Security Alerts Index

Security Threats and Alerts



May 26, 2022
Exploit released for critical VMware auth bypass bug, patch now
Proof-of-concept exploit code is now available online for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain admin privileges. [...]
May 26, 2022
Microsoft shares mitigation for Windows KrbRelayUp LPE attacks
Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations. [...]
May 26, 2022
Zyxel warns of flaws impacting firewalls, APs, and controllers
Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. [...]
May 26, 2022
Google shut down caching servers at two Russian ISPs
Two Russian internet service providers (ISPs) have received notices from Google that the global caching servers on their network have been disabled. [...]
May 26, 2022
Industrial Spy data extortion market gets into the ransomware game
The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...]
May 26, 2022
New ERMAC 2.0 Android malware steals accounts, wallets from 467 apps
The ERMAC Android banking trojan has released version 2.0, increasing the number of applications targeted from 378 to 467, covering a much wider range of apps to steal account credentials and crypto wallets. [...]
May 25, 2022
FTC fines Twitter $150M for using 2FA info for targeted advertising
The Federal Trade Commission has fined Twitter $150 million for using phone numbers and email addresses collected to enable two-factor authentication for targeted advertising. [...]
May 25, 2022
Microsoft adds support for WSL2 distros on Windows Server 2022
Microsoft has announced that Windows Subsystem for Linux (WSL2) distros are now supported on Windows Server 2022 after installing this week's cumulative update previews. [...]
May 25, 2022
New ‘Cheers’ Linux ransomware targets VMware ESXi servers
A new ransomware named 'Cheers' has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. [...]
May 25, 2022
Microsoft adds Office subscriptions to Windows 11 account settings
Microsoft has improved the account settings in the latest Windows 11 preview build, a settings page that now lists Office subscriptions linked to the user's Microsoft 365 account. [...]
May 25, 2022
New ChromeLoader malware surge threatens browsers worldwide
The ChromeLoader malware is seeing an uptick in detections this month, following a relatively stable operation volume since the start of the year, which means that the malvertiser is now becoming a widespread threat. [...]
May 25, 2022
Tails 5.0 Linux users warned against using it "for sensitive information"
Tails developers have warned users to stop using the portable Debian-based Linux distro until the next release if they're entering or accessing sensitive information using the bundled Tor Browser application. [...]
May 25, 2022
Darknet market Versus shuts down after hacker leaks security flaw
​The Versus Market, one of the most popular English-speaking criminal darknet markets, is shutting down after discovering a severe exploit that could have allowed access to its database and exposed the IP address of its servers. [...]
May 25, 2022
Is 100% Cybersecurity Readiness Possible? Medical Device Pros Weigh In
As medical devices become more connected and reliant on software, their codebase grows both in size and complexity, and they are increasingly reliant on third-party and open source software components. Learn more from 150 senior decision makers who oversee product security or cybersecurity compliance in the medical device industry, [...]
May 25, 2022
Hacker says hijacking libraries, stealing AWS keys was ethical research
The hacker of 'ctx' and 'PHPass' libraries has now broken silence and explained the reasons behind this hijack to BleepingComputer. According to the hacker, this was a bug bounty exercise and no malicious activity was intended. [...]
May 25, 2022
Interpol arrests alleged leader of the SilverTerrier BEC gang
After a year-long investigation that involved Interpol and several cybersecurity companies, the Nigeria Police Force has arrested an individual believed to be in the top ranks of a prominent business email compromise (BEC) group known as SilverTerrier or TMT. [...]
May 25, 2022
SpiceJet airline passengers stranded after ransomware attack
Indian low-cost airline SpiceJet has informed its customers of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures today. [...]
May 25, 2022
BPFDoor malware uses Solaris vulnerability to get root privileges
New research into the inner workings of the stealthy BPFdoor malware for Linux and Solaris reveals that the threat actor behind it leveraged an old vulnerability to achieve persistence on targeted systems. [...]
May 24, 2022
Windows 11 KB5014019 update fixes app crashes, slow copying
Microsoft has released optional cumulative update previews for Windows 11, Windows 10 version 1809, and Windows Server 2022, with fixes for Direct3D issues impacting client and server systems. [...]
May 24, 2022
DuckDuckGo browser allows Microsoft trackers due to search agreement
The privacy-focused DuckDuckGo browser purposely allows Microsoft trackers on third-party sites due to an agreement in their syndicated search content contract between the two companies. [...]
May 24, 2022
Mozilla fixes Firefox, Thunderbird zero-days exploited at Pwn2Own
Mozilla has released security updates for multiple products to address zero-day vulnerabilities exploited during the Pwn2Own Vancouver 2022 hacking contest. [...]
May 24, 2022
Hackers target Russian govt with fake Windows updates pushing RATs
Hackers are targeting Russian government agencies with phishing emails that pretend to be Windows security updates and other lures to install remote access malware. [...]
May 24, 2022
Microsoft: Credit card stealers are getting much stealthier
Microsoft's security researchers have observed a worrying trend in credit card skimming, where threat actors employ more advanced techniques to hide their malicious info-stealing code. [...]
May 24, 2022
CISA adds 41 vulnerabilities to list of bugs used in cyberattacks
The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws over the past two days, including flaws for the Android kernel and Cisco IOS XR. [...]
May 24, 2022
US Senate: Govt’s ransomware fight hindered by limited reporting
A report published today by U.S. Senator Gary Peters, Chairman of the Senate Homeland Security and Governmental Affairs Committee, says law enforcement and regulatory agencies lack insight into ransomware attacks to fight against them effectively. [...]
May 24, 2022
Screencastify Chrome extension flaws allow webcam hijacks
The popular Screencastify Chrome extension has fixed a vulnerability that allowed malicious sites to hijack users' webcams and steal recorded videos. However, security flaws still exist that could be exploited by unscrupulous insiders. [...]
May 24, 2022
Trend Micro fixes bug Chinese hackers exploited for espionage
Trend Micro says it patched a DLL hijacking flaw in Trend Micro Security used by a Chinese threat group to side-load malicious DLLs and deploy malware. [...]
May 24, 2022
Researchers to release exploit for new VMware auth bypass, patch now
Proof-of-concept exploit code is about to be published for a vulnerability that allows administrative access without authentication in several VMware products. [...]
May 24, 2022
Popular PyPI and PHP libraries hijacked to steal AWS keys
PyPI module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. Additionally, versions of a 'phpass' fork published to the PHP/Composer package repository Packagist had been altered to steal secrets. [...]
May 23, 2022
GM credential stuffing attack exposed car owners' personal info
US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed customer information and allowed hackers to redeem rewards points for gift cards. [...]
May 23, 2022
Fake Windows exploits target infosec community with Cobalt Strike
A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. [...]
May 23, 2022
Photos of abused victims used in new ID verification scam
Scammers are now leveraging dating apps like Tinder and Grindr to pose themselves as former victims of physical abuse to gain your trust and sympathy and sell you "ID verification" services. BleepingComputer came across multiple instances of users on online dating apps being approached by these catfishing profiles. [...]
May 23, 2022
Hackers can hack your online accounts before you even register them
Security researchers have revealed that hackers can hijack your online accounts before you even register them by exploiting flaws that have been already been fixed on popular websites, including Instagram, LinkedIn, Zoom, WordPress, and Dropbox. [...]
May 23, 2022
New RansomHouse group sets up extortion market, adds first victims
Yet another data-extortion cybercrime operation has appeared on the darknet named 'RansomHouse' where threat actors publish evidence of stolen files and leak data of organizations that refuse to make a ransom payment. [...]
May 23, 2022
Russian hackers perform reconnaissance against Austria, Estonia
In a new reconnaissance campaign, the Russian state-sponsored hacking group Turla was observed targeting the Austrian Economic Chamber, a NATO platform, and the Baltic Defense College. [...]
May 22, 2022
Elon Musk deep fakes promote new cryptocurrency scam
Cryptocurrency scammers are using deep fake videos of Elon Musk and other prominent cryptocurrency advocates to promote a BitVex trading platform scam that steals deposited currency. [...]
May 22, 2022
PDF smuggles Microsoft Word doc to drop Snake Keylogger malware
Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware. [...]
May 22, 2022
Microsoft tests new Windows 11 Desktop search that only works with Edge
Microsoft is testing a new feature in the latest Windows 11 preview build that displays an Internet search box directly on the desktop. The problem is that it does not honor your default browser and only uses Bing and Microsoft Edge instead. [...]
May 22, 2022
Google: Predator spyware infected Android devices using zero-days
Google's Threat Analysis Group (TAG) says that state-backed threat actors used five zero-day vulnerabilities to install Predator spyware developed by commercial surveillance developer Cytrox. [...]
May 21, 2022
Ransomware attack exposes data of 500,000 Chicago students
The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December. [...]
May 21, 2022
Malicious PyPI package opens backdoors on Windows, Linux, and Macs
Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems. [...]
May 21, 2022
Windows 11 hacked three more times on last day of Pwn2Own contest
On the third and last day of the 2022 Pwn2Own Vancouver hacking contest, security researchers successfully hacked Microsoft's Windows 11 operating system three more times using zero-day exploits. [...]
May 20, 2022
The Week in Ransomware - May 20th 2022 - Another one bites the dust
Ransomware attacks continue to slow down, likely due to the invasion of Ukraine, instability in the region, and subsequent worldwide sanctions against Russia. [...]
May 20, 2022
Cisco urges admins to patch IOS XR zero-day exploited in attacks
Cisco has addressed a zero-day vulnerability in its IOS XR router software that allowed unauthenticated attackers to remotely gain access to Redis instances running in NOSi Docker containers. [...]
May 20, 2022
Microsoft disables telemetry in Windows 11 Subsystem for Android by default
Microsoft has updated the Windows Subsystem for Android in Windows 11 to make telemetry collection optional and announced an upgrade to Android 12.1. [...]
May 20, 2022
Backdoor baked into premium school management plugin for WordPress
Security researchers have discovered a backdoor in a premium WordPress plugin built as a complete management solution for schools. The malicious code enables a threat actor to execute PHP code without authenticating. [...]
May 20, 2022
Emergency Windows 10 updates fix Microsoft Store app issues
Microsoft has released out-of-band (OOB) updates on Thursday evening to address a newly acknowledged issue impacting Microsoft Store apps. [...]
May 20, 2022
Windows 11 hacked again at Pwn2Own, Telsa Model 3 also falls
During the second day of the Pwn2Own Vancouver 2022 hacking competition, contestants hacked Microsoft's Windows 11 OS again and demoed zero-days in Tesla Model 3's infotainment system. [...]
May 20, 2022
Russian Sberbank says it’s facing massive waves of DDoS attacks
Sberbank's vice president and director of cybersecurity, Sergei Lebed, has told participants of the Positive Hack Days forum that the company is going through a period of unprecedented targeting by hackers. [...]
May 20, 2022
Canada bans Huawei and ZTE from 5G networks over security concerns
The Government of Canada announced its intention to ban the use of Huawei and ZTE telecommunications equipment and services across the country's 5G and 4G networks. [...]
