Organizations have been warned by the Cybersecurity and Infrastructure Security Agency regarding the exploitation of two vulnerabilities in the Ivanti Endpoint Manager Mobile, previously known as MobileIron Core, between April and July, BleepingComputer reports.
Malware security threats against operational technology and Internet of Things environments rose by 20-fold during the past six months, according to SiliconAngle.
FedScoop reports that cybersecurity and technology employees at the Department of Veterans Affairs will have their salaries increased by an average of 17% beginning Aug. 4 as part of the agency's efforts to attract more talent from the private sector amid ongoing cybersecurity workforce challenges.
Minecraft servers are being compromised with attacks leveraging the BleedingPipe remote code execution flaw in various Minecraft mods, which seek to facilitate total device takeovers, BleepingComputer reports.
Fraudulent Android chat app leveraged in new Bahamut attack New social engineering attacks by Indian advanced persistent threat group Bahamut have involved the fraudulent Android chat app SafeChat to facilitate a version of the CoverIm spyware aimed at exfiltrating mobile device data, according to BleepingComputer.
Threat actors have used the AVrecon botnet malware, which was initially reported by Lumen Black Lotus to have been compromising small office/home office routers, to support the SocksEscort malware proxy service, which allows renting of hacked devices for location concealment, The Hacker News reports.
Microsoft has refuted a Wiz report concluding that Chinese state-sponsored hacking of the email accounts of leading officials through a stolen encryption key was more widespread than originally believed, with a spokesperson noting the findings of Wiz to describe "hypothetical attack scenarios," CyberScoop reports.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.