ThaiCERT

434/67 Friday, December 6, 2024 U.S. federal officials have issued an urgent warning to telecom companies, calling for enhanced security measures following a significant cyberattack attributed to a Chinese hacker group known as Salt Typhoon. The attack targeted personal data of Americans, including text messages, phone conversations, and metadata about dates, times, and contacts of […]

433/67 Wednesday, December 4, 2024 South Korean police have arrested the CEO and five employees of a company after discovering that the company produced over 240,000 satellite receivers equipped or updated with DDoS (Distributed Denial of Service) attack functionality at the request of customers, in violation of the law. The manufacturer and the purchasing company […]

432/67 Wednesday, December 4, 2024 Taiwan is facing a new cybersecurity threat as organizations in the manufacturing, healthcare, and information technology sectors are being targeted by SmokeLoader, a malware notorious for its advanced attack techniques and stealth capabilities. Originally released on cybercrime forums in 2011, SmokeLoader is characterized by its modular design, which enhances its […]

431/67 Tuesday, December 3, 2024 Alder Hey Children’s Hospital in the United Kingdom has disclosed that its systems were targeted in a cyberattack, resulting in the theft and online publication of patient data and other critical information. The ransomware group Inc Ransom claimed responsibility, stating they obtained data spanning from 2018 to 2024. The hospital […]

430/67 Tuesday, December 3, 2024 Cybersecurity firm Group-IB has issued a warning to internet users after uncovering a scam involving fake gambling apps and deceptive advertisements on social media platforms across various regions, including the Middle East, Europe, and Asia. Criminals use AI-generated multilingual voices to enhance credibility, tricking victims into divulging personal information and […]

429/67 Monday, December 2, 2024 The Ugandan government confirmed on Thursday that the country’s central bank was the target of a cyberattack by a criminal group seeking financial gain, resulting in significant monetary losses. The incident is under investigation by the Criminal Investigations Directorate and the Auditor General’s office. Henry Musasizi, Uganda’s Minister of State […]

428/67 Monday, December 2, 2024 McAfee security researchers have uncovered 15 SpyLoan applications on the Android platform available in the Google Play Store, with a total of over 8 million installations. These apps primarily target users in South America, Southeast Asia, and Africa. Far from being simple loan tools, they act as a means to […]

427/67 Friday, November 29, 2024 VMware has released a security update to address five vulnerabilities in its Aria Operations product (formerly known as VMware vRealize Operations), a comprehensive cloud management platform. These vulnerabilities could potentially be exploited for privilege escalation and cross-site scripting (XSS) attacks. The details of the vulnerabilities are as follows: Users of […]

426/67 Friday, November 29, 2024 A group of hackers has leveraged the popular open-source Godot Engine to develop and distribute malware called GodLoader. This malware is designed to evade antivirus detection and has already infected over 17,000 systems within just three months. According to Check Point, a cybersecurity research company, GodLoader targets multiple platforms, including […]

425/67 Thursday, November 28, 2024 Two critical vulnerabilities, identified as CVE-2024-10542 and CVE-2024-10781, have been discovered in the Spam Protection, Anti-Spam, and Firewall components of WordPress. These vulnerabilities could allow unauthenticated attackers to install and activate malicious plugins on vulnerable websites, potentially leading to remote code execution. Both vulnerabilities have a CVSS severity score of […]