May 19, 2022
Conti ransomware shuts down operation, rebrands into smaller units
The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. [...]
May 19, 2022
Netgear fixes bad Orbi firmware update that locked admin console
Netgear is pushing out fixes for a bad Orbi firmware update released earlier this month that prevents users from accessing the device's admin console. [...]
May 19, 2022
Microsoft emergency updates fix Windows AD authentication issues
Microsoft has released emergency out-of-band (OOB) updates to address Active Directory (AD) authentication issues after installing Windows Updates issued during the May 2022 Patch Tuesday on domain controllers. [...]
May 19, 2022
Media giant Nikkei’s Asian unit hit by ransomware attack
Publishing giant Nikkei disclosed that the group's headquarters in Singapore was hit by a ransomware attack almost one week ago, on May 13th. [...]
May 19, 2022
Microsoft detects massive surge in Linux XorDDoS malware activity
A stealthy and modular malware used to hack into Linux devices and build a DDoS botnet has seen a massive 254% increase in activity during the last six months, as Microsoft revealed today. [...]
May 19, 2022
U.S. DOJ will no longer prosecute ethical hackers under CFAA
The U.S. Department of Justice (DOJ) has announced a revision of its policy on how federal prosecutors should charge violations of the Computer Fraud and Abuse Act (CFAA), carving out "good-fath" security research from being prosecuted. [...]
May 19, 2022
Lazarus hackers target VMware servers with Log4Shell exploits
The North Korean hacking group known as Lazarus is exploiting the Log4J remote code execution vulnerability to inject backdoors that fetch information-stealing payloads on VMware Horizon servers. [...]
May 19, 2022
Phishing websites now use chatbots to steal your credentials
Phishing attacks are now using automated chatbots to guide visitors through the process of handing over their login credentials to threat actors. [...]
May 19, 2022
Microsoft Teams, Windows 11 hacked on first day of Pwn2Own
During the first day of Pwn2Own Vancouver 2022, contestants won $800,000 after successfully exploiting 16 zero-day bugs to hack multiple products, including Microsoft's Windows 11 operating system and the Teams communication platform. [...]
May 19, 2022
QNAP alerts NAS customers of new DeadBolt ransomware attacks
Taiwan-based network-attached storage (NAS) maker QNAP warned customers on Thursday to secure their devices against attacks pushing DeadBolt ransomware payloads. [...]
May 19, 2022
Ransomware gangs rely more on weaponizing vulnerabilities
Security researchers are warning that external remote access services continue to be the main vector for ransomware gangs to breach company networks. [...]
May 18, 2022
Microsoft releases first ISO image for new Windows 11 Dev builds
Microsoft has released the first ISO image for the new Windows 11 Preview builds in the Dev channel, allowing Windows Insiders to perform clean installs of the operating system. [...]
May 18, 2022
Spanish police dismantle phishing gang that emptied bank accounts
The Spanish police have announced the arrest of 13 people and the launch of investigations on another 7 for their participation in a phishing ring that defrauded at least 146 people. [...]
May 18, 2022
Critical Jupiter WordPress plugin flaws let hackers take over sites
WordPress security analysts have discovered a set of vulnerabilities impacting the Jupiter Theme and JupiterX Core plugins for WordPress, one of which is a critical privilege escalation flaw. [...]
May 18, 2022
National bank hit by ransomware trolls hackers with dick pics
After suffering a ransomware attack by the Hive operation, the Bank of Zambia made it clear that they were not going to pay by posting a picture of male genitalia and telling the hackers to s… (well, you can use your imagination). [...]
May 18, 2022
US recovers $15 million from global Kovter ad fraud operation
The US government has recovered over $15 million from Swiss bank accounts belonging to operators behind the '3ve' online advertising fraud scheme. [...]
May 18, 2022
DHS orders federal agencies to patch VMware bugs within 5 days
The Department of Homeland Security's cybersecurity unit ordered Federal Civilian Executive Branch (FCEB) agencies today to urgently update or remove VMware products from their networks by Monday due to an increased risk of attacks. [...]
May 18, 2022
Chinese ‘Space Pirates’ are hacking Russian aerospace firms
A previously unknown Chinese hacking group known as 'Space Pirates' targets enterprises in the Russian aerospace industry with phishing emails to install novel malware on their systems. [...]
May 18, 2022
VMware patches critical auth bypass flaw in multiple products
VMware warned customers today to immediately patch a critical authentication bypass vulnerability "affecting local domain users" in multiple products that can be exploited to obtain admin privileges. [...]
May 18, 2022
CISA shares guidance to block ongoing F5 BIG-IP attacks
In a joint advisory issued today, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warned admins of active attacks targeting a critical F5 BIG-IP network security vulnerability (CVE-2022-1388). [...]
May 18, 2022
Fake crypto sites lure wannabe thieves by spamming login credentials
Threat actors are luring potential thieves by spamming login credentials for other people account's on fake crypto trading sites, illustrating once again, that there is no honor among thieves. [...]
May 18, 2022
Microsoft warns of brute-force attacks targeting MSSQL servers
Microsoft warned of brute-forcing attacks targeting Internet-exposed and poorly secured Microsoft SQL Server (MSSQL) database servers using weak passwords. [...]
May 17, 2022
North Korean devs pose as US freelancers and aid DRPK govt hackers
The U.S. government is warning that the Democratic People's Republic of Korea (DPRK) is dispatching its IT workers to get freelance jobs at companies across the world to obtain privileged access that is sometimes used to facilitate cyber intrusions. [...]
May 17, 2022
Microsoft: Windows Server 20H2 reaches end of service in August
Microsoft has reminded customers today that Windows Server, version 20H2 will be reaching the end of service (EOS) on August 9, 2022. [...]
May 17, 2022
NVIDIA fixes ten vulnerabilities in Windows GPU display drivers
NVIDIA has released a security update for a wide range of graphics card models, addressing four high-severity and six medium-severity vulnerabilities in its GPU drivers. [...]
May 17, 2022
Microsoft Defender for Endpoint gets new troubleshooting mode
Microsoft says Defender for Endpoint now comes with a new 'troubleshooting mode' that will help Windows admins test Defender Antivirus performance and run compatibility scenarios without getting blocked by tamper protection. [...]
May 17, 2022
Cybersecurity agencies reveal top initial access attack vectors
A joint security advisory issued by multiple national cybersecurity authorities revealed today the top 10 attack vectors most exploited by threat actors for breaching networks. [...]
May 17, 2022
Hackers can steal your Tesla Model 3, Y using new Bluetooth attack
Security researchers at the NCC Group have developed a tool to carry out a Bluetooth Low Energy (BLE) relay attack that bypasses all existing protections to authenticate on target devices. [...]
May 17, 2022
What is ISO 27001 and Why it Matters for Compliance Standards
ISO 27001 may seem like a big undertaking, but the certification can pay off in more ways than one—including overlap with compliance regulations. Read about the benefits of ISO 27001 and how to get started. [...]
May 17, 2022
CISA warns admins to patch actively exploited Spring, Zyxel bugs
The Cybersecurity and Infrastructure Security Agency (CISA) has added two more vulnerabilities to its list of actively exploited bugs, a code injection bug in the Spring Cloud Gateway library and a command injection flaw in Zyxel firmware for business firewalls and VPN devices. [...]
May 17, 2022
Hackers target Tatsu WordPress plugin in millions of attacks
Hackers are massively exploiting a remote code execution vulnerability, CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites. [...]
May 16, 2022
HTML attachments remain popular among phishing actors in 2022
HTML files remain one of the most popular attachments used in phishing attacks for the first four months of 2022, showing that the technique remains effective against antispam engines and works well on the victims themselves. [...]
May 16, 2022
Third-party web trackers log what you type before submitting
An extensive study looking into the top 100k ranking websites has revealed that many are leaking information you enter in the site forms to third-party trackers before you even press submit. [...]
May 16, 2022
US links Thanos and Jigsaw ransomware to 55-year-old doctor
The US Department of Justice today said that Moises Luis Zagala Gonzalez (Zagala), a 55-year-old cardiologist with French and Venezuelan citizenship residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals. [...]
May 16, 2022
Apple emergency update fixes zero-day used to hack Macs, Watches
Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watch devices. [...]
May 16, 2022
Ukraine supporters in Germany targeted with PowerShell RAT malware
An unknown threat actor is targeting German users interested in the Ukraine crisis, infecting them with a custom PowerShell RAT (remote access trojan) and stealing their data. [...]
May 16, 2022
CISA warns not to install May Windows updates on domain controllers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog of known exploited vulnerabilities due to Active Directory (AD) authentication issues caused by the May 2022 updates that patch it. [...]
May 16, 2022
Kali Linux 2022.2 released with 10 new tools, WSL improvements, and more
Offensive Security has released ​Kali Linux 2022.2, the second version in 2022, with desktop enhancements, a fun April Fools screensaver, WSL GUI improvements, terminal tweaks, and best of all, new tools to play with! [...]
May 16, 2022
Sophos antivirus driver caused BSODs after Windows KB5013943 update
Sophos has released a fix for a known issue triggering blue screens of death (aka BSODs) on Windows 11 systems running Sophos Home antivirus software after installing the KB5013943 upda [...]
May 16, 2022
Engineering firm Parker discloses data breach after ransomware attack
The Parker-Hannifin Corporation announced a data breach exposing employees' personal information after the Conti ransomware gang began publishing allegedly stolen data last month. [...]
May 15, 2022
What's new and improved in Windows 11 22H2, coming soon
Windows 11 version 22H2 aka Sun Valley 2 is set to launch later this year. Unlike the original Windows 11 release, it won't be a massive update with radical design changes. Instead, Sun Valley 2 will be similar to Windows 10 Anniversary Update, so you can expect minor improvements and a few new features. [...]
May 15, 2022
Hackers are exploiting critical bug in Zyxel firewalls and VPNs
Hackers have started to exploit a recently patched critical vulnerability, tracked as CVE-2022-30525, that affects Zyxel firewall and VPN devices for businesses. [...]
May 15, 2022
Fake Pixelmon NFT site infects you with password-stealing malware
A fake Pixelmon NFT site entices fans with free tokens and collectibles while infecting them with malware that steals their cryptocurrency wallets. [...]
May 15, 2022
Windows admins frustrated by Quick Assist moving to Microsoft Store
Windows admins have been expressing their dismay at Microsoft's decision to move the Quick Assist remote assistance tool to the Microsoft Store. [...]
May 14, 2022
Microsoft fixes new PetitPotam Windows NTLM Relay attack vector
A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. [...]
May 14, 2022
Angry IT admin wipes employer’s databases, gets 7 years in prison
Han Bing, a former database administrator for Lianjia, a Chinese real-estate brokerage giant, has been sentenced to 7 years in prison for logging into corporate systems and deleting the company's data. [...]
May 14, 2022
Crypto thief threatened to cut man's fingers 'one by one,' stole £34K
Online crypto scams and ponzi schemes leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robber transcends the virtual realm and tells a shocking tale of real-life victims from whom the perpetrator successfully stole £34,000. [...]
May 13, 2022
The Week in Ransomware - May 13th 2022 - A National Emergency
While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide. [...]
May 13, 2022
Italian CERT: Hacktivists hit govt sites in ‘Slow HTTP’ DDoS attacks
Italy's Computer Security Incident Response Team (CSIRT) has published an announcement about the recent DDoS attacks that key sites in the country suffered in the last couple of days. [...]
