Latest News Articles
--- TLP:WHITE ---
News
− Ransomware Attack Knocks 100 Romanian Hospitals Offline
Over the weekend, a threat actor targeted the Hipocrate Information System (HIS) and deployed the Backmydata ransomware.
https://www.securityweek.com/ransomware-attack-knocks-100-romanian-hospitals-offline/− New Qbot malware variant uses fake Adobe installer popup for evasion
The developer of Qakbot malware, or someone with access to the source code, seems to be experimenting with new builds as fresh samples have been observed in email campaigns since mid-December.
https://www.bleepingcomputer.com/news/security/new-qbot-malware-variant-uses-fake-adobe-installer-popup-for-evasion/− Scammers stole HK$200 million (roughly $25,5 million) from a multi-national company using a deepfake video call
Scammers successfully stole HK$200 million (approximately $25.5 million) from a multinational company in Hong Kong by employing a deepfake video call to deceive an employee into transferring the funds.
https://securityaffairs.com/158651/cyber-crime/cyber-heist-with-deepfake-tech.html/Vulnerabilities
− Critical Vulnerability exists in Microsoft Outlook 2016 (CVE-2024-21413)
Microsoft has released an update for Microsoft Office 2016 which patches a critical vulnerability within Microsoft Outlook 2016.
https://www.ncsc.gov.ie/pdfs/2402140126_Microsoft_Outlook_CVE.pdf− Critical Vulnerabilities in Fortinet FortiOS
Fortinet has disclosed two critical vulnerabilities, CVE-2024-21762 and CVE-2024-23113, affecting its FortiOS operating system.
https://www.ncsc.gov.ie/pdfs/240209_FortiOS_Critical_Vulnerabilities.pdf− XXE Vulnerability affecting Ivanti Connect Secure, Ivanti Policy Secure and ZTA gateways .
An XML external entity or XXE vulnerability, CVE-2024-22024, has been discovered affecting the Ivanti Connect Secure, Ivanti Policy Secure and ZTA gateways.
https://www.ncsc.gov.ie/pdfs/CVE-2024-22024_XXE_Ivanti_Devices.pdfCommunity News
− Britain, France lead 35 nation agreement on controlling spyware, mercenary hackers
Countries led by Britain, France and the United States and tech firms including Google, Microsoft and Meta on Tuesday signed a joint statement recognising the need for more action to tackle malicious use of cyber spying tools.
https://www.reuters.com/technology/cybersecurity/britain-france-lead-35-nation-agreement-controlling-spyware-mercenary-hackers-2024-02-06/--- TLP:WHITE ---