-
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
Cybersecurity researchers have found that it’s possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining. “Misconfigurations such as improperly set up authentication mechanisms expose the ‘/script’ endpoint to attackers,” Trend Micro’s Shubham Singh and Sunil Bharti said in a technical write-up
-
HUMINT: Diving Deep into the Dark Web
Discover how cybercriminals behave in Dark Web forums- what services they buy and sell, what motivates them, and even how they scam each other. Clear Web vs. Deep Web vs. Dark Web Threat intelligence professionals divide the internet into three main components: Clear Web – Web assets that can be viewed through public search engines,…
-
GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel
Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool called GuardZoo. The campaign, believed to have commenced as early as October 2019, has been attributed to a Houthi-aligned threat actor based on the application lures, command-and-control (C2) server logs, targeting footprint, and the attack
-
Cybersecurity Agencies Warn of China-linked APT40’s Rapid Exploit Adaptation
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a China-linked cyber espionage group called APT40, warning about its ability to co-opt exploits for newly disclosed security flaws within hours or days of public release. “APT40 has previously targeted organizations in various…
-
Portland-area beverage maker recalls products for safety concern
Urban River produces nonalcoholic beverage mixers, syrups, cocktail garnishes and bar tools.
-
Wilsonville manufacturer lands $50M from Biden export program, expects 100 jobs
Grid energy storage company ESS Inc., landed $50M from a Biden export program.
-
Portland-area general contractor acquires local construction firm
Tualatin-based Perlo Construction on Monday said it has acquired Reimers & Jolivette, becoming R&J’s parent company.
-
University of Oregon moves to dismiss Title IX lawsuit
The university claims that the plaintiffs cannot seek compensatory damages, and that they are only entitled to an injunction.
-
Boeing to plead guilty to fraud charges, pay $244M fine
The settlement agreement reached with the Department of Justice still must be approved by a judge.
-
New APT Group “CloudSorcerer” Targets Russian Government Entities
A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed