Security Alerts Index

Security Threats and Alerts


October 2, 2023		Microsoft Defender no longer flags Tor Browser as malware For Windows users who frequently use the TorBrowser, there's been a pressing concern. Recent versions of the TorBrowser, specifically because of the tor.exe file it contained, were being flagged as potential threats by Windows Defender. [...]
October 2, 2023		Exim patches three of six zero-day bugs disclosed last week Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro's Zero Day Initiative (ZDI), one of them allowing unauthenticated attackers to gain remote code execution. [...]
October 2, 2023		New BunnyLoader threat emerges as a feature-rich malware-as-a-service Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard. [...]
October 2, 2023		Ransomware gangs now exploiting critical TeamCity RCE flaw Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains' TeamCity continuous integration and deployment server. [...]
October 2, 2023		Exploit available for critical WS_FTP bug exploited in attacks Over the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity remote code execution vulnerability in Progress Software's WS_FTP Server file sharing platform. [...]
October 2, 2023		Arm warns of Mali GPU flaws likely exploited in targeted attacks Arm in a security advisory today is warning of an actively exploited vulnerability affecting the widely-used Mali GPU drivers. [...]
October 2, 2023		Motel One discloses data breach following ransomware attack The Motel One Group has announced that it has been targeted by ransomware actors who managed to steal some customer data, including the details ofÂ 150 credit cards. [...]
October 2, 2023		FBI warns of surge in 'phantom hacker' scams impacting elderly The FBI issued a public service announcement warningÂ of a significant increase in 'phantom hacker' scams targeting senior citizens across the United States. [...]
October 1, 2023		Amazon sends Mastercard, Google Play gift card order emails by mistake Amazon mistakenly sent out purchase confirmation emails for Hotels.com, Google Play, and Mastercard gift cards to customers, making many worried their accounts were compromised. [...]
October 1, 2023		Meet LostTrust ransomware â€” A likely rebrand of the MetaEncryptor gang The LostTrust ransomware operation is believed to be a rebrand of MetaEncryptor, utilizing almost identical data leak sites and encryptors. [...]
October 1, 2023		New Marvin attack revives 25-year-old decryption flaw in RSA A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been resolved still impacts several widely-used projects today. [...]
September 30, 2023		Cloudflare DDoS protections ironically bypassed using Cloudflare Cloudflare's Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security controls. [...]
September 30, 2023		Microsoft fixes Outlook prompts to reopen closed windows Microsoft has resolved a known issue that caused Outlook Desktop to unexpectedly prompt users to reopen previously closed windows. [...]
September 29, 2023		The Week in Ransomware - September 29th 2023 - Dark Angels This week has been a busy ransomware week, with ransomware attacks having a massive impact on organizations and the fallout of the MOVEit breaches to be disclosed. [...]
September 29, 2023		Millions of Exim mail servers exposed to zero-day RCE attacks A critical zero-day vulnerability in all versions ofÂ Exim mail transfer agent (MTA) software can let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers. [...]
September 29, 2023		Exploit released for Microsoft SharePoint Server auth bypass flaw Proof-of-concept exploit code has surfaced on GitHubÂ for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation. [...]
September 29, 2023		ShinyHunters member pleads guilty to $6 million in data theft damages Sebastien Raoult, a 22-year-old from France, has pleaded guilty in the U.S. District Court of Seattle to conspiracy to commit wire fraud and aggravated identity theft as part of his activities in the ShinyHunters hacking group. [...]
September 29, 2023		Discord is investigating cause of 'You have been blocked' errors Many Discord users attempting to access the popular instant messaging and VoIP social platform today have been met with a scary "Sorry, you have been blocked" message. [...]
September 29, 2023		Lazarus hackers breach aerospace firm with new LightlessCan malware The North Korean 'Lazarus' hacking group targeted employees of an aerospace company located in Spain with fake job opportunities to hack into the corporate network using a previously unknownÂ 'LightlessCan' backdoor. [...]
September 28, 2023		Progress warns of maximum severity WS_FTP Server vulnerability Progress, the maker of theÂ MOVEit Transfer file-sharing platform recently exploited in widespread data theft attacks, warned customers to patch a maximum severity vulnerability in itsÂ WS_FTP Server software. [...]
September 28, 2023		Microsoft breach led to theft of 60,000 US State Dept emails Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform in May. [...]
September 28, 2023		Bing Chat responses infiltrated by ads pushing malware Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware. [...]
September 28, 2023		FBI: Dual ransomware attack victims now get hit within 48 hours The FBI has warned about a new trendÂ in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days. [...]
September 28, 2023		Cisco urges admins to fix IOS software zero-day exploited in attacks Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerabilityÂ targeted by attackers in the wild. [...]
September 28, 2023		Cisco Catalyst SD-WAN Manager flaw allows remote server access Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. [...]
September 28, 2023		Security researcher stopped at US border for investigating crypto scam Security researcher Sam Curry describes a stressful situation he encountered upon his return to the U.S. when border officials and federal agentsÂ seized and searched his electronic devices. Curry was further served with a 'Grand Jury' subpoenaÂ that demanded him to appear in court for testimony. [...]
June 23, 2022		Spyware vendor works with ISPs to infect iOS and Android users Google's Threat Analysis Group (TAG) revealed today that RCS Labs, an Italian spyware vendor, has received help from some Internet service providers (ISPs) to infect Android and iOS users in Italy and Kazakhstan with commercial surveillance tools. [...]
June 23, 2022		Microsoft aims to make Edge the go-to browser for gaming Microsoft wants to make Edge the go-to browser for gaming, with new features unveiled today, including a new gaming portal and the public release of its Clarity boost upscaling feature when using Xbox Cloud Gaming. [...]
