Welcome
Cyber Intel News
Check out the latest Cyber Threat Intel with Terminal Brew
Breaking News
US disrupts AI-powered bot farm pushing Russian propaganda on X:
Almost a thousand Twitter accounts controlled by a large bot farm pushing Russian propaganda and domains used to register the bots were taken down in a joint international law enforcement operation led by the U.S. Justice Department....
Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days:
Today is Microsoft's July 2024 Patch Tuesday, which includes security updates for 142 flaws, including two actively exploited and two publicly disclosed zero-days....
Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation:
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a China-linked cyber espionage group called APT40 , warning about its ability to co-opt exploits for newly disclosed security flaws within hours or days of public release. "APT40 has previously targeted organizations in various countries, including Australia and the United States," the agencies said . "Notably, APT40 possesses the ability to quickly...
CVEs
'CVE-2023-38831'
https://thehackernews.com/2024/07/cybersecurity-agencies-warn-of-china.html
New APT Group "CloudSorcerer" Targets Russian Government Entities:
A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, said the tradecraft adopted by the threat actor bears similarities with that of CloudWizard , but pointed out the differences in the malware source code. The attacks wield an innovative data-gathering pro...
https://thehackernews.com/2024/07/new-apt-group-cloudsorcerer-targets.html
New Ransomware-as-a-Service 'Eldorado' Targets Windows and Linux Systems:
An emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems. Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singapore-headquartered Group-IB said. The cybersecurity firm, which infiltrated the ransomware group, noted that its representative is a Russian speaker and that the malware does not overlap with previously leaked strains su...
https://thehackernews.com/2024/07/new-ransomware-as-service-eldorado.html
Russia forces Apple to remove dozens of VPN apps from App Store:
Apple has removed 25 virtual private network (VPN) apps from the Russian App Store at the request of Roskomnadzor, Russia's telecommunications watchdog....
CloudSorcerer hackers abuse cloud services to steal Russian govt data:
A new advanced persistent threat (APT) group named CloudSorcerer abuses public cloud services to steal data from Russian government organizations in cyberespionage attacks....