May 13, 2022
Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits
Microsoft says the Sysrv botnet is now exploiting vulnerabilities in the Spring Framework and WordPress to ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers. [...]
May 13, 2022
Fake Binance NFT Mystery Box bots steal victim's crypto wallets
A new RedLine malware distribution campaign promotes fake Binance NFT mystery box bots on YouTube to lure people into infecting themselves with the information-stealing malware from GitHub repositories. [...]
May 13, 2022
SonicWall ‘strongly urges’ admins to patch SSLVPN SMA1000 bugs
SonicWall "strongly urges" customers to patch several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products that can let attackers bypass authorization and, potentially, compromise unpatched appliances. [...]
May 13, 2022
Google Chrome updates failing on Android devices in Russia
A growing number of Russian Chrome users on Android report getting errors when attempting to install the latest available update of the popular web browser. [...]
May 12, 2022
Iranian hackers exposed in a highly targeted espionage campaign
Threat analysts have spotted a novel attack attributed to the Iranian hacking group known as APT34 group or Oilrig, who targeted a Jordanian diplomat with custom-crafted tools. [...]
May 12, 2022
Ukrainian imprisoned for selling access to thousands of PCs
Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old from Ukraine, was sentenced today to 4 years in prison for stealing thousands of login credentials per week and selling them on a dark web marketplace. [...]
May 12, 2022
Eternity malware kit offers stealer, miner, worm, ransomware tools
Threat actors have launched the 'Eternity Project,' a new malware-as-a-service where threat actors can purchase a malware toolkit that can be customized with different modules depending on the attack being conducted. [...]
May 12, 2022
Zyxel silently fixes critical RCE vulnerability in firewall products
Threat analysts who discovered a vulnerability affecting multiple Zyxel products report that the network equipment company fixed it via a silent update pushed out two weeks ago. [...]
May 12, 2022
BPFdoor: Stealthy Linux malware bypasses firewalls for remote access
A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years. [...]
May 12, 2022
NVIDIA has open-sourced its Linux GPU kernel drivers
NVIDIA has published the source code of its kernel modules for the R515 driver, using a dual licensing model that combines the GPL and MIT licenses, making the modules legally re-distributable. [...]
May 12, 2022
Historic Hotel Stay, Complementary Emotet Exposure included
Historic Hotel of America serving up modern malware to their guests. Why securing your inbox with more than just anti-malware engines is needed to prevent cybercrime attacks. [...]
May 12, 2022
Microsoft: May Windows updates cause AD authentication failures
Microsoft is investigating a known issue causing authentication failures for some Windows services after installing updates released during the May 2022 Patch Tuesday. [...]
May 11, 2022
Windows 11 to show suggested actions when copying data to the clipboard
Microsoft is testing a new 'Suggested Actions' feature in Windows 11 Dev builds where the operating system suggests actions you can take with data you copy into the clipboard. [...]
May 11, 2022
Windows 11 KB5013943 update causes 0xc0000135 application errors
Windows 11 users are receiving 0xc0000135 errors when attempting to launch applications after installing the recent Windows 11 KB5013943 cumulative update. [...]
May 11, 2022
US charges hacker for breaching brokerage accounts, securities fraud
The U.S. Department of Justice (DoJ) has charged Idris Dayo Mustapha for a range of cybercrime activities that took place between 2011 and 2018, resulting in financial losses estimated to over $5,000,000. [...]
May 11, 2022
Microsoft: Windows 10 20H2 has reached end of service
Microsoft says multiple editions of Windows 10 20H2 and Windows 10 1909 have reached their end of service (EOS) on this month's Patch Tuesday, on May 10, 2022. [...]
May 11, 2022
HP fixes bug letting attackers overwrite firmware in over 200 models
HP has released BIOS updates today to fix two high-severity vulnerabilities affecting a wide range of PC and notebook products, which might allow arbitrary code execution. [...]
May 11, 2022
New stealthy Nerbian RAT malware spotted in ongoing attacks
A new remote access trojan called Nerbian RAT has been discovered that includes a rich set of features, including the ability to evade detection and analysis by researchers. [...]
May 11, 2022
CISA tells federal agencies to fix actively exploited F5 BIG-IP bug
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new security vulnerability to its list of actively exploited bugs, the critical severity CVE-2022-1388 affecting BIG-IP network devices. [...]
May 11, 2022
Our Medical Devices' Open Source Problem - What Are the Risks?
There is no doubt that open source powers our development processes, enabling software developers to build high quality, innovative products faster than ever before. But OSS also comes with its own set of risks that device manufacturers must address while leveraging its many advantages. [...]
May 11, 2022
FBI, CISA, and NSA warn of hackers increasingly targeting MSPs
Members of the Five Eyes (FVEY) intelligence alliance today warned managed service providers (MSPs) and their customers that they're increasingly targeted by supply chain attacks. [...]
May 11, 2022
Bitter cyberspies target South Asian govts with new malware
New activity has been observed from Bitter, an APT group focused on cyberespionage, targeting the government of Bangladesh with new malware with remote file execution capabilities. [...]
May 11, 2022
Microsoft fixes Windows Direct3D issue behind app crashes
Microsoft has addressed aknown issue causingapps using Direct3D 9 to experience issues after installing April 2022 cumulative updates, including crashes and errors on systems using certainGPUs. [...]
May 11, 2022
New IceApple exploit toolset deployed on Microsoft Exchange servers
Security researchers have found a new post-exploitation framework that they dubbed IceApple, deployed mainly on Microsoft Exchange servers across a wide geography. [...]
May 10, 2022
Critical F5 BIG-IP vulnerability targeted by destructive attacks
A recently disclosed F5 BIG-IP vulnerability has been used in destructive attacks, attempting to erase a device's file system and make the server unusable. [...]
May 10, 2022
UK cybersecurity center sent 33 million alerts to companies
The NCSC (National Cyber Security Centre) in the UK reports having served 33 million alerts to organizations signed up for its "Early Warning" service. Additionally, the government agency has dealt with a record number of online scams in 2021, removing more than 2.7 million from the internet. [...]
May 10, 2022
Apple discontinues the revolutionary iPod music player
​Apple has decided to pull the plug on the production of the iPod Touch (7th gen), discontinuing the revolutionary iOS-based music player introduced 15 years ago. [...]
May 10, 2022
GitHub announces enhanced 2FA experience for npm accounts
Today, GitHub has launched a new public beta to notably improve the two-factor authentication (2FA) experience for all npm user accounts. [...]
May 10, 2022
Microsoft fixes new NTLM relay zero-day in all Windows versions
Microsoft has addressed an actively exploitedWindows LSA spoofing zero-day that unauthenticated attackers can exploit remotely to force domain controllers to authenticate them via the Windows NT LAN Manager (NTLM) security protocol. [...]
May 10, 2022
Windows 11 KB5013943 update fixes screen flickers and .NET app issues
Microsoft has released the Windows 11 KB5013943 cumulative update with security updates, improvements, and fixes for screen flickers in Safe Mode and a bug causing some NET 3.5 apps not to open. [...]
May 10, 2022
Microsoft May 2022 Patch Tuesday fixes 3 zero-days, 75 flaws
Today is Microsoft's May 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities, withone actively exploited,and a total of 75 flaws. [...]
May 10, 2022
Windows 10 KB5013942 and KB5013945 updates released
Microsoft has released Windows 10 KB5013945and KB5013942cumulative updates for versions 21H2, version 21H1, version 20H2, and 1909 to fix security vulnerabilities and resolve bugs. [...]
May 10, 2022
FluBot Android malware targets Finland in new SMS campaigns
Finland's National Cyber Security Center (NCSC-FI) has issued a warning about the FluBotAndroid malware infections increasing due to a new campaign that relies on SMS and MMS for distribution. [...]
May 10, 2022
UK govt releases free tool to check for email cybersecurity risks
The United Kingdom's National Cyber Security Centre (NCSC) today released a new email security check service to help organizations easily identify vulnerabilities that could allow attackers to spoof emails or can lead toemail privacy breaches. [...]
May 10, 2022
German automakers targeted in year-long malware campaign
A years-long phishing campaign has targeted German companies in the automotive industry, attempting to infect their systems with password-stealing malware. [...]
May 10, 2022
US, EU blame Russia for cyberattack on satellite modems in Ukraine
The European Union formally accused Russia of coordinating the cyberattack that hitsatellite Internet modems in Ukraine on February 24,roughly one hour before Russia invaded Ukraine. [...]
May 9, 2022
Lincoln College to close after 157 years due ransomware attack
Lincoln College, aliberal-arts school fromrural Illinois, says it will close its doors later this month, 157 years since it was founded and following a hard hit on its finances after the COVID-19 pandemic and a recent ransomware attack. [...]
May 9, 2022
Hackers display "blood is on your hands" on Russian TV, take down RuTube
​Hackers continue to target Russia with cyberattacks, defacing Russian TV to show pro-Ukrainian messages and taking down the RuTube video streaming site. [...]
May 9, 2022
Dell, Apple, Netflix face lawsuits for pulling services out of Russia
A Moscow Arbitration Court has reportedly seized almost $11million belonging to Dell LLCafter the company failed to provide paid-for services to a local system integrator. [...]
May 9, 2022
Microsoft releases fixes for Azure flaw allowing RCE attacks
Microsoft has released security updates to address a security flaw affectingAzure Synapse and Azure Data Factory pipelines that could let attackersexecute remote commands acrossIntegration Runtime infrastructure. [...]
May 9, 2022
Ukraine warns of "chemical attack" phishing pushing stealer malware
Ukraine'sComputer Emergency Response Team (CERT-UA) is warning of the mass distribution of Jester Stealer malware via phishing emails using warnings of impending chemical attacks to scare recipients into opening attachments. [...]
May 9, 2022
Hackers exploiting critical F5 BIG-IP flaw to drop backdoors
Threat actors have started massively exploiting the critical vulnerability tracked as CVE-2022-1388, which affects multiple versions of all F5 BIG-IP modules, to drop malicious payloads. [...]
May 9, 2022
Hackers are now hiding malware in Windows Event Logs
Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. [...]
May 9, 2022
Costa Rica declares national emergency after Conti ransomware attacks
The Costa Rican PresidentRodrigo Chaveshas declared a national emergency following cyber attacks from Conti ransomware group. BleepingComputer also observedContipublished most of the 672 GBdump that appears to contain data belonging tothe Costa Rican governmentagencies. [...]
May 8, 2022
Check your gems: RubyGems fixes unauthorized package takeover bug
The RubyGemspackagerepository has fixed a critical vulnerability that would allow anyone to unpublish ("yank") certain Ruby packagesfrom the repository and republish their tainted or malicious versions with the same file names and version numbers. [...]
May 8, 2022
Exploits created for critical F5 BIG-IP flaw, install patch immediately
Security researchers are warning F5 BIG-IP admins to immediately install the latest security updates after creating exploits for a recently disclosed critical CVE-2022-1388 remote code execution vulnerability. [...]
May 8, 2022
Caramel credit card stealing service is growing in popularity
A credit card stealing service is growing in popularity, allowing any low-skilled threat actors an easy and automated way to get started in the world of financial fraud. [...]
May 8, 2022
Google Play now blocks paid app downloads, updates in Russia
Google is now blocking Russian users and developersfrom downloading or updating paid applications from the Google Play Store dueto sanctions,starting Thursday. [...]
