Top Breaches, Malware, and Vulnerabilities Reported in the Last 24hrs

1. According to a CISA, FBI, and HHS alert, the Hive ransomware group extorted more than $100 million in ransom payments from 1,300 organisations between June 2021 and November 2022.

2. Mustang Panda APT was discovered conducting a large-scale spear-phishing campaign against academic, government, research, and foundation sectors worldwide.

3. Vanuatu, a South Pacific ocean archipelago, was stranded for 11 days due to a ransomware attack. The attack brought down school and hospital intranets and online databases.

4. ARCrypter, a previously unknown ransomware, has been discovered spreading from Latin America to China, Canada, the United States, Germany, and France.

5. According to a new Trellix report, ransomware attacks increased by 100% quarter over quarter in the US transportation and shipping sector.

6. Since mid-September, Akamai has discovered an advanced phishing kit aimed at North Americans. The kit includes a token-based system that ensures each victim is directed to a unique phishing URL.

7. To avoid detection by security solutions, phishing emails deploying QBot have resorted to exploiting a DLL hijacking vulnerability in Windows 10 Control Panel.08

8. In Q3 2022, Kaspersky detected 438,035 malicious installation packages, 35,060 of which were associated with mobile banking trojans and 2,310 with mobile ransomware trojans.09

9. LodaRAT malware has resurfaced with new strains that are distributed alongside RedLine Stealer and Neshta. Venom RAT is also making use of it.

10. To combat international cybercrime, the Australian government's cybersecurity minister announced plans to establish the Joint Standing Operation task force, which will combine domestic police and foreign intelligence resources.