Northrop aims to double GMLRS rocket-motor output

Multiyear effort will help Pentagon rebuild stockpiles.

https://www.defenseone.com/business/2024/10/northrop-aims-double-gmlrs-rocket-motor-output/400354/

Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant

The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom ...

https://thehackernews.com/2024/10/russian-romcom-attacks-target-ukrainian.html

The D Brief: B-2s bomb Houthis; A general’s China alarm; Army’s Ukraine trips; Raytheon fined nearly $1B; And a bit more.

https://www.defenseone.com/threats/2024/10/the-d-brief-october-17-2024/400339/

Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program

Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group's affiliate panel on the dark web. Singapore-headquartered Group-IB said it contac...

https://thehackernews.com/2024/10/cross-platform-cicada3301-ransomware.html

SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack

An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group trac...

https://thehackernews.com/2024/10/sidewinder-apt-strikes-middle-east-and.html

5 Ways to Reduce SaaS Security Risks

As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This g...

https://thehackernews.com/2024/01/5-ways-to-reduce-saas-security-risks.html

U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks

Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft's services in J...

https://thehackernews.com/2024/10/us-charges-two-sudanese-brothers-for.html

VMware HCX Platform Vulnerable to SQL Injection Attacks

VMware released an advisory (VMSA-2024-0021) addressing a critical vulnerability in its HCX platform. The vulnerability, CVE-2024-38814, is an authenticated SQL injection flaw that poses a significant security risk. With a CVSSv3 base score of 8.8, thi...

https://gbhackers.com/vmware-hcx-platform-vulnerable/

Authorities Indicted Two Anonymous Sudan Hackers Over Cyberattacks

A federal grand jury has indicted two Sudanese nationals, Ahmed Salah Yousif Omer, 22, and Alaa Salah Yusuuf Omer, 27. The pair are accused of operating Anonymous Sudan, a notorious cybercriminal group responsible for tens of thousands of Distributed D...

https://gbhackers.com/sudan-hackers-over-cyberattacks/

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addres...

https://thehackernews.com/2024/10/critical-kubernetes-image-builder.html