May 7, 2022
Fake crypto giveaways steal millions using Elon Musk Ark Invest video
Fake cryptocurrency giveaways are stealing millions of dollars simply by replaying old Elon Musk and Jack Dorsey Ark Invest videos on YouTube. [...]
May 7, 2022
UK sanctions Russian microprocessor makers, banning them from ARM
The UK government added 63 Russian entities to its sanction list on Wednesday. Among them are Baikal Electronics and MCST (Moscow Center of SPARC Technologies), the two most important chip makers in Russia. [...]
May 7, 2022
Trend Micro antivirus modified Windows registry by mistake - How to fix
Trend Micro antivirus has fixed a false positive affecting its Apex One endpoint security solution that causedMicrosoft Edge updates to be tagged as malware and the Windows registry to be incorrectly modified. [...]
May 7, 2022
US offers $15 million reward for info on the Conti ransomware gang
The US Department of State is offering up to $15 million for information that helps identify and locate leadership and co-conspirators of the infamous Conti ransomware gang. [...]
May 6, 2022
The Week in Ransomware - May 6th 2022 - An evolving landscape
Ransomware operations continue to evolve, with new groups appearing and others quietly shutting down their operations or rebranding as new groups. [...]
May 6, 2022
Xbox is down worldwide with users unable to play games
Microsoft says theXbox Live services are currently down in a major outage, impacting customers worldwide and preventing them from launching or buying games. [...]
May 6, 2022
Ferrari subdomain hijacked to push fake Ferrari NFT collection
One of Ferrari's subdomains was hijacked yesterday to host a scam promoting fake Ferrari NFT collection,according to researchers. The Ethereum wallet associated with the cryptocurrencyscam appears to have collected a fewhundred dollars before the hacked subdomain was shut down. [...]
May 6, 2022
US agricultural machinery maker AGCO hit by ransomware attack
AGCO, a leading US-based agricultural machinery producer, has announced it was hit by a ransomware attack impacting some of its production facilities. [...]
May 6, 2022
QNAP fixes critical QVR remote command execution vulnerability
QNAP has released several security advisories today to alert its customers about various fixes for flaws affecting its products. The one that stands out is a critical RCE (remote code execution) in QVR. [...]
May 6, 2022
US sanctions Bitcoin laundering service used by North Korean hackers
The US Department of Treasury today sanctionedcryptocurrencymixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen fromAxie Infinity's Ronin bridge. [...]
May 6, 2022
NVIDIA fined for failure to disclose cryptomining sales boost
The U.S. Securities and Exchange Commission (SEC) announced Friday that it settledcharges against multinational tech firm NVIDIA for "inadequate disclosures" ofcryptomining's impact on its gaming business. [...]
May 6, 2022
SheetJS ditches npm registry over 2FA requirement and 'legal matters'
In a surprising move, the popular open source project, SheetJS aka "xlsx,"has dropped support for the npm registry. Downloaded about 1.4 million times every week on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets using nothing but JavaScript. [...]
May 6, 2022
Google Docs crashes on seeing "And. And. And. And. And."
A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. BleepingComputer was able to reproduce the issue last night and reached out to Google. [...]
May 5, 2022
New Raspberry Robin worm uses Windows Installer to drop malware
Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives. [...]
May 5, 2022
White House: Prepare for cryptography-cracking quantum computers
President Joe Biden signed a national security memorandum (NSM) on Thursday asking government agencies to implement a set of measures that wouldmitigate risks posed by quantum computers to US national cyber security. [...]
May 5, 2022
Ukraine's IT Army is disrupting Russia's alcohol distribution
Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia. [...]
May 5, 2022
NIST updates guidance for defending against supply-chain attacks
The National Institute of Standards and Technology (NIST) has released updated guidance on securing the supply chain against cyberattacks. [...]
May 5, 2022
FTC to force ISP to deploy fiber for 60K users to match speed claims
The Federal Trade Commission (FTC) today proposed an order requiring Connecticut-based internet service provider Frontier Communications to stop "lying" to its customers and support its high-speed internet claims. [...]
May 5, 2022
Microsoft, Apple, and Google to support FIDO passwordless logins
Microsoft, Apple, and Google announced today plans to support a common passwordless sign-in standard(known as passkeys) developed by theWorld Wide Web Consortium(W3C) and the FIDO Alliance. [...]
May 5, 2022
Google fixes actively exploited Android kernel vulnerability
Google has released the second part of the May security patch for Android, including a fix for an actively exploited Linux kernel vulnerability. [...]
May 5, 2022
New NetDooka malware spreads via poisoned search results
A new malware framework known as NetDooka has been discovered being distributed through the PrivateLoader pay-per-install (PPI) malware distribution service, allowing threat actors full access to an infected device. [...]
May 5, 2022
Tor project upgrades network speed performance with new system
The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. [...]
May 5, 2022
Heroku admits that customer credentials were stolen in cyberattack
Heroku has now revealed that the stolenGitHub integration OAuth tokens from last monthfurther led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledgedthe same compromised token was used by attackers toexfiltratecustomers'hashed and salted passwords from "a database." [...]
May 4, 2022
F5 warns of critical BIG-IP RCE bug allowing device takeover
F5 has issued a security advisory warning about a flaw that may allow unauthenticated attackers with network access to execute arbitrary system commands, perform file actions, and disable services on BIG-IP. [...]
May 4, 2022
Cisco fixes NFVIS bugs that help gain root and hijack hosts
Cisco has addressed several security flaws found in theEnterprise NFV Infrastructure Software (NFVIS), a solution that helpsvirtualize network services for easier management of virtual network functions (VNFs). [...]
May 4, 2022
Pixiv, DeviantArt artists hit by NFT job offers pushing malware
Users on Pixiv, DeviantArt, and other creator-oriented online platforms report receiving multiple messages from people claiming to be from the "Cyberpunk Ape Executives" NFT project, with the main goal to infect artists' devices with information-stealing malware. [...]
May 4, 2022
Attackers hijack UK NHS email accounts to steal Microsoft logins
For about half a year, work email accounts belonging to over 100 employees of the National Health System (NHS) in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins. [...]
May 4, 2022
Heroku forces user password resets but fails to explain why
Salesforce-owned Heroku is performing a forced password reset on a subset of user accounts in response to last month's security incident while providing no information as to why they are doing so other than vaguely mentioning it is to further secure accounts. [...]
May 4, 2022
FBI says business email compromise is a $43 billion scam
The Federal Bureau of Investigation (FBI) said today that the amount of money lost to business email compromise (BEC) scams continues to grow each year, with a 65% increase in the identified global exposed losses between July 2019 and December 2021. [...]
May 4, 2022
Hackers stole data undetected from US, European orgs since 2019
Cybersecurity analysts have exposed a lengthy operation attributed to the group of Chinese hackers known as "Winnti" and tracked as APT41, which focused on stealing intellectual property assets like patents, copyrights, trademarks, and other types of valuable data. [...]
May 4, 2022
GitHub to require 2FA from active developers by the end of 2023
GitHub announced today that all users who contribute code on its platform (an estimated 83 milliondevelopers in total) will be required to enable two-factor authentication (2FA) on their accounts by the end of 2023. [...]
May 4, 2022
Microsoft: Windows 11 KB5012643 update will break some apps
Microsoft has warned Windows 11 users that they might experienceissues launching and using some .NET Framework 3.5applications. [...]
May 4, 2022
Using PowerShell to manage password resets in Windows domains
With breaches running rampant, it's common to force password resets on your Windows domain. This article shows how admins can use PowerShell to manage password resets and introduce software that makes it even easier. [...]
May 4, 2022
Pro-Ukraine hackers use Docker images to DDoS Russian sites
Docker images with a download count of over 150,000 have been used to run distributed denial-of-service (DDoS)attacks against a dozenRussian and Belarusianwebsites managed bygovernment, military, and news organizations. [...]
May 4, 2022
Mitsubishi Electric faked safety and quality control tests for decades
Mitsubishi Electric, one of the world's leading providers of large-scale electrical and HVAC systems has admitted to fraudulently conducting quality assurance tests on its transformers—for decades. [...]
May 4, 2022
Microsoft warns Exchange Online basic auth will be disabled
Microsoft warned customers today that it will start disabling Basic Authentication in random tenants worldwide on October 1, 2022. [...]
May 3, 2022
New ransomware strains linked to North Korean govt hackers
Several ransomware strains have been linked to APT38, a North Korean-sponsored hacking group known for its focus on targeting and stealing funds from financial institutions worldwide. [...]
May 3, 2022
Conti, REvil, LockBit ransomware bugs exploited to block encryption
Hackers commonly exploit vulnerabilities in corporate networks to gain access, but a researcher has turned the table by finding exploits in the most common ransomware and malware being distributed today. [...]
May 3, 2022
New phishing warns: Your verified Twitter account may be at risk
Phishing emails increasingly target verified Twitter accounts with emails designed to steal their account credentials, as shown by numerous ongoing campaigns conducted by threat actors. [...]
May 3, 2022
SEC ramps up fight on cryptocurrency fraud by doubling cyber unit
The USSecurities and Exchange Commission (SEC) announced today that it will almost double theCrypto Assets and Cyber Unit to ramp up the fight against cryptocurrency fraud to protect investors from "cyber-related threats." [...]
May 3, 2022
Google: Chinese state hackers keep targeting Russian govt agencies
Google said today that a Chinese-sponsored hacking group linked to China'sPeople's Liberation Army Strategic Support Force (PLA SSF) is targeting Russian government agencies. [...]
May 3, 2022
Microsoft PowerShell lets you track Windows Registry changes
​A handy tip was shared online this week, showing how you can use PowerShell to monitor changes to the Windows Registry over time. [...]
May 3, 2022
Unpatched DNS bug affects millions of routers and IoT devices
A vulnerability in the domain name system (DNS) componentof apopular C standard library that ispresent in a wide range of IoT products may put millions of devices at DNS poisoning attack risk. [...]
May 3, 2022
Aruba and Avaya network switches are vulnerable to RCE attacks
Security researchers have discovered five vulnerabilities in network equipment from Aruba (owned by HP) and Avaya (owned by ExtremeNetworks), that could allow malicious actors to execute code remotely on the devices. [...]
May 2, 2022
Chinese cyber-espionage group Moshen Dragon targets Asian telcos
Researchers have identified a new cluster of malicious cyber activity tracked as Moshen Dragon, targeting telecommunication service providers in Central Asia. [...]
May 2, 2022
New PyScript project lets you run Python programs in the browser
The project was announced this weekend at PyCon US 2022 and acts as a wrapper around thePyodideproject, which loads the CPython interpreter as a WebAssembly browser module. [...]
May 2, 2022
Microsoft Defender for Business stand-alone now generally available
Microsoft saysthat itsenterprise-grade endpoint security for small to medium-sized businesses is now generally available. [...]
May 2, 2022
Google SMTP relay service abused for sending phishing emails
Phishing actors abuse Google's SMTP relay service to bypass email security products and successfully deliver malicious emails to targeted users. [...]
May 2, 2022
Cyberspies breach networks via IP cameras to steal Exchange emails
