to become the largest online illicit marketplace to have…
Critical infrastructure organizations have been urged to take action to ensure their operational technology (OT) products are secure by design. Government agencies from the Five Eyes intelligence and security alliance, alongside European partners, issued a joint advisory on January 13…
Jan 14, 2025Ravie LakshmananVulnerability / Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing…
Telco giant Telefonica has confirmed a breach of its internal systems, with hackers claiming to have stolen over 236,000 lines of customer data. Four threat actors posted an exfiltrated Jira database on a hacking forum late last week, according to…
A federal grand jury has indicted a 51-year-old church pastor on 26 counts of fraud, after allegedly using his position to deceive victims into investing in a cryptocurrency investment scam. That in itself would seem unusual, but what is even…
A new ransomware group dubbed FunkSec, which emerged in late 2024, has claimed to have targeted 85 victims in December alone, according to Check Point Research (CPR). In a January 10 report, CPR noted that FunkSec operators appear to use…
Jan 13, 2025The Hacker NewsThreat Detection / Network Security In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet (according…
A cyber-espionage campaign targeting diplomatic entities in Kazakhstan and Central Asia has been linked to the Russia-aligned intrusion set UAC-0063. According to recent findings by cybersecurity firm Sekoia, the campaign involved weaponized Microsoft Word documents designed to deliver HatVibe and…
Jan 13, 2025Ravie LakshmananVulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s…
Microsoft has confirmed an outage that affected its multi-factor authentication (MFA) system, causing service disruptions for users attempting to access Microsoft 365 applications. The issue, identified early on January 13, prevented some customers from logging into their accounts due to…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
