ThaiCERT

404/67 Thursday, November 14, 2024 Renowned credit rating agency Moody’s has released a recent report indicating that the telecommunications, airline, and power generation industries are currently facing high cyber risks. The report highlights that these industries’ heavy reliance on digital technology, combined with insufficient security practices, increases their vulnerability to cyberattacks. This heightened risk is […]

403/67 Wednesday, November 13, 2024 Amazon has disclosed a data breach that exposed employee information following the MOVEit attack in May 2023. The stolen data was taken from an external service provider partnered with the company. However, Amazon did not specify the number of employees affected by the incident. A threat actor group known as […]

402/67 Wednesday, November 13, 2024 Researchers at Kaspersky have discovered a new type of ransomware called Ymir, which is being used in attacks alongside the RustyStealer malware. RustyStealer is a data-stealing program that infiltrates the victim’s system before deploying Ymir ransomware. Ymir targets networks containing sensitive information, with RustyStealer employing techniques to collect credentials and […]

401/67 Tuesday, November 12, 2024 Palo Alto Networks has issued an urgent alert for customers to review the security settings of the PAN-OS management interface following the discovery of a potential Remote Code Execution (RCE) vulnerability that could be exploited. Although the source of the allegations remains unclear, the company is closely monitoring the situation. […]

400/67 Tuesday, November 12, 2024 Researchers from Securelist have discovered a new malware called SteelFox that is spreading through fake software activation tools, primarily targeting Microsoft Windows users who download pirated software like Foxit PDF Editor, AutoCAD, and JetBrains. The malware attack began in February 2023, and over 11,000 victims have been identified worldwide so […]

399/67 Monday, November 11, 2024 On October 29, 2024, Newpark Resources, a major oil industry supplier in the United States, was impacted by a ransomware attack that temporarily disrupted access to some of its information systems and business applications. Upon detecting the incident, the company promptly activated its cyber threat response plan and initiated an […]

398/67 Monday, November 11, 2024 D-Link has issued a warning regarding over 60,000 end-of-life (EoL) network-attached storage (NAS) devices that are being targeted due to a vulnerability that could allow malicious actors to take control of the devices. This vulnerability, identified as CVE-2024-10914, has been given a critical severity rating of 9.2. The flaw stems […]

397/67 Friday, November 8, 2024 Memorial Hospital and Manor in Bainbridge, Georgia, was hit by a ransomware attack, temporarily disabling its electronic health records (EHR) system. The hospital provides a range of medical services to residents of Decatur County and surrounding areas, including emergency care, surgeries, and long-term care at its nursing home facility. In […]

396/67 Friday, November 8, 2024 The Canadian government has issued an order for TikTok, owned by China’s ByteDance, to cease its operations in the country, citing national security concerns. This decision followed an assessment conducted by Canada’s security and intelligence community. The government emphasized that it will not restrict general access to TikTok for Canadians […]

395/67 Thursday, November 7, 2024 vulnerability in the Android operating system, which is actively being exploited by threat actors. This vulnerability involves privilege escalation within the Android Framework component, and if successfully exploited, it could allow unauthorized access to critical system folders such as ‘Android/data,’ ‘Android/obb,’ and ‘Android/sandbox.’ While Google has not yet disclosed the […]