A newly discovered and uncommonly stealthy Advanced Persistent Threat (APT) group is breaching corporate networks to steal Exchange (on-premise and online) emails from employees involved in corporate transactions such as mergers and acquisitions. [...]
May 2, 2022
Car rental giant Sixt facing disruptions due to a cyberattack
​Car rental giant Sixt was hit by a weekend cyberattack causing business disruptions at customer care centers and select branch [...]
May 2, 2022
Microsoft fixes Windows 11 bug causing flickers in safe mode
Microsoft has addressed a newly acknowledged known issue that caused flickering screen problems and made some Windows apps (e.g., File Explorer, Start Menu, and Taskbar) seem unstable in Safe Mode without Networking. [...]
May 2, 2022
U.S. DoD tricked into paying $23.5 million to phishing actor
The U.S. Department of Justice (DoJ) has announced the conviction of Sercan Oyuntur, 40, resident of California, for multiple counts relating to a phishing operation that caused $23.5 million in damages to the U.S. Department of Defense (DoD). [...]
May 1, 2022
REvil ransomware returns: New malware sample confirms gang is back
The notorious REvil ransomware operation has returned amidst rising tensions between Russia and the USA, with new infrastructure and a modified encryptor allowing for more targeted attacks. [...]
May 1, 2022
Open source 'Package Analysis' tool finds malicious npm, PyPI packages
The Open Source Security Foundation (OpenSSF), a Linux Foundation-backed initiative has released its first prototype version of the 'Package Analysis' tool that aims to catch and counter malicious attacks on open source registries. the open source tool released on GitHub was able to identify over 200 malicious npm and PyPI packages. [...]
May 1, 2022
Russian hackers compromise embassy emails to target governments
Security analysts have uncovered a recent phishing campaign from Russian hackers known as APT29 (Cozy Bear or Nobelium)targeting diplomats and government entities. [...]
May 1, 2022
A YouTuber is promoting DDoS attacks on Russia — how legal is this?
A YouTube influencer with hundreds of thousands of subscribers is encouraging everyone to conduct cyber warfare against Russia. How risky is it and can you get in trouble? [...]
May 1, 2022
Google fights doxxing with updated personal info removal policy
Google has expanded its policies to allow doxxing victims to remove more of their personally identifiable information (PII) from search engine results starting earlier this week. [...]
April 30, 2022
Fake Windows 10 updates infect you with Magniber ransomware
Fake Windows 10 updates on crack sites are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month. [...]
April 30, 2022
Atlassian doubles the number of orgs affected by two week outage
Atlassian says that this month'stwo-week-long cloud outagehas impacted almost double the number of customers it initially estimated after learning of the incident. [...]
April 29, 2022
The Week in Ransomware - April 29th 2022 - New operations emerge
This week we have discovered numerous new ransomware operations that have begun operating, with one appearing to be a rebrandof previous operations. [...]
April 29, 2022
Windows 11 gets new group policies to tweak the Start Menu
Microsoft has released a new Windows 11 build to the Dev and Beta Channels that introduces multiple group policies that IT administrators can use to tweak the Start menu, the taskbar, and the system tray. [...]
April 29, 2022
Online library app Onleihe faces issues after cyberattack on provider
Library lending app Onleiheannounced problems lending several media formats offered on the platform, like audio, video, and e-book files, after a cyberattack targeted their vendor. [...]
April 29, 2022
Google gives 50% bonus to Android 13 Beta bug bounty hunters
Google has announced that all security researchers whoreport Android 13 Beta vulnerabilitiesthrough its Vulnerability Rewards Program(VRP)will get a 50% bonus on top of the standard reward until May 26th, 2022. [...]
April 29, 2022
India to require cybersecurity incident reporting within six hours
The Indian government has issued new directives requiring organizations to report cybersecurity incidents to CERT-INwithin six hours, even if those incidents are port or vulnerability scans of computer systems. [...]
April 29, 2022
Russian hacktivists launch DDoS attacks on Romanian govt sites
The Romanian national cyber security and incident response team, DNSC, has issued a statement about a series of distributed denial-of-service (DDoS) attacks targeting several public websites managed by the state entities. [...]
April 28, 2022
Hands on with Microsoft Edge's new built-in VPN feature
Edge's Secure Network is powered by Cloudflare - one of the most trusted DNS hosts in the industry - and it aims to protect your device and sensitive data as you browse. The featureis in the early stage of development available to select users in Edge Canaryand it's not a full-fledged VPN service offered in browsers like Opera. [...]
April 28, 2022
WhatsApp is currently down with users reporting connection issues
WhatsApp is down according to user reports mentioning issues connecting to the messaging platform and the inability to send messages although still connected. [...]
April 28, 2022
EmoCheck now detects new 64-bit versions of Emotet malware
The Japan CERT has released a new version of their EmoCheck utility to detect new 64-bit versions of the Emotet malware that began infecting users this month. [...]
April 28, 2022
Synology warns of critical Netatalk bugs in multiple products
Synology has warned customersthat some of its network-attached storage (NAS) appliances are exposed to attacks exploiting multiple critical Netatalk vulnerabilities. [...]
April 28, 2022
Microsoft fixes ExtraReplica Azure bugs that exposed user databases
Microsoft has addressed a chain of critical vulnerabilities found in the Azure Database for PostgreSQL Flexible Server that could let malicious usersescalate privileges and gain access to other customers' databases after bypassing authentication. [...]
April 28, 2022
Medical software firm fined 1.5M for leaking data of 490k patients
The French data protection authority (CNIL) fined medical software vendor Dedalus Biology with EUR 1.5 millionforviolating three articles of the GDPR (General Data Protection Regulation). [...]
April 28, 2022
Ukraine targeted by DDoS attacks from compromised WordPress sites
Ukraine's computer emergency response team (CERT-UA) has published an announcement warning of ongoing DDoS (distributed denial of service) attacks targeting pro-Ukraine sites and the government web portal. [...]
April 28, 2022
How to Attack Your Own Company's Service Desk to spot risks
Specops Secure Service Desk is an excellent tool for keeping a help desk safe from social engineering attacks. Although Specops Secure Service Desk offers numerous features, there are three capabilities that are especially useful for thwarting social engineering attacks. [...]
April 28, 2022
New Bumblebee malware takes over BazarLoader's ransomware delivery
A newly discovered malware loader called Bumblebee is likely the latest development of the Conti syndicate, designed to replace the BazarLoader backdoor used to deliver ransomware payloads. [...]
April 28, 2022
NPM flaw let attackers add anyone as maintainer to malicious packages
A logical flaw in the npm registry, dubbed 'package planting' let authors of malicious packagesquietly add anyone and any number of users as 'maintainers' to their packages in an attempt to boostthe trust in their package. [...]
April 28, 2022
Ransom payment is roughly 15% of the total cost of ransomware attacks
Researchers analyzing the collateral consequences of a ransomware attack include costs that are roughly seven times higher than the ransom demanded by the threat actors. [...]
April 28, 2022
Austin Peay State University resumes after ransomware cyber attack
Austin Peay State University (APSU) confirmed yesterday that it had been a victim of a ransomware attack. The university, located in Clarksville, Tennesseeadvised students, staff, and facultyto disconnect their computers and devices from the university network immediatelyas a precaution. [...]
April 27, 2022
PSA: Onyx ransomware destroys large files instead of encrypting them
A new Onyx ransomware operation is destroying large files instead of encrypting them, preventing those files from being decrypted even if a ransom is paid. [...]
April 27, 2022
New Black Basta ransomware springs into action with a dozen breaches
A new ransomware gang known as Black Basta has quickly catapulted into operation this month, claiming to have breached over twelve companies in just a few weeks. [...]
April 27, 2022
GitHub: How stolen OAuth tokens helped breach dozens of orgs
GitHub has shared a timeline of this month'ssecurity breach when a threat actor gained access to and stole private repositoriesbelonging to dozens of organizations. [...]
April 27, 2022
QNAP warns users to disable AFP until it fixes critical bugs
Taiwanese corporation QNAP has asked customers this week to disable the AFP file service protocol on their network-attached storage (NAS) appliances until it fixes multiple critical Netatalk vulnerabilities. [...]
April 27, 2022
Microsoft says Russia hit Ukraine with hundreds of cyberattacks
Microsoft has revealed the true scale of Russian-backed cyberattacks against Ukraine since the invasion, with hundreds of attempts from multiple Russian hacking groups targeting the country's infrastructure and Ukrainian citizens. [...]
April 27, 2022
Russian govt impersonators target telcos in phishing attacks
A previously unknown andfinancially motivated hacking group is impersonating a Russian agency in a phishing campaign targeting entities in Eastern European countries. [...]
April 27, 2022
Cybersecurity agencies reveal top exploited vulnerabilities of 2021
In partnership with the NSA and the FBI, cybersecurity authorities worldwide have released today a list of the top 15 vulnerabilities routinely exploited by threat actors during 2021. [...]
April 27, 2022
RIG Exploit Kit drops RedLine malware via Internet Explorer bug
Threat analysts have uncovered yet another large-scale campaign delivering the RedLine stealer malware onto worldwide targets. [...]
April 27, 2022
Chinese state-backed hackers now target Russian state officers
Security researchers analyzing a phishing campaign targeting Russian officials found evidence that points to the China-based threat actor tracked as Mustang Panda (also known as HoneyMyteand Bronze President). [...]
April 27, 2022
Number of publicly exposed database instances hits new record
Security researchers have noticed an increase in the number of databases publicly exposed to the Internet, with308,000 identified in 2021. The growth continued quarter over quarter, peaking in the first months of this year. [...]
April 27, 2022
New Nimbuspwn Linux vulnerability gives hackers root privileges
A new set of vulnerabilities collectively tracked as Nimbuspwn could let local attackers escalate privileges on Linux systems to deploy malware ranging from backdoors to ransomware. [...]
April 26, 2022
US offers $10 million reward for tips on Russian Sandworm hackers
The U.S. is offering up to $10 million to identify or locate six Russian GRU hackers who are part of the notorious Sandworm hacking group. [...]
April 26, 2022
Emotet malware now installs via PowerShell in Windows shortcut files
The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. [...]
April 26, 2022
American Dental Association hit by cyberattack, operations disrupted
The American Dental Association (ADA) was hit by a weekend cyberattack causing them to shut down portions of their network while investigating the attack. [...]
April 26, 2022
Coca-Cola investigates hackers' claims of breach and data theft
Coca-Cola, the world's largest soft drinks maker, has confirmed in a statement to BleepingComputer that it is aware of the reports about a cyberattack on its network and is currently investigating the claims. [...]
April 26, 2022
Google Play Store now forces apps to disclose what data is collected
Google is rolling out a new Data Safety section on the Play Store, Android's official app repository, where developers must declare what data their software collects from users of their apps. [...]
April 26, 2022
Public interest in Log4Shell fades but attack surface remains
It's been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat analysts warn that the application of the available fixes is still way behind. [...]
April 26, 2022
David Colombo on Tesla Hacks and Growing into Hacking
Cybellum interviewed David Colombo, the cyber boy wonder of Germany, and founder of Colombo Technologies for our podcast, Left to Our Own Devices. Not yet 20 years old, the prolific cyber researcher already has to his credit the exposure of numerous critical vulnerabilities, including the honor of hacking his way into Tesla vehicles. [...]
