Welcome to our biweekly cybersecurity roundup. In these blog posts, we feature curated articles and insights from experts, providing you with valuable information on the latest cybersecurity threats, technologies, and best practices to keep yourself and your organization safe. Whether you’re a cybersecurity professional or a concerned individual, our biweekly blog post is designed to keep you informed and empowered.

For more articles, check out our #onpatrol4malware blog.

Microsoft Warns of New Tax Returns Phishing Scams Targeting You


New and sophisticated tax phishing scams are targeting taxpayers, warns Microsoft. These scams impersonate trusted sources and use urgency tactics to steal personal and financial data. Read more.

Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect


This mix of custom tooling and the SUPERSHELL framework leveraged in these incidents is assessed with moderate confidence to be unique to a People’s Republic of China (PRC) threat actor, UNC5174. Read more.

New details on TinyTurla’s post-compromise activity reveal full kill chain


The attackers compromised the first system, established persistence and added exclusions to anti-virus products running on these endpoints as part of their preliminary post-compromise actions. Read more.

TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types


Customers of TeamCity with servers affected by these vulnerabilities are advised to update their software as soon as possible. The US Cybersecurity and Infrastructure Security Agency (CISA) has also added CVE-2024-27198 to its Known Exploited Vulnerabilities catalog. Read more.

Mounting AceCryptor malware attacks target Europe

Source: SC Media

Organizations across Europe have been subjected to a deluge of attacks involving AceCryptor malware as part of campaigns that sought to exfiltrate email and browser credentials during the second half of 2023, reports The Record, a news site by cybersecurity firm Recorded Future. Read more.

Cybercriminals Beta Test New Attack to Bypass AI Security


Hackers develop a new attack (Conversation Overflow) to bypass AI security. Learn how this technique fools Machine Learning and what businesses can do to stay protected. Read more.

Ongoing ITG05 operations leverage evolving malware arsenal in global campaigns

Source: Security Intelligence

As of March 2024, X-Force is tracking multiple ongoing ITG05 phishing campaigns featuring lure documents crafted to imitate authentic documents of government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. Read more.

The Aviation And Aerospace Sectors Face Skyrocketing Cyber Threats

Source: Resecurity

The aerospace sector has become a rising target for cyberattacks due to its reliance on vastly interconnected digital infrastructures, global supply chains, and the torrential volume of sensitive data it handles. Read more.

Telecoms Manager Admits to Taking Bribes to Help Carry Out SIM Swapping Attacks

Source: Bitdefender

Court documents say Katz helped his co-conspirators victimize five customers of the telecoms company, receiving $5,000 ($1,000 per SIM swap) plus an unspecified percentage of the profits earned from the account takeovers. Read more.

Esports league postponed after players hacked midgame


In the video, it’s clear that at one point — abruptly — Genburten starts seeing other players highlighted on the map, even those behind walls. This is what is called “wallhack,” essentially a cheat that allows hackers to see opponents through in-game obstacles. Read more.