Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware

The threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter.
The campaign, observed earlier this month and blocked by Proofpoint on January 11, 2024, involved sending thousands of invoice-themed emails targeting North America bearing decoy PDF files.
"The PDFs

https://thehackernews.com/2024/01/invoic...ploys.html

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

Microsoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments.
The Windows maker attributed the attack to a Russian advanced persistent threat (APT) group it tracks as Midnight Blizzard (formerly

https://thehackernews.com/2024/01/micros...ed-in.html

CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products.
The development arrives as the vulnerabilities – an authentication bypass

https://thehackernews.com/2024/01/cisa-i...ve-to.html

Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years

An advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been attributed to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021.
"UNC3886 has a track record of utilizing zero-day vulnerabilities to complete their mission without being detected, and this latest example

https://thehackernews.com/2024/01/chines...nized.html

Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks

Cybersecurity researchers are warning of a "notable increase" in threat actor activity actively exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell on compromised hosts.

"The web shells are concealed within an unknown binary format and are designed to evade security and signature-based scanners," Trustwave said. "Notably, despite the binary's unknown file

https://thehackernews.com/2024/01/apache...n-new.html

How to Drive Hands-Free with Ford BlueCruise

Simple step-by-step instructions from a Ford expert on how to set up and then engage Ford BlueCruise while in designated Blue Zones.


https://media.ford.com/content/fordmedia...ruise.html

DRIVE with Jim Farley: Dr. Sanjay Gupta, Human Intuition and Self-Driving Cars

In Season 2's first episode, Jim Farley talks with Dr. Sanjay Gupta, the chief medical correspondent for CNN, whose mother — a refugee from India — was the first female Ford engineer with an advanced degree.


https://media.ford.com/content/fordmedia...d-sel.html

Ford Pro Insure, Powered by Pie, Now Includes Commercial Auto Coverage In Indiana An

With the addition of Indiana and Wisconsin, Ford Pro Insure is available in five states, including Arizona, Illinois and Tennessee.


https://media.ford.com/content/fordmedia...to-co.html

Parts of Your Future Car Could Be Made From Olives

Ford engineers in Cologne launched an innovative research project to explore how olive tree pruning waste could be re-purposed to create auto part prototypes.


https://media.ford.com/content/fordmedia...lives.html

EV Routing for Android Auto Coming to Ford Mustang Mach-E and Lightning

Mustang Mach-E and F-150 Lightning drivers who love using Google Maps through Android Auto will soon enjoy more sophisticated routing capability to help with the charging needs of an EV, especially on road trips


https://media.ford.com/content/fordmedia...nd-li.html