June 23, 2022		Lithuania warns of rise in DDoS attacks against government sites The National Cyber Security Center (NKSC) of Lithuania has issued a public warning about a steep increase in distributed denial of service (DDoS) attacks directed against public authorities in the country. [...]
June 23, 2022		Malicious Windows 'LNK' attacks made easy with new Quantum builder Malware researchers have noticed a newÂ toolÂ that helpsÂ cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. [...]
June 23, 2022		Automotive hose maker Nichirin hit by ransomware attack Nichirin-Flex U.S.A, a subsidiary of theÂ Japanese car and motorcycle hose maker Nichirin, has been hit by a ransomware attack causing the company to take the network offline. [...]
June 23, 2022		Chinese hackers use ransomware as decoy for cyber espionage Two Chinese hacking groups conducting cyber espionage and stealing intellectual property from Japanese and western companies are deploying ransomware as a decoy to cover up their malicious activities. [...]
June 23, 2022		New MetaMask phishing campaign uses KYC lures to steal passphrases A new phishing campaign is targeting users on Microsoft 365 while spoofing the popular MetaMask cryptocurrency wallet provider and attempting to steal recovery phrases. [...]
June 23, 2022		Conti ransomware hacking spree breaches over 40 orgs in a month The Conti cybercrime syndicate runs one of the most aggressive ransomware operations and has grown highly organized, to the point that affiliates were able to hack more than 40 companies in a little over a month. [...]
June 22, 2022		NSA shares tips on securing Windows devices with PowerShell The National Security Agency (NSA) and cybersecurity partner agencies issued an advisory today recommending system administrators to use PowerShell to prevent and detect malicious activity on Windows machines. [...]
June 22, 2022		Chinese hackers target script kiddies with info-stealer trojan Cybersecurity researchers have discovered a new campaign attributed to the Chinese "Tropic Trooper" hacking group, which employs a novel loader called Nimbda and a new variant of the Yahoyah trojan. [...]
June 22, 2022		Microsoft: Russia stepped up cyberattacks against Ukraineâ€™s allies Microsoft said today that Russian intelligence agencies have stepped up cyberattacks against governments of countries that have allied themselves with Ukraine after Russia's invasion. [...]
June 22, 2022		Privacy-focused Brave Search grew by 5,000% in a year Brave Search, the browser developer's privacy-centric Internet search engine, is celebrating its first anniversary after surpassing 2.5 billion queries and seeing almost 5,000% growth in a year. [...]
June 22, 2022		MEGA fixes critical flaws that allowed the decryption of user data MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form. [...]
June 22, 2022		June Windows Server 2022 update adds support for WSL2 Microsoft says support for Windows Subsystem for Linux (WSL 2) distrosÂ can now be added to any machineÂ running Windows Server 2022 by installing this month's Patch TuesdayÂ updates. [...]
June 22, 2022		Microsoft reveals cause behind this weekâ€™s Microsoft 365 outage Microsoft has revealed that this week's Microsoft 365 worldwide outage was caused by an infrastructure power outage that led to traffic management servicing failovers in multiple regions. [...]
June 22, 2022		Critical PHP flaw exposes QNAP NAS devices to RCE attacks QNAP has warned customers today thatÂ many of its Network Attached Storage (NAS) devices are vulnerable to attacks that would exploit a three-year-oldÂ criticalÂ PHPÂ vulnerability allowing remote code execution. [...]
June 21, 2022		Yodel parcel company confirms cyberattack is disrupting delivery Services for the U.K.-based Yodel delivery service company have been disrupted due to a cyberattack that caused delays in parcel distribution and tracking orders online. [...]
June 21, 2022		7-zip now supports Windows â€˜Mark-of-the-Webâ€™ security feature 7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files. [...]
June 21, 2022		Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware The Ukrainian Computer Emergency Response Team (CERT) is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. [...]
June 21, 2022		Adobe Acrobat may block antivirus tools from monitoring PDF files Security researchers found that Adobe Acrobat is trying to block security software from having visibility into the PDF files it opens, creating a security risk for the users. [...]
June 21, 2022		Phishing gang behind millions in losses dismantled by police Members of aÂ phishing gang behindÂ millions of euros in losses were arrested today followingÂ a law enforcementÂ operation coordinated by the Europol.Â [...]
June 21, 2022		Massive Cloudflare outage caused by network configuration error Cloudflare says a massive outage that affectedÂ more than a dozen of its data centers and hundreds of major online platforms and services today was caused by a change that should have increased network resilience. [...]
June 21, 2022		Microsoft 365 outage affects Microsoft Teams and Exchange Online An ongoingÂ outage is affecting multiple Microsoft 365 services, with customers worldwide reporting delays, sign-in failures, and issues accessing their accounts. [...]
June 21, 2022		New ToddyCat APT group targets Exchange servers in Asia, Europe An advanced persistent threat (APT) group dubbed ToddyCat has been targeting Microsoft Exchange servers throughout Asia and Europe for more than a year, since at least December 2020. [...]
June 21, 2022		Icefall: 56 flaws impact thousands of exposed industrial devices A security report has been published on a set of 56 vulnerabilities that are collectively called IcefallÂ and affect operational technology (OT) equipment used in various critical infrastructure environments. [...]
June 20, 2022		Windows emergency update fixes Microsoft 365 issues on Arm devices Microsoft has released an out-of-band (OOB) Windows update to address a known issue that would causeÂ Azure Active Directory and Microsoft 365 sign-in issues on Arm devices after installing the June 2022 Patch TuesdayÂ updates. [...]
June 20, 2022		New DFSCoerce NTLM Relay attack allows Windows domain takeover A new Windows NTLM relay attack called DFSCoerce has been discovered that uses MS-DFSNM, Microsoft's Distributed File System, to completely take over a Windows domain. [...]
June 20, 2022		Recent Windows Server updates break VPN, RDP, RRAS connections This month'sÂ Windows Server updates are causing a wide range ofÂ issues for administrators, including VPN and RDP connectivity problems on serversÂ withÂ Routing and Remote Access Service (RRAS) enabled. [...]
June 20, 2022		Flagstar Bank discloses data breach impacting 1.5 million customers Flagstar Bank is notifying 1.5 million customers of a data breach where hackers accessed personal data during a December cyberattack. [...]
June 20, 2022		Windows 10 and Windows 11 downloads blocked in Russia People in Russia can no longer download Windows 10 and Windows 11 ISOs and installation tools from Microsoft, with no reason for the block provided by the company. [...]
June 20, 2022		New 'BidenCash' site sells your stolen credit card for just 15 cents A recently launched carding site calledÂ 'BidenCash'Â is trying to get notoriety by leaking credit card details along with information about their owners. [...]
June 20, 2022		Microsoft 365 credentials targeted in new fake voicemail campaign A new phishing campaign has been targeting U.S.Â organizationsÂ in the military, security software, manufacturing supply chain,Â healthcare and pharmaceutical sectors to steal Microsoft Office 365 and Outlook credentials. [...]
June 19, 2022		Google Chrome extensions can be fingerprinted to track you online A researcher has discovered how to use your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. [...]
June 19, 2022		Android-wiping BRATA malware is evolving into a persistent threat The threat actors operating the BRATA banking trojan have evolved their tactics and incorporated new information-stealing features into their malware. [...]
June 18, 2022		QNAP NAS devices targeted by surge of eCh0raix ransomware attacks This week aÂ new series of ech0raix ransomware has started targeting vulnerable QNAPÂ Network Attached StorageÂ (NAS) devices according to user reports and sample submissions on the ID-Ransomware platform. [...]
June 18, 2022		Browser extension lets you remove specific sites from search results The uBlackList browser extension lets you clean up search results by removing specific sites when searching on Google, DuckDuckGo, Bing, and other search engines. [...]
June 18, 2022		Wave of 'Matanbuchus' spam is infecting devices with Cobalt Strike Security researchers have noticed a new malicious spam campaign that delivers the 'Matanbuchus' malware to drop Cobalt Strike beacons on compromised machines. [...]
June 17, 2022		The Week in Ransomware - June 17th 2022 - Have I Been Ransomed? Ransomware operations are constantly evolving their tactics to pressure victims to pay. For example, this week, we saw a new extortion tactic come into play with the creation of dedicated websites to extort victims with searchable data. [...]
June 17, 2022		June Windows updates break Microsoft 365 sign-ins on Arm devices Microsoft is investigating a new known issue causing Azure Active Directory and Microsoft 365 sign-in issues on Arm devices after deploying the June 2022 Windows updates. [...]
June 17, 2022		Cisco says it wonâ€™t fix zero-day RCE in end-of-life VPN routers Cisco advises owners of end-of-life Small Business RV routers to upgrade to newer models after disclosing a remote code execution vulnerability that will not be patched. [...]
June 17, 2022		New Windows 11 privacy feature lists apps that used your microphone, camera Microsoft has recently added a new privacy feature thatÂ allows Windows 11 users to get a list of all the apps that have recently accessed theirÂ sensitive info and devices, including their camera, microphone, and contacts. [...]
June 17, 2022		Russian RSocks botnet disrupted after hacking millions of devices The U.S. Department of Justice has announced the disruption of the Russian RSocks malware botnet used to hijack millions of computers, Android smartphones, and IoT (Internet of Things) devices worldwide for use as proxy servers. [...]
June 17, 2022		QNAP 'thoroughly investigating' new DeadBolt ransomware attacks Network-attached storage (NAS) vendorÂ QNAPÂ once again warned customers on FridayÂ to secure their devices against a new campaign ofÂ attacks pushing DeadBolt ransomware. [...]
June 17, 2022		Microsoft: June Windows updates may break Wi-Fi hotspots Microsoft is investigating a newly acknowledged issue causing connectivity issues when using Wi-Fi hotspots after deploying Windows updates released during the June 2022 Patch Tuesday. [...]
June 16, 2022		Sophos Firewall zero-day bug exploited weeks before fix Chinese hackers used a zero-day exploit for a critical-severity vulnerability in Sophos Firewall to compromise a company and breach cloud-hosted web servers operated by the victim. [...]
June 16, 2022		iCloud hacker gets 9 years in prison for stealing nude photos A California man who hacked thousands of Apple iCloud accounts was sentenced to 8 years in prison after pleading guilty to conspiracy and computer fraud in October 2021. [...]
June 16, 2022		New MaliBot Android banking malware spreads as a crypto miner Threat analysts have discovered a new Android malware strain named MaliBot, which poses as a cryptocurrency mining app or the Chrome web browser to target users in Italy and Spain. [...]
June 16, 2022		730K WordPress sites force-updated to patch critical plugin bug WordPress sites using Ninja Forms, a forms builder plugin with more than 1 million installations, have been force-updated en masse this week to a new build that addresses a critical security vulnerability likely exploited in the wild. [...]
June 16, 2022		Anker Eufy smart home hubs exposed to RCE attacks by critical flaw Anker's central smart home device hub, Eufy Homebase 2, was vulnerable to three vulnerabilities, one of which is a critical remote code execution (RCE) flaw. [...]
June 16, 2022		New cloud-based Microsoft Defender for home now generally available Microsoft has announcedÂ today the general availability ofÂ Microsoft Defender for individuals, theÂ company's new security solution for personal phones and computers. [...]