April 26, 2022
Hackers exploit critical VMware RCE flaw to install backdoors
Advanced hackers are actively exploiting a critical remote code execution (RCE) vulnerability,CVE-2022-22954, that affects in VMware Workspace ONE Access (formerly called VMware Identity Manager). [...]
April 25, 2022
Windows 10 KB5011831 update released with 26 bug fixes, improvements
Microsoft has released the optional KB5011831 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2 that fixes 26 bugs. [...]
April 25, 2022
CISA adds 7 vulnerabilities to list of bugs exploited in attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added sevenvulnerabilities to its list of actively exploited security issues, including those from Microsoft, Linux, and Jenkins. [...]
April 25, 2022
Emotet malware infects users again after fixing broken installer
The Emotet malware phishing campaign is up and running again after the threat actors fixed a bug preventing people from becoming infected when they opened malicious email attachments. [...]
April 25, 2022
North Korean hackers targeting journalists with novel malware
North Korean state-sponsored hackers known as APT37 have been discovered targeting journalists specializing in the DPRK with a novel malware strain. [...]
April 25, 2022
French hospital group disconnects Internet after hackers steal data
The GHT Coeur Grand Est. Hospitals and Health Care group comprising nine establishments with 3,370 beds across Northeast France has disclosed a cyberattack that resulted in the theft of sensitive administrative and patient data. [...]
April 25, 2022
New powerful Prynt Stealer malware sells for just $100 per month
Threat analysts have spotted yet another addition to the growing space of info-stealer malware infections, named Prynt Stealer, which offers powerful capabilities and extra keylogger and clipper modules. [...]
April 25, 2022
Quantum ransomware seen deployed in rapid network attacks
The Quantum ransomware, a strain first discovered in August 2021, were seen carrying out speedy attacks that escalate quickly, leaving defenders little time to react. [...]
April 24, 2022
Enable Windows 11's God Mode to access all settings in one screen
The settings app has been significantly improved, but several Control Panel features are still missing. Thankfully, Windows 11 still comes with the Control Panel and File Explorer-basedadvanced configuration page called "God Mode" that allows you to easily access all advanced tools, features, and tasks. [...]
April 23, 2022
Animated QR codes: how do they work, and how to create your own?
Is there such a thing as animated QR codes? And could they work?Even those whomay not knowhowexactly QR codes work have pretty much been exposed to them by now. [...]
April 22, 2022
'Hack DHS' bug hunters find 122 security flaws in DHS systems
The Department of Homeland Security (DHS) today revealed that bug bounty hunters enrolled in its 'Hack DHS' bug bounty program have found 122 security vulnerabilities in external DHS systems, 27 of them rated critical severity. [...]
April 22, 2022
Russian hackers are seeking alternative money-laundering options
The Russian cybercrime community, one of the most active and prolific in the world, is turning to alternative money-launderingmethods due to sanctions on Russia and law enforcement actions against dark web markets. [...]
April 22, 2022
US govt grants academics $12M to develop cyberattack defense tools
The USDepartment of Energy (DOE) has announced that it will provide $12 million in funding tosix university teams to developdefense and mitigation tools to protect US energy delivery systems from cyberattacks. [...]
April 22, 2022
T-Mobile confirms Lapsus$ hackers breached internal systems
T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "several weeks ago"using stolen credentials and gained access to internal systems. [...]
April 22, 2022
Chinese hackers behind most zero-day exploits during 2021
Threat analysts report that zero-day vulnerability exploitation is on the rise with Chinese hackers using most of them in attacks last year. [...]
April 22, 2022
Atlassian fixes critical Jira authentication bypass vulnerability
Atlassian has published a security advisory to alert that its Jira and Jira Service Management products are affected by a critical authentication bypass vulnerability in Seraph, the company'sweb application security framework. [...]
April 22, 2022
Ubuntu 22.04 LTS released with performance and security improvements
Canonical has announced the general availability of version 22.04 of the Ubuntu Linux distribution, codenamed 'Jammy Jellyfish', which brings betterhardware support and an improved security baseline. [...]
April 22, 2022
Windows 10 KB5012636 cumulative update fixes freezing issues
Microsoft has released the optional KB5012636 cumulative update preview for Windows 10 1809 and Windows Server 2019, with fixes for system freezing issues affecting client and server systems. [...]
April 21, 2022
Docker servers hacked in ongoing cryptomining malware campaign
Docker APIs on Linux servers are being targeted by a large-scale Monero crypto-mining campaign from the operators of the Lemon_Duck botnet. [...]
April 21, 2022
Hackers earn $400K for zero-day ICS exploits demoed at Pwn2Own
Pwn2Own Miami 2022 has ended with competitors earning $400,000 for 26 zero-day exploits (and several bug collisions) targeting ICS and SCADA products demoed during the contest between April 19 and April 21. [...]
April 21, 2022
QNAP asks users to mitigate critical Apache HTTP Server bugs
QNAP has asked customers to apply mitigation measures to block attempts to exploit Apache HTTP Server security vulnerabilities impacting their network-attached storage (NAS) devices. [...]
April 21, 2022
U.S. Treasury sanctions Russian cryptocurrency mining companies
The U.S. Department of the Treasury has announced a new package of sanctions targeting parties that facilitate evasion of previous measures imposed on Russia. [...]
April 21, 2022
Critical bug in Android could allow access to users' media files
Security analysts have found that Android devices running on Qualcomm and MediaTek chipsets were vulnerable to remote code execution due to a flaw in the implementation of the Apple Lossless Audio Codec (ALAC). [...]
April 21, 2022
GitHub restores popular Python repo hit by bogus DMCA takedown
Yesterday, following a DMCA complaint, GitHub took down a repository that hosts theofficial SymPy project documentation website. It turns out the DMCA notice filed by HackerRank's representatives was sent out in error and generated much backlash from the open source community.The DMCA notice has since been rescinded. [...]
April 21, 2022
Binance tells Russian users with over 10k to withdraw everything
Binance has announced some significant changes in its services for Russia-based users, which mark the company's effort toalign with European Union's fifth wave of sanctions against Russia. [...]
April 21, 2022
Cisco Umbrella default SSH key allows theft of admin credentials
Cisco has released security updates to address a high severity vulnerability in the Cisco Umbrella Virtual Appliance (VA), allowing unauthenticated attackers to steal admin credentials remotely. [...]
April 21, 2022
FBI: BlackCat ransomware breached at least 60 entities worldwide
The Federal Bureau of Investigation (FBI) saysthe Black Cat ransomware gang, also known as ALPHV,has breached the networks of at least 60 organizations worldwide, between November 2021 and March 2022. [...]
April 20, 2022
REvil's TOR sites come alive to redirect to new ransomware operation
REvil ransomware's servers in the TOR network are back up after months of inactivity and redirect to a new operation that appears to have started since at least mid-December last year. [...]
April 20, 2022
Microsoft Exchange servers hacked to deploy Hive ransomware
A Hive ransomware affiliatehas been targeting Microsoft Exchange servers vulnerable to ProxyShellsecurity issues to deploy various backdoors, including Cobalt Strike beacon. [...]
April 20, 2022
FBI warns of ransomware attacks targeting US agriculture sector
The US Federal Bureau of Investigation (FBI) warned Food and Agriculture (FA) sector organizations today of an increased riskthat ransomware gangs "may be more likely" to attackthem during the harvest and planting seasons. [...]
April 20, 2022
US and allies warn of Russian hacking threat to critical infrastructure
Today, Five Eyes cybersecurity authorities warned critical infrastructure network defenders of an increased risk that Russia-backed hacking groups could target organizations within and outside Ukraine's borders. [...]
April 20, 2022
Okta: Lapsus$ breach lasted only 25 minutes, hit 2 customers
Identity and access management firm Okta says an investigation into the January Lapsus$ breach concluded the incident's impact was significantly smaller than expected. [...]
April 20, 2022
Microsoft Defender flags Google Chrome updates as suspicious
Microsoft Defender for Endpoint has been tagging Google Chrome updates delivered via Google Update as suspicious activity due toa false positive issue. [...]
April 20, 2022
Brave adds Discussions to enrich its search results
Brave, the maker of the homonymous web browser,has announced a new feature called Discussions thataddsconversations from online forums to its privacy-focused search engine. [...]
April 20, 2022
Russian state hackers hit Ukraine with new malware variants
Threat analysts report the activity of the Russian state-sponsored threat group known as Gamaredon (Armageddon, Shuckworm), is still notably active in Ukrainian computer networks. [...]
April 20, 2022
Amazon Web Services fixes container escape in Log4Shell hotfix
Amazon Web Services (AWS) has fixed four security issues in its hot patch from December that addressed the critical Log4Shell vulnerability (CVE-2021-44228) affecting cloud or on-premise environments running Java applications with a vulnerable version of the Log4jlogging libraryor containers. [...]
April 19, 2022
CISA warns of attackers now exploiting Windows Print Spooler bug
The Cybersecurity and Infrastructure Security Agency (CISA) has addedthreenew security flaws to its list of actively exploited bugs, including a local privilege escalation bug in the Windows Print Spooler. [...]
April 19, 2022
Emotet botnet switches to 64-bit modules, increases activity
The Emotet malware is having a burst in distribution and is likely to soon switch to new payloads that are currently detected by fewer antivirus engines. [...]
April 19, 2022
QNAP urges customers to disable UPnP port forwarding on routers
Taiwanese hardware vendor QNAPurged customers on Monday to disableUniversal Plug and Play (UPnP) port forwarding on their routers to prevent exposing their network-attached storage (NAS) devicesto attacks from the Internet. [...]
April 19, 2022
Microsoft disables SMB1 by default for Windows 11 Home Insiders
Microsoft announced today that the 30-year-old SMBv1 file-sharing protocol is now disabled by default on Windows systems running the latest Windows 11 Home Dev channel builds, the last editions of Windows or Windows Server that still came with SMBv1 enabled. [...]
April 19, 2022
Real-time voice concealment algorithm blocks microphone spying
Columbia University researchers have developed a novel algorithm that can block rogue audio eavesdropping via microphones in smartphones, voice assistants, and IoTs in general. [...]
April 19, 2022
GitHub notifies owners of private repos stolen using OAuth tokens
GitHubsays it notified all organizations believed to have had data stolen from their private repositories by attackers abusing compromised OAuth user tokensissued to Heroku and Travis-CI. [...]
April 19, 2022
How to protect your ADFS from password spraying attacks
Microsoft recommends a multi-tiered approach for securing your ADFS environment from password attacks. Learn how Specops can fill in the gaps to add further protection against password sprays and other password attacks. [...]
April 19, 2022
New stealthy BotenaGo malware variant targets DVR devices
Threat analysts have spotted a new variant of the BotenaGo botnet malware, and it's the stealthiest seen so far, running undetected by any anti-virus engine. [...]
April 19, 2022
Lenovo UEFI firmware driver bugs affect over 100 laptop models
Lenovo has published a security advisory on vulnerabilities that impact its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its laptop models. [...]
April 19, 2022
LinkedIn brand takes lead as most impersonated in phishing attacks
Security researchers are warning that LinkedIn has become the most spoofed brand in phishing attacks, accounting for more than 52% of all such incidents at a global level. [...]
