Latest News Articles
--- TLP:WHITE ---
News
− Hacktivism is evolving – and that could be bad news for organizations everywhere
Hacktivism is nothing new, but the increasingly fuzzy lines between traditional hacktivism and state-backed operations make it a more potent threat
https://www.welivesecurity.com/en/business-security/hacktivism-evolving-bad-news-organizations-everywhere/− French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks
State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory. The attacks have been attributed to a cluster tracked by Microsoft under the name Midnight Blizzard (formerly Nobelium), which overlaps with activity tracked as APT29, BlueBravo, Cloaked Ursa, Cozy Bear
https://www.cert.ssi.gouv.fr/cti/CERTFR-2024-CTI-006/− U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department.
https://thehackernews.com/2024/06/us-treasury-sanctions-12-kaspersky.htmlVulnerabilities
− Critical Heap-Overflow and Privilege Escalation Vulnerabilities in VMware vCenter Server
Multiple heap-overflow and privilege escalation vulnerabilities in vCenter Server
https://www.ncsc.gov.ie/pdfs/2406180171_Vulnerabilities_in_VMWare_vCenter_Server.pdf− Auth. Bypass In (Un)Limited Scenarios - Progress MOVEit Transfer
Today (25th June 2024), Progress un-embargoed an authentication bypass vulnerability in Progress MOVEit Transfer.
https://labs.watchtowr.com/auth-bypass-in-un-limited-scenarios-progress-moveit-transfer-cve-2024-5806/Community News
− Share your feedback: ENISA public consultation bolsters EU5G Cybersecurity Certification
ENISA has released and is seeking feedback on the embedded Universal Integrated Circuit Card (eUICC) specifications of the cybersecurity certification scheme on EU5G, which is carried out under the Common Criteria scheme.
https://www.enisa.europa.eu/news/share-your-feedback-enisa-public-consultation-bolsters-eu5g-cybersecurity-certification--- TLP:WHITE ---