June 16, 2022		MetaMask, Phantom warn of flaw that could steal your crypto wallets MetaMask and Phantom are warning of a new 'Demonic' vulnerability that could expose a crypto wallet's secret recovery phrase, allowing attackers to stealÂ NFTs and cryptocurrency stored within it. [...]
June 16, 2022		Revisit Your Password Policies to Retain PCI Compliance Organizations that are subject to the PCI regulations must carefully consider how best to address these new requirements. Some of the requirements are relatively easy to address. Even so, some of the new requirements go beyond what Windows native security mechanisms are capable of. Here is what you need to know. [...]
June 16, 2022		Microsoft Office 365 feature can help cloud ransomware attacks Security researchers are warning that threat actors could hijackÂ Office 365 accounts to encrypt for a ransom the files stored in SharePoint and OneDriveÂ services that companies use for cloud-based collaboration,Â document management and storage. [...]
June 15, 2022		Hackers exploit three-year-old Telerik flaws to deploy Cobalt Strike The threat actor known as 'Blue Mockingbird' has been observed by analysts targeting Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by hijacking system resources. [...]
June 15, 2022		Cisco Secure Email bug can let attackers bypass authentication Cisco notified customers this week to patch a critical vulnerability that could allow attackers to bypass authentication and login into the web management interface of Cisco email gateway appliances with non-default configurations. [...]
June 15, 2022		Zimbra bug allows stealing email logins with no user interaction Zimbra and SonarSource proceeded to the coordinated disclosure of a high-severity vulnerability that allows unauthenticated attackers to steal cleartext credentials from Zimbra without any user interaction. [...]
June 15, 2022		Extortion gang ransoms Shoprite, largest supermarket chain in Africa Shoprite Holdings, Africa's largest supermarket chain that operates almost three thousand stores across twelve countries in the continent, has been hit by a ransomware attack. [...]
June 15, 2022		Microsoft: Windows update to permanently disable Internet Explorer Microsoft confirmed today that a future Windows update will permanently disable the Internet Explorer web browser on users' systems. [...]
June 15, 2022		Citrix warns critical bug can let attackers reset admin passwords Citrix warned customersÂ to deploy security updates that address a critical Citrix Application Delivery Management (ADM) vulnerability that can let attackers reset admin passwords. [...]
June 15, 2022		Interpol seizes $50 million, arrests 2000 social engineers An international law enforcement operation,Â codenamed 'First Light 2022,' has seized 50 million dollars and arrested thousands of people involved in social engineering scams worldwide. [...]
June 15, 2022		InQuest Labs: Man + Machine vs Business Email Compromise (BEC) Attackers only have to be right once while defenders need to be right 100% of the time. To help combat this asymmetric disadvantage, InQuest provides an open research portal that combines crowdsourced efforts with machine learning to combat the likes of Bumblebee and other BEC related threats. [...]
June 15, 2022		New peer-to-peer botnet infects Linux servers with cryptominers A new peer-to-peer botnet named Panchan appeared in the wild around March 2022, targeting Linux servers in the education sectorÂ to mine cryptocurrency. [...]
June 15, 2022		Microsoft: June Windows Server updates may cause backup issues Microsoft says that some applications might fail to backup data using Volume Shadow Copy Service (VSS) after applying the June 2022 Patch Tuesday Windows updates. [...]
June 15, 2022		Thousands of GitHub, AWS, Docker tokens exposed in Travis CI logs For a second time in less than a year, the Travis CI platform for software development and testing has exposed user data containing authentication tokens that could give access to developers' accounts on GitHub, Amazon Web Services, and Docker Hub. [...]
June 14, 2022		Ransomware gang creates site for employees to search for their stolen data The ALPHV ransomware gang, aka BlackCat, has brought extortion to a new level by creating a dedicated website that allows the customers and employees of their victim to check if their data was stolen in an attack [...]
June 14, 2022		New Hertzbleed side-channel attack affects Intel, AMD CPUs A new side-channel attack known as Hertzbleed allows remote attackers to stealÂ full cryptographic keys by observing variations in CPU frequency enabled byÂ dynamic voltageÂ and frequency scaling (DVFS). [...]
June 14, 2022		Android malware on the Google Play Store gets 2 million downloads Cybersecurity researchers have discovered adware and information-stealing malware on the Google Play Store last month, with at least five still available and having amassed over two million downloads. [...]
June 14, 2022		Windows 11 KB5014697 update adds Spotlight for Desktop, fixes 33 bugs Microsoft has released the Windows 11 KB5014697 cumulative update with security updates, improvements, and the new Spotlight for Desktop feature that automatically changes your desktop background. [...]
June 14, 2022		Windows 10 KB5014699 and KB5014692 updates released Microsoft has released the Windows 10 KB5014699 and KB5014692 cumulative updates for versions 21H2, version 21H1, version 20H2, and 1809 to fix security vulnerabilities and resolve bugs. [...]
June 14, 2022		Microsoft patches actively exploited Follina Windows zero-day Microsoft has released security updates with the June 2022 cumulative Windows Updates to address a critical Windows zero-day vulnerability known as Follina and actively exploited in ongoing attacks. [...]
June 14, 2022		Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws Today is Microsoft's June 2022 Patch Tuesday, and with it comes fixes for 55 vulnerabilities, including fixes for the Windows MSDT 'Follina' zero-day vulnerability and new Intel MMIOÂ flaws. [...]
June 14, 2022		Owner of â€˜DownThemâ€™ DDoS service gets 2 years in prison Matthew Gatrel, 33, a citizen of Illinois, has been sentenced to two years in prison for operating platforms offering DDoS (distributed denial of service) services to subscribers. [...]
June 14, 2022		Firefox now blocks cross-site tracking by default for all users Mozilla says that startingÂ today, all Firefox users will now be protected by default against cross-site trackingÂ while browsing the Internet. [...]
