Today’s security landscape is dominated by critical, actively exploited vulnerabilities. Oracle has released an emergency patch for a zero-day flaw in its E-Business Suite, while Microsoft is forced to lock down IE Mode in Edge due to separate zero-day attacks. A novel ‘Pixnapping’ attack on Android devices can steal 2FA codes without permissions, and a massive botnet is targeting RDP services across the US. Here is what you need to know to stay protected.
Top 5 Critical Security Alerts
- Oracle releases emergency patch for new E-Business Suite flaw: Oracle has issued an out-of-band patch for a critical, unauthenticated remote execution vulnerability in its E-Business Suite. Immediate patching is required. Read more
- Microsoft restricts IE mode access in Edge after zero-day attacks: Microsoft is locking down Internet Explorer mode in Edge after discovering active zero-day attacks exploiting the Chakra JavaScript engine for remote access. Read more
- Hackers can steal 2FA codes and private messages from Android phones: A novel ‘Pixnapping’ side-channel attack allows a malicious Android app, requiring no permissions, to steal 2FA codes and private messages from the screen. Read more
- Massive multi-country botnet targets RDP services in the US: A large-scale botnet, originating from over 100,000 unique IP addresses, is actively conducting brute-force attacks against Remote Desktop Protocol (RDP) services in the U.S. Read more
- SonicWall VPN accounts breached using stolen creds in widespread attacks: Threat actors have compromised over a hundred SonicWall SSLVPN accounts in a large-scale campaign using valid, stolen credentials to gain network access. Read more
Security Breaches & Incidents
- SimonMed says 1.2 million patients impacted in January data breach: U.S. medical imaging provider SimonMed is notifying 1.2 million individuals that their sensitive information was exposed in a data breach earlier this year. Read more
- Harvard investigating breach linked to Oracle zero-day exploit: Following its appearance on the Clop ransomware leak site, Harvard University is investigating a data breach linked to the newly disclosed Oracle E-Business Suite zero-day. Read more
- UK hit by record number of ‘nationally significant’ cyberattacks: The UK government reports a record number of major cyberattacks, prompting a direct appeal to business leaders to strengthen their enterprise security posture. Read more
Threat Intelligence
- Researchers Warn RondoDox Botnet is Weaponizing Over 50 Flaws Across 30+ Vendors: The RondoDox botnet has significantly expanded its attack surface, now leveraging over 50 vulnerabilities in products from more than 30 vendors to compromise infrastructure. Read more
- New Rust-Based Malware “ChaosBot” Uses Discord Channels to Control Victims’ PCs: A new backdoor written in Rust, named ChaosBot, is using Discord channels for command-and-control to execute commands and conduct reconnaissance on compromised systems. Read more
- Astaroth Banking Trojan Abuses GitHub to Remain Operational After Takedowns: The Astaroth banking trojan is now using GitHub repositories to host its malware, making its C2 infrastructure more resilient against takedown efforts. Read more
Cloud & Network Security
- Hackers Target ScreenConnect Features For Network Intrusions: Attackers are increasingly exploiting features within the ScreenConnect RMM tool, often via phishing, to gain unauthorized control over target systems and networks. Read more
Emerging Security Technologies
- Why Signal’s post-quantum makeover is an amazing engineering achievement: Signal’s implementation of the ML-KEM algorithm sets a new, high standard for post-quantum readiness, protecting user communications from future cryptographic threats. Read more
Security Tools & Best Practices
- Meet Varonis Interceptor: AI-Native Email Security: Varonis has launched Interceptor, an AI-native email security platform that uses multimodal AI to detect and stop zero-hour phishing and social engineering attacks. Read more
- Building a lasting security culture at Microsoft: Microsoft outlines its internal strategy for creating a durable security culture, emphasizing that every employee has a critical role in protecting the company and its customers. Read more
Security Standards & Frameworks
- Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia: Citing national security risks and ‘serious governance shortcomings,’ the Dutch government has taken control of the Chinese-owned chipmaker Nexperia. Read more
