07/26

July Windows Server updates break Remote Desktop connections

https://www.bleepingcomputer.com/news/microsoft/july-windows-server-updates-break-remote-desktop-connections/
July Windows Server updates break Remote Desktop connections

Russian ransomware gangs account for 69% of all ransom proceeds

https://www.bleepingcomputer.com/news/security/russian-ransomware-gangs-account-for-69-percent-of-all-ransom-proceeds/
Russian ransomware gangs account for 69% of all ransom proceeds

Acronis warns of Cyber Infrastructure default password abused in attacks

https://www.bleepingcomputer.com/news/security/acronis-warns-of-cyber-infrastructure-default-password-abused-in-attacks/
Acronis warns of Cyber Infrastructure default password abused in attacks

signature-base/yara/apt_nk_andariel_jul24.yar at master · Neo23x0/signature-base · GitHub

https://github.com/Neo23x0/signature-base/blob/master/yara/apt_nk_andariel_jul24.yar
signature-base/yara/apt_nk_andariel_jul24.yar at master · Neo23x0/signature-base · GitHub

Crypto exchange Gemini discloses third-party data breach

https://www.bleepingcomputer.com/news/security/crypto-exchange-gemini-discloses-third-party-data-breach/
Crypto exchange Gemini discloses third-party data breach

Anyone can Access Deleted and Private Repository Data on GitHub ◆ Truffle Security Co.

https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github
Anyone can Access Deleted and Private Repository Data on GitHub ◆ Truffle Security Co.

Critical ServiceNow RCE flaws actively exploited to steal credentials

https://www.bleepingcomputer.com/news/security/critical-servicenow-rce-flaws-actively-exploited-to-steal-credentials/
Critical ServiceNow RCE flaws actively exploited to steal credentials

Rewards for Justice – Reward Offer for Information on North Korean Malicious Cyber Actor Targeting U.S. Critical Infrastructure - United States Department of State

https://www.state.gov/rewards-for-justice-reward-offer-for-information-on-north-korean-malicious-cyber-actor-targeting-u-s-critical-infrastructure/
Rewards for Justice – Reward Offer for Information on North Korean Malicious Cyber Actor Targeting U.S. Critical Infrastructure - United States Department of State

Log in to X / X

https://x.com/settings/grok_settings
Log in to X / X

US Offers $10 Million Reward for Information on North Korean Hacker - SecurityWeek

https://www.securityweek.com/us-offers-10-million-reward-for-information-on-north-korean-hacker/
US Offers $10 Million Reward for Information on North Korean Hacker - SecurityWeek

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

https://thehackernews.com/2024/07/us-doj-indicts-north-korean-hacker-for.html
U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

North Korean Charged in Cyberattacks on US Hospitals, NASA and Military Bases - SecurityWeek

https://www.securityweek.com/north-korean-charged-in-ransomware-attacks-on-american-hospitals/
North Korean Charged in Cyberattacks on US Hospitals, NASA and Military Bases - SecurityWeek

BIND updates fix high-severity DoS bugs in the DNS software suite

https://securityaffairs.com/166190/security/bind-updates-high-severity-dos-bugs.html
BIND updates fix high-severity DoS bugs in the DNS software suite

Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks - SecurityWeek

https://www.securityweek.com/threat-actors-exploit-fresh-servicenow-vulnerabilities-in-attacks/
Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks - SecurityWeek

97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses - SecurityWeek

https://www.securityweek.com/97-of-devices-disrupted-by-crowdstrike-restored-as-insurer-estimates-billions-in-losses/
97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses - SecurityWeek

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

https://thehackernews.com/2024/07/ongoing-cyberattack-targets-exposed.html
Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

https://thehackernews.com/2024/07/spanish-hackers-bundle-phishing-kits.html
This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

FBCS data breach impact now reaches 4.2 million people

https://www.bleepingcomputer.com/news/security/fbcs-data-breach-impact-now-reaches-42-million-people/
FBCS data breach impact now reaches 4.2 million people

Abusing PIM-related application permissions in Microsoft Graph - Part 1 - emiliensocchi.io

https://www.emiliensocchi.io/abusing-pim-related-application-permissions-in-microsoft-graph-part-1/
Abusing PIM-related application permissions in Microsoft Graph - Part 1 - emiliensocchi.io

CrowdStrike Warns of New Phishing Scam Targeting German Customers

https://thehackernews.com/2024/07/crowdstrike-warns-of-new-phishing-scam.html
CrowdStrike Warns of New Phishing Scam Targeting German Customers

Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk

https://thehackernews.com/2024/07/critical-flaw-in-telerik-report-server.html
Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk

PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models  - SecurityWeek

https://www.securityweek.com/pkfail-vulnerability-allows-secure-boot-bypass-on-hundreds-of-computer-models/
PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models  - SecurityWeek