June 14, 2022		Cloudflare mitigates record-breaking HTTPS DDoS attack Internet infrastructure firm CloudflareÂ said today that itÂ mitigated aÂ 26 million request per second distributed denial-of-service (DDoS)Â attack, the largest HTTPS DDoS attack detected to date. [...]
June 13, 2022		Kaiser Permanente data breach exposes health data of 69K people Kaiser Permanente,Â one of America'sÂ leading not-for-profit health plans and health care providers, has recently disclosed a data breach that exposed the health informationÂ of more than 69,000 individuals. [...]
June 13, 2022		Gallium hackers backdoor finance, govt orgs using new PingPull malware The Gallium state-sponsored hacking group has been spotted using a new 'PingPull' remote access trojan againstÂ financial institutions and government entities inÂ Europe, Southeast Asia, and Africa. [...]
June 13, 2022		Internet Explorer (almost) breathes its final byte on Wednesday Microsoft will finally end support for Internet Explorer on multiple Windows versions on Wednesday, June 15, almost 27 years after its launch onÂ August 24, 1995. [...]
June 13, 2022		Hackers clone Coinbase, MetaMask mobile wallets to steal your crypto Security researchers have uncovered a large-scale malicious operation that uses trojanizedÂ mobileÂ cryptocurrency wallet applications for Coinbase, MetaMask, TokenPocket, and imToken services. [...]
June 13, 2022		Metasploit 6.2.0 improves credential theft, SMB support features, more â€‹Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was released in August 2021. [...]
June 13, 2022		Microsoft: Exchange servers hacked to deploy BlackCat ransomware Microsoft saysÂ BlackCat ransomware affiliates are now attacking Microsoft Exchange serversÂ using exploits targetingÂ unpatched vulnerabilities. [...]
June 13, 2022		New Syslogk Linux rootkit uses magic packets to trigger backdoor A new rootkit malware named 'Syslogk' has been spotted in the wild, and it features advanced process and file hiding techniques that make detection highly unlikely. [...]
June 13, 2022		Russian hackers start targeting Ukraine with Follina exploits Ukraine's Computer Emergency Response Team (CERT) is warning that the Russian hacking group Sandworm may be exploiting Follina, a remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool (MSDT) currently tracked as CVE-2022-30190. [...]
June 12, 2022		PyPI package 'keep' mistakenly included a password stealer PyPI packages 'keep,' 'pyanxdns,' 'api-res-py' were found toÂ containÂ aÂ password-stealer and a backdoor due to the presence of malicious 'request' dependency within someÂ versions. [...]
June 12, 2022		New Vytal Chrome extension hides location info that your VPN can't A new Google Chrome browser extension called Vytal prevents webpages from using programming APIs to find your geographic location leaked, even when using a VPN. [...]
June 12, 2022		Hello XD ransomware now drops a backdoor while encrypting Cybersecurity researchers report increased activity of the Hello XD ransomware, whose operators are now deploying an upgraded sample featuring stronger encryption. [...]
June 11, 2022		WiFi probing exposes smartphone users to tracking, info leaks Researchers at the University of Hamburg in Germany have conducted a field experiment capturing hundreds of thousands of passersby's WiFi connection probe requests to determine the type of data transmitted without the device owners realizing it. [...]
June 11, 2022		Confluence servers hacked to deploy AvosLocker, Cerber2021 ransomware Ransomware gangs are now targetingÂ a recently patchedÂ and actively exploited remote code execution (RCE) vulnerability affectingÂ Atlassian Confluence Server and Data Center instancesÂ for initial access to corporate networks. [...]
June 10, 2022		The Week in Ransomware - June 10th 2022 - Targeting Linux It has been relatively quiet this week with many companies and researchers at the RSA conference. However, we still had some interesting ransomware reports released this week. [...]
June 10, 2022		New PACMAN hardware attack targets Macs with Apple M1 CPUs A new hardware attack targeting Pointer Authentication in Apple M1 CPUs with speculative execution enables attackers to gain arbitrary code execution on Mac systems. [...]
June 10, 2022		Iranian hackers target energy sector with new DNS backdoor The Iranian Lycaeum APT hacking group uses a new .NET-based DNS backdoor to conduct attacks on companies in the energy and telecommunication sectors. [...]
June 10, 2022		Hackers exploit recently patched Confluence bug for cryptomining A cryptomining hacking group has been observed exploiting the recently disclosed remote code execution flaw in Atlassian Confluence servers to install miners on vulnerable servers. [...]
June 9, 2022		Microsoft starts rolling out Windows 11 File Explorer tabs Microsoft is finally rolling out the new File Explorer tabbed interface with the release ofÂ Windows 11 Insider Preview Build 25136 to the Dev Channel. [...]
June 9, 2022		Bizarre ransomware sells decryptor on Roblox Game Pass store A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's in-game Robux currency. [...]
June 9, 2022		New Notepad, Media Player updates out for Windows 11 Insiders Microsoft has announced that the Windows 11 Notepad and Media Player applications are getting some new updates for Windows Insiders. [...]
June 9, 2022		Microsoft Defender now isolates hacked, unmanaged Windows devices Microsoft has announced a new feature for Microsoft Defender for Endpoint (MDE) toÂ help organizations prevent attackers and malware from using compromised unmanaged devices to move laterally through the network. [...]
June 9, 2022		Vice Society ransomware claims attack on Italian city of Palermo The Vice Society ransomware group has claimed responsibility for the recent cyber attack on the city of Palermo in Italy, which has caused a large-scale service outage. [...]
June 9, 2022		Dark web sites selling Western weapons allegedly sent to Ukraine Several weapon marketplaces on the dark web have listed military-grade firearms allegedly coming from Western countries that sent them to support the Ukrainian army in its fight against the Russian invaders. [...]
