VMware has issued a warning to all users, prompting them to uninstall the deprecated enhanced authentication plugin (EAP) due to the presence of vulnerabilities tagged CVE-2024-22245 with a CVSS score of 9.6 and CVE-2024-22250 with a CVSS score of 7.8, which could allow a threat actor to gain unauthorized access to remotely execute code to lure an administrative user into clicking a malicious link. The vulnerability can also grant threat actors unauthorized access to the Windows operating system to confiscate EAP sessions.
Doneff Companies became a victim of the Thream ransomware group. The company specializes in luxury apartments, exclusive active adult housing, and moderate family living at affordable prices. Doneff has over 50 employees and a revenue of $9.2 million.
Cybersecurity researchers have discovered that Mustang Panda, a China-linked threat actor, has shifted its attack focus to Asian countries. The affected countries include Hong Kong, Japan, Malaysia, China, and India, with more aggressive attacks on Taiwan and Vietnam. The threat actors leverage using a variant of the PlugX, also known as the Korplug backdoor dubbed DOPLUGS. In one of the reports, the researchers stated, “The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter.”
Westward 360 and Compressionleasing join the list of Dragonforce ransomware victims.
Westward 360 is a Chicago real estate company that specializes in Property Management, HOA Management, Rental Management, Brokerage, Sales & Leasing, Condo Management, Property Maintenance, Handyman Services, License Plumbing Services, Heating & Air Services, Landscaping Services, Fire & Safety Services, Exterminating Services, Janitorial Services, Financial Management, Accounting Services, Capital Projects & Management, and 24hr Emergency Support. The company has over 5000 employees and a revenue of $5 million.
Compression Leasing Services (CLS) is one of the world leaders in high-pressure compressor fabrication, sales, services and support with speciality in Compressor Packages, Piping Packages, Service & Repairs, Fabrication Work, Machine Work, Compressor Rentals, Industrial Air Compressors and Dryers, Air System Audits, Compressor Parts, Manufacturing, Machin, machining, structural welding, Engineering, Drafting, and CAD. The company has over 200 employees and a revenue of $66.7 million.
A fresh report revealed an information stealer called VietCredCare has been targeting Facebook advertisers in Vietnam since August 2022. The attack by the threat actor focuses on confiscating corporate Facebook accounts and using them to post political content and carry out phishing attacks. One of the reports states that “the malware is notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices and assess whether these accounts manage business profiles and if they maintain a positive Meta ad credit balance.”
Russian hackers take the Ukraine war to a higher level in cyberspace. The hackers now target Ukraine with disinformation and credential-harvesting attacks. The campaign tagged Operation Texonto, whose spear-phishing attack overlaps with COLDRIVER, has been in progress for a while. In one of the reports, ESET, a cybersecurity company, mentioned that “What’s interesting to note is that the email was sent from a domain masquerading as the Ministry of Agrarian Policy and Food of Ukraine, while the content is about drug shortages and the PDF is misusing the logo of the Ministry of Health of Ukraine.”
Axel Johnson Inc. has suffered a ransomware attack by the 8base ransomware group. The company, whose headquarters is located in New York, serves as a corporate home for diverse businesses. Axel Johnson Inc. has over 5000 employees and a revenue of $1.3 billion.
){kind=link}