ThaiCERT

395/67 Thursday, November 7, 2024 vulnerability in the Android operating system, which is actively being exploited by threat actors. This vulnerability involves privilege escalation within the Android Framework component, and if successfully exploited, it could allow unauthorized access to critical system folders such as ‘Android/data,’ ‘Android/obb,’ and ‘Android/sandbox.’ While Google has not yet disclosed the […]

394/67 Thursday, November 7, 2024 Interpol, in cooperation with global law enforcement agencies, announced the arrest of 41 individuals and the shutdown of 1,037 cybercrime-related server infrastructures as part of an operation called Operation Synergia II, which spanned 95 countries between April and August 2024. This operation was supported by leading cybersecurity companies such as […]

393/67 Wednesday, November 6, 2024 Okta, a leading technology company in Identity and Access Management (IAM), has patched a critical vulnerability in Okta Verify for Windows that could potentially allow attackers to steal user passwords. This vulnerability was discovered during routine penetration testing and affects Okta Verify Agent versions 5.0.2 to 5.3.2 on Windows. It […]

392/67 Wednesday, November 6, 2024 Check Point Research (CPR) recently revealed that over the past year, Pakistan’s APT36 threat group has developed a new version of the ElizaRAT malware with more sophisticated detection evasion techniques and added the ApoloStealer data theft functionality. This new toolkit targets Indian government agencies, military units, and diplomatic missions. The […]

391/67 Tuesday, November 5, 2024 A critical vulnerability has been discovered in the Opera web browser, which could allow malicious extensions to gain unauthorized access to private APIs, potentially leading to account takeovers and other severe security risks. This vulnerability, named “CrossBarking” by researchers at Guardio Labs, was patched on September 24, 2024, following a […]

390/67 Tuesday, November 5, 2024 Online child grooming in the UK has now reached a record high, particularly on the platform Snapchat, which has become one of the preferred channels for offenders. Data from the National Society for the Prevention of Cruelty to Children (NSPCC) reveals that in the 2023/24 period, there were 7,062 cases […]

389/67 Monday, November 4, 2024 Researchers from GreyNoise have revealed that a group of threat actors has attempted to exploit two Zero-Day vulnerabilities in PTZOptics pan-tilt-zoom (PTZ) cameras, commonly used for live streaming. The vulnerabilities, identified as CVE-2024-8956 and CVE-2024-8957, have already been exploited in industrial and healthcare sectors. These vulnerabilities were discovered using GreyNoise’s […]

388/67 Monday, November 4, 2024 LastPass has issued a warning to users about an ongoing scam campaign in which malicious actors have posted five-star reviews for the LastPass Chrome extension, attaching a phone number falsely claiming to be customer support. This number directs users experiencing issues to scammers who then advise them to access the […]

387/67 Friday, November 1, 2024 Interbank, a leading bank in Peru, has confirmed a major data breach after hackers infiltrated their systems and leaked customer data online. The bank reports that over 2 million customers were affected, and they have swiftly implemented enhanced security measures to protect customer data and transactions. At the same time, […]

386/67 Friday, November 1, 2024 Scheuer, who once worked as a production manager overseeing food menus at Disney, was dismissed in June due to alleged inappropriate conduct. Following his termination, Scheuer accessed the menu creation system using his still-active account credentials. He altered the font in the entire menu database to Wingdings, rendering all text […]