June 9, 2022		New Symbiote malware infects all running processes on Linux systems Threat analysts have discovered a new malware targeting Linux systems that operates as a symbiote in the host, blending perfectly with running processes and network traffic to steal account credentials and give its operators backdoor access. [...]
June 9, 2022		Chinese hacking group Aoqin Dragon quietly spied orgs for a decade A previously unknown Chinese-speaking threat actor has been uncovered by threat analysts SentinelLabs who were able to link it to malicious activity going as far back as 2013. [...]
June 8, 2022		Kali Linux team to stream free penetration testing course on Twitch Offensive Security, the creators of Kali Linux, announced today that they would be offering free access to their live-streamed 'Penetration Testing with Kali Linux (PEN-200/PWK)' training course later this month. [...]
June 8, 2022		Massive Facebook Messenger phishing operation generates millions Researchers have uncovered a large-scale phishing operation that abused Facebook and Messenger to lure millions of users to phishing pages, tricking them into entering their account credentials and seeing advertisements. [...]
June 8, 2022		Linux botnets now exploit critical Atlassian Confluence bug Several botnets are now using exploits targeting a critical remote code execution (RCE) vulnerability to infectÂ Linux servers running unpatched Atlassian Confluence Server and Data CenterÂ installs. [...]
June 8, 2022		Emotet malware now steals credit cards from Google Chrome users The Emotet botnet is now attempting to infect potential victims with a credit card stealer module designed to harvest credit card information stored in Google Chrome user profiles. [...]
June 8, 2022		Cuba ransomware returns to extorting victims with updated encryptor The Cuba ransomware operation has returned to regular operations with a new version of its malware found used in recent attacks. [...]
June 8, 2022		Poisoned CCleaner search results spread information-stealing malware Malware that steals your passwords, credit cards, and crypto wallets is being promoted through search results for a pirated copy of the CCleaner Pro Windows optimization program. [...]
June 7, 2022		Surfshark, ExpressVPN pull out of India over data retention laws Surfshark announced today they are shutting down its VPN (virtual private network) services in India in response to the new requirements in the country that demand all providers to keep customer logs for 180 days. [...]
June 7, 2022		Telegram to soon launch its premium plan at $4.99 per month In addition to official advertisements in the messaging app, Telegram is also bringing a new premium subscription to the messaging app. [...]
June 7, 2022		US seizes SSNDOB market for selling personal info of 24 million people SSNDOB, an online marketplace that sold the names, social security numbers, and dates of birth of approximately 24 million US people, has been taken offline following an international law enforcement operation. [...]
June 7, 2022		US: Chinese govt hackers breached telcos to snoop on network traffic Several US federal agencies today revealed that Chinese-backed threat actors have targeted and compromised major telecommunications companies and network service providers to steal credentials and harvest data. [...]
June 7, 2022		New SVCReady malware loads from Word doc properties A previously unknown malware loader named SVCReady has been discovered in phishing attacks, featuring an unusual way of loading the malware from Word documents onto compromised machines. [...]
June 7, 2022		Qbot malware now uses Windows MSDT zero-day in phishing attacks A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being actively exploited in ongoing phishing attacks to infect recipients with Qbot malware. [...]
June 7, 2022		Linux version of Black Basta ransomware targets VMware ESXi servers Black Basta is the latest ransomware gang to add support for encryptingÂ VMware ESXi virtual machines running on enterprise Linux servers. [...]
June 7, 2022		Windows 11 22H2 closer to release, lands in the Release channel Microsoft has moved Windows 11, version 22H2, to the Windows Insider Release channel, indicating that it is in its final round of testing before it's likely released this fall. [...]
June 7, 2022		New â€˜DogWalkâ€™ Windows zero-day bug gets free unofficial patches Free unofficial patches for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT) have been released today through the 0patch platform.Â [...]
June 7, 2022		Online gun shops in the US hacked to steal credit cards Rainier Arms and Numrich Gun Parts, two American gun shops that operate e-commerce sites on rainierarms.com and gunpartscorp.com, have disclosed data breach incidents resulting from card skimmer infections on their sites. [...]
June 7, 2022		Shields Health Care Group data breach affects 2 million patients Shields Health Care Group (Shields)Â suffered a data breach that exposed the data of approximately 2,000,000 people in the United States after hackers breached their network and stole data. [...]
June 7, 2022		Why Netflix isn't the Only One Bummed About Password Sharing Carnegie Mellen found that as much as 28% of end-users willingly share passwords with others, and a Specops study found that of those who share passwords 21% of people don't know who else their password has been shared with. That's a lot of sharing going on. [...]
June 7, 2022		Android June 2022 updates bring fix for critical RCE vulnerability Google has released the June 2022 security updates for Android devices running OS versions 10, 11, and 12, fixing 41 vulnerabilities, five rated critical. [...]
June 6, 2022		QBot now pushes Black Basta ransomware in bot-powered attacks The Black Basta ransomware gang has partnered with the QBot malware operation to gain spread laterally through hacked corporate environments. [...]
June 6, 2022		Mandiant: â€œNo evidenceâ€ we were hacked by LockBit ransomware American cybersecurity firm Mandiant is investigating LockBit ransomware gang's claims that they hacked the company's network and stole data. [...]
June 6, 2022		Microsoft bug banned Rewards accounts when redeeming points Microsoft has fixed a bug where the Microsoft Rewards accounts of customers who redeemed points would get suspended without warning. [...]
June 6, 2022		Ransomware gangs now give victims time to save their reputation Threat analysts have observed an unusual trend in ransomware group tactics, reporting that initial phases of victim extortion are becoming less open to the public as the actors tend to use hidden or anonymous entries. [...]
