top of page
Writer's picture DIGISOC®

Security Bulletin: Phishing, Critical Vulnerabilities and Cyberespionage


This bulletin highlights an FBI alert about a fraud group using phishing tactics to target retail businesses. This malicious campaign focuses on deception through gift cards, which represents a significant threat to the financial security of organizations. Critical vulnerabilities have also been identified in PostgreSQL's pgAdmin, underscoring the importance of maintaining database security. These vulnerabilities can be exploited by attackers to compromise systems and access sensitive information.


The general news addresses a Chinese cyberespionage attack that compromises the MITER network as well as emails from journalists impersonated by North Korean hackers to spy on security experts, highlighting the sophistication of their social engineering tactics. On the other hand, millions of OpenVPN installations around the world are affected along with the identification of critical vulnerabilities in HPE Aruba Networking, underscoring the importance of applying security patches in a timely manner to mitigate risks.


It mentions a WordPress exploit that compromises more than 90,000 websites, and a data breach at MedStar Health. Also mentioned is a modular malware called HijackLoader that uses PNG images to deliver second-stage malware, categorized as malware. Reports on Iranian hackers posing as journalists to distribute backdoor malware and a top 10 malware for the first quarter of 2024. 


For more details of the weekly newsletter: Clic here

2 views0 comments

Comments


bottom of page