April 18, 2022
US warns of Lazarus hackers using malicious cryptocurrency apps
CISA, the FBI, and the US Treasury Department warned today that the North Korean Lazarus hacking group is targeting organizations in the cryptocurrency and blockchain industrieswith trojanized cryptocurrency applications. [...]
April 18, 2022
Free decryptor released for Yanluowang ransomware victims
Kaspersky today revealed it found a vulnerability in Yanluowang ransomware's encryption algorithm, which makes it possible to recover files it encrypts. [...]
April 18, 2022
Newly found zero-click iPhone exploit used in NSO spyware attacks
Digital threat researchers at Citizen Lab have discovered a new zero-click iMessage exploit used to install NSO Group spyware on devices belonging to Catalan politicians, journalists, and activists. [...]
April 18, 2022
Hackers steal $655K after picking MetaMask seed from iCloud backup
MetaMask has publisheda warning for their iOS users about the seeds of cryptocurrency wallets being storedin Apple's iCloud if app data backup is active. [...]
April 18, 2022
Unofficial Windows 11 upgrade installs info-stealing malware
Hackers are luring unsuspecting users with a fake Windows 11 upgrade that comes with malware that steals browser data and cryptocurrency wallets. [...]
April 18, 2022
Windows 10 21H2 now in broad deployment, available to everyone
Microsoft says Windows 10, version 21H2 (aka the November 2021 Update) is now designated for broad deployment, making it available to everyone via Windows Update. [...]
April 18, 2022
Beanstalk DeFi platform loses $182 million in flash-load attack
The decentralized, credit-basedfinance system Beanstalk disclosed on Sunday that it suffered a security breach that resulted in financial losses of$182 million, the attacker stealing $80 million in crypto assets. [...]
April 17, 2022
Customize Windows 11 experience with these apps
Windows 11 is now available with a long list of limitations and missing features. The big feature update is currently available for download as an optional update and if you've already upgraded to the new operating system, you can try the third-party programs highlighted below. [...]
April 17, 2022
Microsoft: Office 2013 will reach end of support in April 2023
Microsoft has reminded customers this week thatMicrosoft Office 2013 is approaching its end of support next year, advising to switch to a newer version toreduce their exposureto security risks. [...]
April 16, 2022
New Industrial Spy stolen data market promoted through cracks, adware
Threat actors have launched a new marketplace called Industrial Spy that sells stolen data from breached companies, promoting the site through adware and software cracks. [...]
April 16, 2022
GitHub suspends accounts of Russian devs at sanctioned companies
Russian software developers are reporting that their GitHub accounts are being suspended without warning if they work for or previously worked for companies under US sanctions. [...]
April 15, 2022
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
GitHub revealed today that an attacker is using stolen OAuth user tokens (issued toHeroku and Travis-CI) to download data from private repositories. [...]
April 15, 2022
The Week in Ransomware - April 15th 2022 - Encrypting Russia
While countries worldwide have been the frequent target of ransomware attacks, Russia and CIS countries have been avoided by threat actors. The tables have turned with the NB65 hacking group modifying the leaked Conti ransomware to use in attacks on Russian entities. [...]
April 15, 2022
T-Mobile customers warned of unblockable SMS phishing attacks
An ongoing phishing campaign targets T-Mobile customers with malicious links using unblockable texts sent via SMS (Short Message Service) group messages. [...]
April 15, 2022
Cisco vulnerability lets hackers craft their own login credentials
Cisco has released a security advisory to warn about a critical vulnerability (CVSS v3 score: 10.0), tracked as CVE-2022-20695, impacting the Wireless LAN Controller (WLC) software. [...]
April 15, 2022
CISA orders agencies to fix actively exploited VMware, Chrome bugs
The Cybersecurity and Infrastructure Security Agency (CISA) has added nine more security flaws to its list of actively exploited bugs, including a VMware privilege escalation flaw and a Google Chrome zero-day that could be used for remote code execution. [...]
April 15, 2022
Cryptocurrency DeFi platforms are now more targeted than ever
Hackers are increasingly targeting DeFi (Decentralized Finance) cryptocurrency platforms, with Q1 2022 data showing that more platforms are being targeted than ever before. [...]
April 15, 2022
'Mute' button in conferencing apps may not actually mute your mic
A new study shows that pressing the mute button on popular video conferencing apps (VCA) may not actually work like you think it should, with apps still listening in on your microphone. [...]
April 15, 2022
Karakurt revealed as data extortion arm of Conti cybercrime syndicate
After breaching servers managed by the cybercriminals, security researchers found a connection between Conti ransomware and the recently emerged Karakurt data extortiongroup, showing that the two gangs are part of the same operation. [...]
April 14, 2022
Wind turbine firm Nordex hit by Conti ransomware attack
The Conti ransomware operation has claimed responsibility for a cyberattack on wind turbine giant Nordex, which was forced to shut down IT systems and remote access to the managed turbines earlier this month. [...]
April 14, 2022
Critical Windows RPC CVE-2022-26809 flaw raises concerns - Patch now
Microsoft has fixed a new Windows RPC CVE-2022-26809 vulnerability that is raising concerns among security researchers due to its potential for widespread, significant cyberattacks once an exploit is developed. Therefore, all organization needs to apply Windows security updates as soon as possible. [...]
April 14, 2022
FBI: Payment app users targeted in social engineering attacks
Cybercriminals are attempting to trick American users ofdigital payment apps into making instant money transfers in social engineering attacks using text messages with fakebank fraud alerts. [...]
April 14, 2022
Google Chrome emergency update fixes zero-day used in attacks
Google has released Chrome 100.0.4896.127 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability actively used by threat actors in attacks. [...]
April 14, 2022
Windows 11 tool to add Google Play secretly installed malware
A popular Windows 11 ToolBox script used to add the Google Play Store to the Android Subsystem has secretly infected users with malicious scripts, Chrome extensions, and potentially other malware. [...]
April 14, 2022
Microsoft increases awards for high-impact Microsoft 365 bugs
Microsoft has increased the maximum awards for high-impact security flaws reported through the Microsoft 365 and the Dynamics 365 / Power Platform bug bounty programs. [...]
April 14, 2022
New ZingoStealer infostealer drops more malware, cryptominers
A new information-stealing malware called ZingoStealer has been discovered with powerful data-stealing features and the ability to load additional payloads or mine Monero. [...]
April 14, 2022
FBI links largest crypto hack ever to Lazarus state hackers
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the address that received the cryptocurrency stolen inthe largest cryptocurrency hack ever, thehack of Axie Infinity's Ronin network bridge. [...]
April 14, 2022
Atlassian finally explains the cause of ongoing cloud outage
Atlassian has finally revealed the exact cause of an ongoing cloud services outage the company estimates could impact some of its customers for up to two more weeks. [...]
April 14, 2022
Hackers target Ukrainian govt with IcedID malware, Zimbra exploits
Hackers are targeting Ukrainian government agencies with new attacks exploiting Zimbra exploits and phishing attacks pushing the IcedID malware. [...]
April 14, 2022
Hetzner lost customer data and gave 20 as compensation
Hetzner Online GmbH, a German cloud services provider, told some customers this week that their data had been irreversibly lost and were provided a 20€ compensation in online credit. [...]
April 14, 2022
The top 10 password attacks and how to stop them
To better understand how to protect passwords in your environment from attacks, let's look at the top 10 password attacks and see what your organization can do to prevent them. [...]
April 14, 2022
Instagram beyond pics: Sexual harassers, crypto crooks, ID thieves
A platform for everyoneto seamlessly share their best moments online, Instagram is slowly turning into a mecca for the undesirables—from sexual harassers to crypto "investors" helping you "get rich fast." How do you keep yourself safe against such profiles? [...]
April 14, 2022
Flaw in Rarible NFT market allowed tricky crypto asset transfers
A security flaw in the Rarible NFT (non-fungible token) marketplace allowed threat actors to use a relatively simple attack vector to steal digital assets from the target's accounts and transfer them directly to their wallets. [...]
April 14, 2022
OldGremlin ransomware deploys new malware on Russian mining org
OldGremlin, a little-known threat actor that uses its particularly advanced skills to run carefully prepared, sporadic campaigns, has made a comeback last month after a gap of more than one year. [...]
April 13, 2022
CISA warns orgs to patch actively exploited Windows LPE bug
The Cybersecurity and Infrastructure Security Agency (CISA) has added ten new security bugs to its list of actively exploited vulnerabilities, including a high severitylocal privilege escalation bug in theWindows Common Log File System Driver. [...]
April 13, 2022
African banks heavily targeted in RemcosRAT malware campaigns
African banks are increasingly targeted by malware distribution campaigns that employ HTML smuggling tricks and typo-squatted domains to drop remote access trojans (RATs). [...]
April 13, 2022
New Fodcha DDoS botnet targets over 100 victims every day
A rapidly growing botnet is ensnaring routers, DVRs, and servers across the Internet to target more than 100 victims every day indistributed denial-of-service (DDoS) attacks. [...]
April 13, 2022
Hackers exploit critical VMware CVE-2022-22954 bug, patch now
Security researchers have published various proof of concepts (PoCs) scripts for exploiting CVE-2022-22954 on social media and other channels, essentially enabling malicious actors to attack unpatched systems. [...]
April 13, 2022
US warns of govt hackers targeting industrial control systems
A joint cybersecurity advisory issued by CISA, NSA, FBI, and the Department of Energy (DOE) warns of government-backed hacking groups being able to hijack multiple industrial devicesusing a new ICS-focused malware toolkit. [...]
April 13, 2022
Microsoft disrupts Zloader malware in global operation
A months-long global operation led by Microsoft's Digital Crimes Unit (DCU) has taken down dozens of domains used as command-and-control (C2) servers by the notoriousZLoader botnet. [...]
April 13, 2022
3 Reasons Connected Devices are More Vulnerable than Ever
We are surrounded by billions of connected devices that contribute round-the-clock to practically every aspect of our lives - from transportation, to entertainment, to health and well-being. Here are the top three reasons why connected-device cybersecurity is more fragile than ever. [...]
April 13, 2022
New EnemyBot DDoS botnet recruits routers and IoTs into its army
A new Mirai-based botnet malware named Enemybot has been observed growing its army of infected devices through vulnerabilities in modems, routers, and IoT devices, with the threat actor operating it known as Keksec. [...]
April 13, 2022
Critical flaw in Elementor WordPress plugin may affect 500k sites
The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites. [...]
April 13, 2022
Critical Apache Struts RCE vulnerability wasn't fully fixed, patch now
Apache has fixed a critical vulnerability in its vastly popular Struts project that was previously believed to have been resolvedbut, as it turns out, wasn't fully remedied. As such,CISA is urging users and administrators to upgrade to the latest, patched Struts 2 versions. [...]
April 12, 2022
Ethereum dev imprisoned for helping North Korea evade sanctions
Virgil Griffith, a US cryptocurrency expert, was sentenced on Tuesday to 63 months in prison after pleading guilty to assisting the Democratic People's Republic of Korea (DPRK) with technical info on how to evade sanctions. [...]
April 12, 2022
Microsoft: Windows Server now supports automatic .NET updates
Microsoft says Windows admins can now opt into automatic updates for .NET (.NET Core)viaMicrosoft Update (MU) on Windows Server systems. [...]
Home >>>