June 6, 2022		Windows zero-day exploited in US local govt phishing attacks European governments and US local governments were the targets of a phishing campaign using malicious Rich Text Format (RTF) documents designed to exploit a critical Windows zero-day vulnerability known as Follina. [...]
June 6, 2022		Italian city of Palermo shuts down all systems to fend off cyberattack The municipality of Palermo in Southern Italy suffered a cyberattack on Friday, which appears to have had a massive impact on a broad range of operations and services to both citizens and visiting tourists. [...]
June 5, 2022		Exploit released for Atlassian Confluence RCE bug, patch now Proof-of-concept exploits for the actively exploited critical CVE-2022-26134 vulnerability impacting Atlassian Confluence and Data Center servers have been widely released this weekend. [...]
June 5, 2022		Evasive phishing mixes reverse tunnels and URL shortening services Security researchers are seeing an uptick in the use of reverse tunnel services along with URL shortenersâ€‹â€‹â€‹â€‹â€‹â€‹â€‹Â for large-scale phishing campaigns, making the malicious activity more difficult to stop. [...]
June 5, 2022		Microsoft: Windows Autopatch now available for public preview Microsoft has announced this week thatÂ Windows Autopatch, a service to automatically keep Windows and Microsoft 365Â software up to date in enterprise environments, has now reached public preview. [...]
June 4, 2022		Bored Ape Yacht Club, Otherside NFTs stolen in Discord server hack Hackers reportedly stole over $257,000 in Ethereum and thirty-two NFTs after the Yuga Lab's Bored Ape Yacht Club and Otherside Metaverse Discord servers were compromised to post a phishing scam. [...]
June 4, 2022		Windows 11 'Restore Apps' feature will make it easier to set up new PCs Microsoft is working on a new 'Restore Apps' feature for Windows 11 that will allow users to quickly reinstall all of their previously installed apps from the Microsoft Store on a new or freshly installed PC. [...]
June 4, 2022		Apple blocked 1.6 millions apps from defrauding users in 2021 Apple said this week that itÂ blocked more than 343,000 iOS apps were blocked by the App StoreÂ App Review team for privacy violations last year, while another 157,000 were rejected for attempting to mislead or spammingÂ iOS users. [...]
June 4, 2022		SMSFactory Android malware sneakily subscribes to premium services Security researchers are warning of an Android malware named SMSFactoryÂ that adds unwanted costs to the phone bill by subscribing victims to premium services. [...]
June 3, 2022		The Week in Ransomware - June 3rd 2022 - Evading sanctions Ransomware gangs continue to evolve their operations as victims refuse to pay ransoms due to sanctions or other reasons. [...]
June 3, 2022		Novartis says no sensitive data was compromised in cyberattack Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. [...]
June 3, 2022		WatchDog hacking group launches new Docker cryptojacking campaign â€‹The WatchDog hacking group is conducting a new cryptojacking campaign with advanced techniques for intrusion, worm-like propagation, and evasion of security software. [...]
June 3, 2022		Atlassian fixes Confluence zero-day widely exploited in attacks Atlassian has released security updates to address a critical zero-day vulnerability inÂ Confluence Server and Data Center actively exploited in the wild to backdoor Internet-exposed servers. [...]
June 3, 2022		Americans report losing over $1 billion to cryptocurrency scams The U.S. Federal Trade Commission (FTC) says over 46,000 people Americans have reported losing more than $1 billion worth of cryptocurrency to scams between January 2021 and March 2022. [...]
June 3, 2022		Microsoft disrupts Bohrium hackersâ€™ spear-phishing operation The Microsoft Digital Crimes Unit (DCU) has disrupted a spear-phishing operation linked to an Iranian threat actor tracked as Bohrium that targeted customers in the U.S., Middle East, and India. [...]
June 3, 2022		GitLab security update fixes critical account take over flaw GitLab has released a critical security update for multiple versions of its Community and Enterprise Edition products to address eight vulnerabilities, one of which allows account takeover. [...]
June 2, 2022		Critical Atlassian Confluence zero-day actively used in attacks Hackers are actively exploiting a new Atlassian Confluence zero-day vulnerability tracked as CVE-2022-26134 to install web shells, with no fix available at this time. [...]
June 2, 2022		Windows 10 KB5014023 update fixes slow copying, app crashes Microsoft has released optional cumulative update previews for Windows 10 versions 20H2, 21H1, and 21H2, with fixes for slow file copying and applications crashing due toÂ Direct3D issues. [...]
June 2, 2022		Top 10 Android banking trojans target apps with 1 billion downloads The ten most prolific Android mobile banking trojans target 639 financial applications that collectively have over one billion downloads on the Google Play Store. [...]
June 2, 2022		Evil Corp switches to LockBit ransomware to evade sanctions The Evil Corp cybercrime group has now switched to deploying LockBit ransomware on targets' networks to evade sanctions imposed by the U.S. Treasury Department's Office of Foreign Assets Control (OFAC). [...]
June 2, 2022		Ransomware gang now hacks corporate websites to show ransom notes A ransomware gang is taking extortion to a new level by publicly hacking corporate websites to publicly display ransom notes. [...]
June 2, 2022		Microsoft blocks Polonium hackers from using OneDrive in attacks Microsoft saidÂ it blocked aÂ Lebanon-based hacking group it tracks as Polonium from using theÂ OneDriveÂ cloud storage platform for data exfiltration and command and control while targeting and compromisingÂ Israelian organizations. [...]
June 2, 2022		Chinese LuoYu hackers deploy cyber-espionage malware via app updates A Chinese-speaking hacking group known asÂ LuoYu is infecting victims WinDealerÂ information stealer malware deployed by switching legitimateÂ app updatesÂ with malicious payloads in man-on-the-side attacks. [...]
