Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending June, 2023
Subscribers favorite #1
A third-party vendor associated with American Airlines and Southwest Airlines experienced a data breach.
Pilot Credentials, which manages the pilot and cadet hiring and recruitment portal for several airlines, had a cybersecurity incident involving some data files. Southwest also confirmed that none of its networks or systems were affected. It notified former applicants whose personal information was involved in the breach and is providing them with complimentary credit monitoring services.
Subscribers favorite #2
Bumblebee is a malware loader associated with the Conti ransomware group discovered in March 2022 and acts as a primary vector for multiple types of other malware, including ransomware. IcedID is modular banking malware designed to steal financial information that has been around since 2017.
SUBSCRIBE TO OUR BLOG TODAY !
We understand the importance of staying on top of the latest threats and vulnerabilities that can harm your digital life. You’ll receive the latest cybersecurity news, insights, resources, offers and analysis straight to your inbox every day
Subscribers favorite #3
The pro-Russian hacktivist Killnet claims to be working in concert with a resurgent form of the notorious ReVIL ransomware gang. The group is warning that attacks are imminent, but it’s unclear whether the threats amount to anything more than bluster and saber-rattling, particularly given Killnet’s past track record of, at most, carrying out mildly DDoS attacks.
A video posted on a Russian Telegram channel on June 16, Killnet made ominous threats against the SWIFT banking system, the Wise international wire transfer system; the SEPA intra-Europe payments service; central banks in Europe and the US; and other institutions.
Subscribers favorite #4
Google is aware that the vulnerability is being actively exploited in the wild. The vulnerability was discovered by Clement Lecigne of Google’s Threat Analysis Group, which is the team at Google that monitors the activity of nation-state actors. The vulnerability has reported on June 1, 2023, it is likely that the flaw was exploited as part of an exploit used by a state-sponsored APT group.
Subscribers favorite #5
Threat actors are actively exploiting a zero-day vulnerability in the Progress MOVEit Transfer file transfer product to steal data from organizations.
MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer files using SFTP, SCP, and HTTP-based uploads. The vulnerability is a SQL injection vulnerability, it an be exploited by an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database.