Microsoft used a court order last Wednesday to take control of 99 websites used by cyber threat group Phosphorus (also known as APT35 or Charming Kitten) widely associated with Iranian hackers.
Cyber attackers have compromised hundreds of CMS sites running WordPress or Joomla to serve up Shade ransomware and phishing pages in the wild.
ASUS released a new security update in response to Advanced Persistent Threat (APT) actors that targeted certain international organizations. A new version of ASUS Live Update was made available.
Cyber attackers have hijacked ASUS Live Update and downloaded a back-doored version to thousands of ASUS PCs last year. The utility is pre-installed on most ASUS computers and is used to keep ASUS PCs up-to-date with latest firmware, drivers and applications.
Citrix warned it was a victim of a cyberattack whereby hackers gained unauthorized access to large amounts of internal data. The company is actively cooperating with the FBI and have launched a forensics investigation into the breach.
Security experts from Cisco Talos have spotted a spike in cyberattacks targeting unsecured Elasticsearch clusters running on older versions 1.4.2 and lower.
Microsoft has seen a rise in recent cyberattack activity against European think tanks and non-profit organizations. The warning comes as European leaders warn attacks will continue across Europe in 2019.
A security researcher warned that internet-facing Ubiquiti devices were exposed to potentially future cyber attacks. Rapid7 confirmed in a blog post that attackers could exploit the device services over port 10001/UDP and use the devices to launch future DDoS attacks.
Security researchers from FireEye have identified a wave of DNS hijacking attacks on domains owned by government, telecom and internet infrastructure organizations around the globe. The analysis suggests the bad actors behind the cyber attacks are of Iranian origin or sponsorship.
In an announcement made last Thursday, Deputy Attorney General Rod J. Rosenstein said the charges include a "conspiracy to commit computer intrusions against dozens of companies in the United States and around the world." The two defendants allegedly committed cyber crimes in association with a Chinese intelligence service, Ministry of State Security.