Place Service Call

(Request Support Desk Call Back)










Contact Us


Western Networks Inc.

8351 Melburn Court
Mission, British Columbia
CANADA V2V 7B3

Telephone:

604.590.2590









Latest Security Alerts


May
26th

Exploit released for critical VMware auth bypass bug, patch now

Proof-of-concept exploit code is now available online for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain admin privileges. [...]

May
26th

Microsoft shares mitigation for Windows KrbRelayUp LPE attacks

Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations. [...]

May
26th

Zyxel warns of flaws impacting firewalls, APs, and controllers

Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. [...]

May
26th

Google shut down caching servers at two Russian ISPs

Two Russian internet service providers (ISPs) have received notices from Google that the global caching servers on their network have been disabled. [...]

May
26th

Industrial Spy data extortion market gets into the ransomware game

The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...]










Latest Company News


JUL
11th

Western Networks Supports Animals in Need with LAPS

Western Networks is proud to sponsor the photo booth at the upcoming LAPS (Langley Animal Protection Society) 10th Annual Furry Tail Endings Gala, An Enchanted Ball on Saturday, November 4, 2017 at the Coast Hotel & Convention Centre in Langley. It will be a formal-dress evening of dining, dancing, and entertainment, with a silent and live auction. Proceeds go to helping protect and promote the physical, emotional, and psychological well being of companion animals in Langley. This will be a great event for a great cause!

More information and tickets are available through LAPS by phone or in person. Purchase information is here.

The results of the LAPS Dream Vacation Lottery will be announced at the Gala, as well. Tickets for the LAPS $5000 Dream Vacation Lottery are available in advance. Purchase information is here.

Come out and support our furry friends while having a "ball" doing it! We'll see you there!

FEB
3rd

Western Networks Offers In-House Hosting and Spam Protection

Seeing a need for better web, e-mail, and FTP hosting solutions, as well as superior spam-filtering solutions, Western Networks has begun offering in-house answers.

Using a group of servers to offer redundant, fail-safe hosting, Western Networks servers are high performance machines that provide reliable hosting for customer websites and e-mail. Scalability has been achieved through server virtualization, with quick and monitored fail-over in the event of an unresponsive server.

In addition, Western Networks has begun offering spam-filtering solutions via SonicWALL's outstanding Email Security appliance products. SonicWALL's Email Security products offer the best spam and virus protection available, and Western Networks is proud to be able to offer that protection to it's clients at a low cost.

Between the two new service offerings, Western Networks is able to offer an end-to-end e-mail and hosting solution that provides maximum security, excellent spam and virus filtering, and complete control over e-mail flow and hosting for easy diagnostics of any issues that may present themselves.










RingCentral Americas Status


 
Calling - Inbound
 
Calling - Outbound
 
Phones - Deskphone
 
Phones - Soft Phone
 
Meetings - RingCentral Video
 
Meetings - RingCentral Meetings
 
Webinar
 
Contact Center
 
Messaging
 
SMS - Inbound
 
SMS - Outbound
 
Fax - Inbound
 
Fax - Outbound
 
Connect Platform
 
Service Portal
 
Developer Sandbox
 
Engage Voice
 
Engage Digital AWS
 
Engage Digital Claranet
 
Other
 
Last updated: May 26, 2022 4:45:42pm PDT






 Networks · Telephones · Cabling · Consulting · Hardware · Software · Training · On-Going Support