Essential Cyber Intel Brief: 11/12/2024
No one has time to sift through dozens of websites for critical cybersecurity insights. That’s why I developed a better solution-it’s automated, curated, and absolutely free.
Get the important updates you need as a cybersecurity professional or business leader without the time drag or hassle.
Designed for efficiency, my custom program pinpoints the most critical cybersecurity events security professionals and business leaders need to know, and I publish them every business day at 9 AM CT for you.
In just one to two minutes, you’ll determine if the latest cybersecurity developments require further attention, allowing you to stay informed without losing your valuable time.
Subscribe to receive automated notifications and stay ahead of key developments-no spam, just concise, relevant updates delivered directly to your inbox.
You can connect with me on LinkedIn and join my professional network.
11/12/2024 — New Cybersecurity Updates
New Ymir ransomware partners with RustyStealer in attacks — A new ransomware family called ‘Ymir’ has been spotted in the wild, being introduced onto systems that were previously compromised by the RustyStealer info-stealer malware. Source
HIBP notifies 57 million people of Hot Topic data breach — Have I Been Pwned warns that an alleged data breach exposed the personal information of 56,904,909 accounts for Hot Topic, Box Lunch, and Torrid customers. Source
Amazon confirms employee data breach after vendor hack — Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. Source
Halliburton reports $35 million loss after ransomware attack — Halliburton has revealed that an August ransomware attack has led to $35 million in losses after the breach caused the company to shut down IT systems and disconnect customers. Source
Hackers now use ZIP file concatenation to evade detection — Hackers are targeting Windows machines using the ZIP file concatenation technique to deliver malicious payloads in compressed archives without security solutions detecting them. Source
New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks — Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. Source
New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia — In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. Source
Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware — Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Source
Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns — Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. Source
AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services — The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. Source
IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools — High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. Source
Malicious NPM Packages Target Roblox Users with Data-Stealing Malware — A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. Source
Cyberattack Cost Oil Giant Halliburton $35 Million — In its latest financial report, Halliburton said the recent cybersecurity incident has so far cost the company $35 million. Source
Debt Relief Firm Forth Discloses Data Breach Impacting 1.5 Million People — Forth says the personal information of 1.5 million people was compromised in a May 2024 data breach. Source
Veeam Patches High-Severity Vulnerability as Exploitation of Previous Flaw Expands — Veeam has released a hotfix for a high-severity authentication bypass vulnerability in Backup Enterprise Manager. Source
Law Firm Data Breach Impacts 300,000 Presbyterian Healthcare Patients — The information of over 300,000 Presbyterian Healthcare Services patients was compromised as a result of a data breach at law firm Thompson Coburn. Source
Many Legacy D-Link NAS Devices Exposed to Remote Attacks via Critical Flaw — D-Link warns of a critical-severity command injection vulnerability impacting multiple discontinued NAS models. Source
Palo Alto Networks Addresses Remote Code Execution Vulnerability Claims — Palo Alto Networks has issued an advisory urging customers to take action in response to claims of an RCE vulnerability in PAN-OS. Source
Chinese threat actor exploits credentials from password spray attacks — Microsoft observed malicious activity targeting and stealing credentials from Microsoft customers. Source
Malicious actors are exploiting DocuSign to send fake invoices — A new report reveals that malicious actors are exploiting APIs in DocuSign to send fake invoices. Source
Hot Topic — 56,904,909 breached accounts — In October 2024, retailer Hot Topic suffered a data breach that exposed 57 million unique email addresses. The impacted data also included physical addresses, phone numbers, purchases, genders, dates of birth and partial credit data containing card type, expiry and last 4 digits. Source
Get notified when I publish new articles so you don’t miss out on the latest cybersecurity updates. I never share your email address, and your subscription only sends you notifications when I publish new articles.
Copyright: Copyright © 2024 Tim Layton & Associates, LLC. All rights reserved. All information and content on this website are protected by copyright and may not be reproduced, distributed, or transmitted in any form without prior written permission from Tim Layton & Associates, LLC.
Originally published at https://timlaytonllc.com on November 12, 2024.
