Month: April 2024

Three large-scale malware campaigns have infiltrated Docker Hub, deploying millions of malicious “imageless” containers. The data comes from JFrog’s security research team, which recently revealed a concerning trend within Docker Hub. The platform, known for facilitating Docker image development, collaboration and distribution, hosts over 12.5 million repositories. However, according to JFrog, approximately 25% of these repositories

Coffee County in the US State of Georgia has been hit by a cyber-incident, reportedly leading to its connection to the state’s voter registration system being severed. In a statement, the Office of Coffee County Board of Commissioners said the County was informed of unusual cyber-activity on its IT infrastructure by the Department of Homeland

The US government has taken down Samourai Wallet, a cryptocurrency mixing service that executed over $2bn in unlawful transactions and laundered over $100m in criminal proceeds. In an April 24 press release, the US Department of Justice (DoJ) announced that Samourai’s web servers and domain were seized following a law enforcement operation in collaboration with

The US Federal Trade Commission (FTC) will send a total of $5.6m in refunds to customers of Ring, a home camera provider, as the result of a settlement with Ring over security and privacy failings. Ring, which was bought by tech giant Amazon in 2018, reached the settlement with the FTC in 2023 over charges

US government and critical infrastructure entities were sent 1754 ransomware vulnerability notifications under the Ransomware Vulnerability Warning Pilot (RVWP) program in 2023, resulting in 852 vulnerable devices being secured or taken offline. The highest number of alerts were sent to government facilities (641), which encompasses a range of federal, state and local government organizations, including

A state-sponsored threat actor has launched a sophisticated cyber espionage campaign that exploits two vulnerabilities in Cisco firewall platforms, according to an advisory from Cisco Talos. The campaign, dubbed ArcaneDoor, targets perimeter network devices to enable the attacker to undertake a range of actions inside an organization’s systems, including rerouting or modifying traffic and monitoring

The US Treasury has sanctioned several companies and individuals that have conducted cyber operations against American businesses and government entities on behalf of the Iranian regime. The companies in question acted as “fronts” for the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) to attack US businesses and government entities using techniques like spear

In a move away from traditional phishing scams, attackers are increasingly exploiting vulnerabilities in computer systems to gain initial network access, according to Mandiant’s M-Trends 2024 Report. In 2023, attackers gained initial access through exploiting vulnerabilities in 38% of intrusions, a 6% increase from the previous year. Mandiant also found phishing’s prevalence declined from 22%

A dependency confusion vulnerability has been found within an archived Apache project.  According to new data by Legit Security, who made the discovery, the finding underscores the importance of scrutinizing third-party projects and dependencies, particularly those archived and potentially neglected in terms of updates and security patches.  The technical post, published today, suggests that despite

Quishing attacks, a form of phishing that leverages QR codes, have significantly increased, climbing from a mere 0.8% in 2021 to 10.8% in 2024.  The figures come from the latest Egress report, which also suggests a notable decrease in attachment-based payloads, which halved from 72.7% to 35.7% over the same period.  According to the new