?Critical D-Link NAS vulnerability under active exploitation?
Cyble Global Sensor Intelligence has detected active exploitation of critical vulnerabilities in D-Link Network Attached Storage (NAS) devices, specifically CVE-2024-3272 and CVE-2024-3273. These were first disclosed on GitHub and later by D-Link. These vulnerabilities are being targeted by threat actors shortly after their public disclosure, with attacks predominantly originating from China. This rapid weaponization of the vulnerabilities highlights the urgency and severity of the threat, as evidenced by monitoring data from CGSI and posts on Russian cybercrime forums discussing exploits targeting these vulnerabilities.
Read the full analysis here.
Cyble Research and Intelligence Labs (CRIL) has identified a sophisticated phishing campaign targeting cryptocurrency users, particularly those using the Exodus platform. This campaign deploys FatalRAT along with other malware, such as Clipper and Keylogger, using DLL side-loading techniques for execution. FatalRAT allows attackers to gain extensive control over victims' computers, while the additional malware enhances the capability to intercept and steal sensitive data. The threat actors are specifically targeting Chinese-speaking users, as evidenced by the use of Chinese-language installers, and have crafted a deceptive website that closely imitates the Exodus crypto wallet interface to deceive users into exposing their personal information.
Read the full analysis here.
Several French municipal governments, including the city of Saint-Nazaire and the Saint-Nazaire Agglomération, were severely disrupted by a significant cyberattack on their shared servers. This attack, which unfolded on April 9, rendered vital municipal services inaccessible, causing considerable inconvenience to residents. In response, municipal teams have initiated diagnostic measures and are working to enhance system security. Mayor David Samzun of Saint-Nazaire highlighted the resilience of the community and the determination of the teams to restore services and overcome the crisis. He emphasized the collective spirit that has historically enabled Saint-Nazaire to reinvent itself and manage challenges, expressing confidence in the eventual recovery and resumption of normal operations.
Read The Cyber Express's full coverage of the incident here.
We're thrilled to announce that Cyble will be attending the RSA Conference in San Francisco from May 6-9th! Get ready to explore our advanced AI solutions that can illuminate dark web threats. Swing by Booth 2353 to learn how Cyble is democratizing dark web threat intel.