23 NOVEMBER WEEKLY NEWSLETTER

BOCRA website

     

NEWSLETTER

 

Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware


                                                     LATEST CYBER HACKS 

 
 
icon

Toyota recovering from cyberattack on its financial services division

Toyota is bringing some services in its European and African financial services department back online after discovering a cyberattack. A spokesperson for the car maker directed Recorded Future News to a statement the company published about the incident following claims made by a notorious ransomware gang.

icon

More than 330,000 Medicare recipients affected by MOVEit breach

In the latest disclosures related to a Russian ransomware gang’s exploitation of the popular MOVEit file transfer service, a federal government agency revealed that more than 330,000 Medicare recipients were affected in a leak of sensitive data.

icon

Yamaha and WellLife Network confirm cyber incidents after ransomware gang claims attacks

apanese manufacturer Yamaha Motor and the healthcare organization WellLife Network have confirmed cyberattacks after being added to the leak site of a ransomware gang this week.


                                                      VULNERABILITIES

 
 
icon

CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild.

icon

Fortinet warns of critical command injection bug in       FortiSIEM

Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through specially crafted API requests.

icon

Over a Dozen Exploitable Vulnerabilities Found in AI/ML Tools

Since August 2023, members of the Huntr bug bounty platform for artificial intelligence (AI) and machine learning (ML) have uncovered over a dozen vulnerabilities exposing AI/ML models to system takeover and sensitive information theft.


                                     MALWARES

 
 
icon

8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader

The threat actors behind the 8Base ransomware are leveraging a variant of the Phobos ransomware to conduct their financially motivated attacks.

icon

27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain.


                               GENERAL NEWS

 
 
icon

Internet Blackouts in Gaza Are a New Weapon in the Israel-Hamas War

Israel has said it’s prepared to disrupt internet service in Gaza, signaling a new age of warfare. In the past two weeks, the Palestinian territory has already suffered three communications shutdowns.

icon

Screens are good, actually

Humane’s screenless mobile computer is nice and all, but actually, screens are pretty great.