MITRE Debuts ICS Threat Modeling for Embedded Systems

EMB3D, like ATT&CK and CWE, seeks to provide a common understanding of cyber-threats to embedded devices and of the security mechanisms for addressing them.


https://www.darkreading.com/ics-ot-secur...ed-systems

Global TeamCity Exploitation Opens Door to SolarWinds-Style Nightmare

Russia's APT29 is going after a critical RCE flaw in the JetBrains TeamCity software developer platform, prompting governments worldwide to issue an urgent warning to patch.


https://www.darkreading.com/vulnerabilit...-nightmare

New cybercrime market 'OLVX' gains popularity among hackers


A new cybercrime marketplace, OLVX, has emerged and is quickly gaining new customers looking to purchase tools to conduct online fraud and cyberattacks. [...]


https://www.bleepingcomputer.com/news/se...g-hackers/

Hackers are exploiting critical Apache Struts flaw using public PoC


Hackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code. [...]


https://www.bleepingcomputer.com/news/se...ublic-poc/

CISA: Russian hackers target TeamCity servers since September


CISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia's Foreign Intelligence Service (SVR) has been targeting unpatched TeamCity servers in widespread attacks since September 2023. [...]


https://www.bleepingcomputer.com/news/se...september/

LockBit ransomware now poaching BlackCat, NoEscape affiliates


The LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams. [...]


https://www.bleepingcomputer.com/news/se...ffiliates/

French police arrests Russian suspect linked to Hive ransomware


French authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments. [...]


https://www.bleepingcomputer.com/news/se...ansomware/

BazarCall attacks abuse Google Forms to legitimize phishing emails


A new wave of BazarCall attacks uses Google Forms to generate and send payment receipts to victims, attempting to make the phishing attempt appear more legitimate. [...]


https://www.bleepingcomputer.com/news/se...ng-emails/

Stealthy KV-botnet hijacks SOHO routers and VPN devices


The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named 'KV-botnet' it uses since at least 2022 to attack SOHO routers in high-value targets. [...]


https://www.bleepingcomputer.com/news/se...n-devices/

Microsoft seizes domains used to sell fraudulent Outlook accounts

Microsoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group (Storm-1152) that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals. [...]


https://www.bleepingcomputer.com/news/mi...-accounts/