Cyware Weekly Threat Intelligence - June 03–07

Weekly Threat Briefing • June 7, 2024
Weekly Threat Briefing • June 7, 2024
In a significant stride toward securing the digital frontier, the FCC has greenlit a $200 million pilot program aimed at fortifying cybersecurity in schools and libraries. This initiative is responding to a surge in cyberattacks on educational and public institutions. Meanwhile, in a collaborative effort to strengthen digital security, Kenya and the U.S. are joining forces to expand Kenya’s tech sector, improve cybersecurity training, and reinforce defenses against cyber threats.
Not all news in cyberspace brings sunshine and rainbows. Ukrainian cyber defenders have detected the ominous return of the Vermin hacker group, now targeting the country’s defense forces with spear-phishing emails embedded with SPECTR malware. In other news, PyPI faced a breach with a counterfeit package named 'crytic-compilers,' mimicking a legitimate cryptocurrency library. Additionally, cybercriminals are using typo-squatted domains and fake ads to distribute a compromised version of the Advanced IP Scanner tool.
Cybersecurity’s forecast is looking grim with new threats on the horizon. The Mallox ransomware group has unleashed a new Linux variant specifically designed to target VMWare ESXi environments, attacking only when administrative rights are detected. Alongside, a fresh ransomware variant named Fog is hitting U.S. organizations in the education and recreation sectors. Adding to the chaos, attackers hijacked high-profile TikTok accounts, exploiting a zero-day vulnerability in the platform's direct messages feature.