Security Intelligence

Weekly threat roundup: TA397, also known as Bitter

Our weekly roundup of cyber intel related to threat actors. This week, we look at recent activity from TA397 aka Bitter.

Security Intelligence

Critical vulnerability in Microsoft 365 Copilot

New attack method, EchoLeak, exploits a zero-click AI flaw in M365 Copilot. No action needed, but the threat reveals a...

Security Intelligence

ConnectWise to rotate certificates, ICS patches include max-severity flaw

ConnectWise rotating its signing certificate to address config handling issues in older ScreenConnect versions, ICS...

Security Intelligence

Patch Tuesday updates from Microsoft and SAP

Patch Tuesday updates from Microsoft and SAP fix critical and high-severity flaws, including one exploited and one...

Security Intelligence

Mirai variant targets new flaws; POC for two Windows flaws published; TA397 linked to Indian State

Mirai botnet exploits Wazur and DVR flaws; Windows Kernel bugs get POCs; TA397 linked to Indian state in latest...

Security Intelligence

9,000 ASUS routers compromised in botnet campaign

Stealthy campaign, dubbed 'AyySSHusH,' compromises over 9,000 ASUS routers.

Security Intelligence

Confirmed: MathWorks outage due to ransomware attack

MathWorks confirms ransomware attack responsible for disrupting customer-facing and internal systems.

Security Intelligence

China-linked threat actor breaches government networks with Trimble flaw

China-linked UAT-6382 observed exploiting critical vulnerability in Trimble's Cityworks software to infiltrate U.S....

Security Intelligence

Critical vulnerabilities in Versa Concerto at risk of exploitation

Researchers identify vulnerabilities in Versa Concerto including an RCE flaw that carries a maximum severity score of...

Security Intelligence

Russian APT28 targets Western firms supporting Ukraine

APT28 conducts cyber espionage campaign targeting Western logistics and technology companies.

Security Intelligence

Scattered Spider shifts focus to US targets

Scattered Spider shifts focus from UK retailers to targeting retail chains in the United States.

Security Intelligence

Russian APT28 hackers leverage webmail zero-day

APT28's Operation RoundPress targets webmail servers through cross-site scripting (XSS) vulnerabilities.