June 2, 2022		Conti ransomware targeted Intel firmware for stealthy attacks Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. [...]
June 2, 2022		Clipminer malware gang stole $1.7M by hijacking crypto payments Threat analysts have discovered a large operation of a new cryptocurrency mining malware called Clipminer that brought its operators at least $1.7 million from transaction hijacking. [...]
June 2, 2022		Foxconn confirms ransomware attack disrupted production in Mexico Foxconn electronics manufacturer has confirmed that one of its Mexico-based production plants has been impacted by a ransomware attack in late May. [...]
June 1, 2022		New Windows Search zero-day added to Microsoft protocol nightmare A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hostedÂ malware executables simply by launching a Word document. [...]
June 1, 2022		Former OpenSea head of product charged with NFT insider trading Nathaniel Chastain, a former product manager at OpenSea, the largest online non-fungible token (NFT) marketplace, has been arrested and charged by the U.S. Department of Justice (DOJ) with NFT insider trading. [...]
June 1, 2022		Hundreds of Elasticsearch databases targeted in ransom attacks A campaign targeting poorly secured Elasticsearch databases has deleted their contents and dropped ransom notes on 450 instances, demanding a payment of $620 to give them back their indexes, totaling a demand of $279,000. [...]
June 1, 2022		FBI seizes domains used to sell stolen data, DDoS services The Federal Bureau of Investigation (FBI) andÂ the U.S. Department of Justice announced today the seizure of three domains used by cybercriminals to sell personal info stolen in data breaches and to provide DDoS attack services. [...]
June 1, 2022		US govt: Paying Karakurt extortion ransoms wonâ€™t stop data leaks Several U.S. federal agencies warned organizations today against paying ransom demands made by the Karakurt gang since that will not prevent their stolen data from being sold to others.Â [...]
June 1, 2022		RuneScape phishing steals accounts and in-game item bank PINs Cybersecurity researchers have discovered a new RuneScape-themed phishing campaign, and it stands out among the various operations for being exceptionally well-crafted. [...]
June 1, 2022		Windows MSDT zero-day vulnerability gets free unofficial patch A free unofficial patch is now available to blockÂ ongoing attacks against Windows systems that target a critical zero-day vulnerability known as 'Follina.' [...]
June 1, 2022		FluBot Android malware operation shutdown by law enforcement Europol has announced the takedown of the FluBot operation, one of the largest and fastest-growing Android malware operations in existence. [...]
June 1, 2022		SideWinder hackers plant fake Android VPN app in Google Play Store Phishing campaigns attributed to an advanced threat actor called SideWinder involved a fake VPN app for Android devices published on Google Play Store along with a custom tool that filters victims for better targeting. [...]
June 1, 2022		Ransomware attacks need less than four days to encrypt systems The duration of ransomware attacks in 2021 averaged 92.5 hours, measured from initial network access to payload deployment. In 2020, ransomware actors spent an average ofÂ 230 hours to complete their attacks and 1637.6 hours in 2019. [...]
June 1, 2022		Telegramâ€™s blogging platform abused in phishing attacks Telegram's anonymous blogging platform, Telegraph, is being actively exploited by phishing actors who take advantage of the platform's lax policies to set up interim landing pages that lead to the theft of account credentials. [...]
May 31, 2022		Hackers steal WhatsApp accounts using call forwarding trick There's a trick that allows attackers to hijack a victim's WhatsApp account and gain access to personal messages and contact list. [...]
May 31, 2022		Windows MSDT zero-day now exploited by Chinese APT hackers Chinese-linked threat actors are now actively exploiting a Microsoft Office zero-day vulnerability (known as 'Follina') to execute malicious code remotely on Windows systems. [...]
May 31, 2022		Over 3.6 million MySQL servers found exposed on the Internet â€‹Over 3.6 million MySQL servers are publicly exposed on the Internet and responding to queries, making them an attractive target to hackers and extortionists. [...]
May 31, 2022		FBI warns of Ukrainian charities impersonated to steal donations Scammers are claiming to be collecting donations to help Ukrainian refugees and war victims while impersonating legitimate Ukrainian humanitarian aid organizations, according to the Federal Bureau of Investigation (FBI). [...]
May 31, 2022		Costa Ricaâ€™s public health agency hit by Hive ransomware All computer systems on the network of Costa Rica's public health serviceÂ (known as Costa Rican Social Security Fund or CCCS) are now offline following a Hive ransomware attack that hit them this morning. [...]
May 31, 2022		New XLoader botnet uses probability theory to hide its servers Threat analysts have spotted a new version of the XLoader botnet malware that uses probability theory to hide its command and control servers, making it difficult to disrupt the malware's operation. [...]
May 31, 2022		Aligning Your Password Policy enforcement with NIST Guidelines Although most organizations are not required by law to comply with NIST standards, it is usually in an organization's best interest to follow NIST's cybersecurity standards. This is especially true for NIST's password guidelines. [...]
May 31, 2022		Microsoft shares mitigation for Office zero-day exploited in attacks Microsoft has shared mitigation measures to block attacks exploiting a newly discovered Microsoft Office zero-day flaw abused in the wild to execute malicious code remotely. [...]
May 30, 2022		Vodafone plans carrier-level user tracking for targeted ads Vodafone isÂ piloting a new advertising ID system called TrustPid, which will work as a persistent user tracker at the mobile Internet Service Provider (ISP) level. [...]
May 30, 2022		Italy warns organizations to brace for incoming DDoS attacks The Computer Security Incident Response Team in Italy issued an urgent alert yesterday to raise awareness about the high risk of cyberattacks against national bodies and organizations on Monday. [...]
May 30, 2022		Google quietly bans deepfake training projects on Colab Google has quietly banned deepfake projects on its Colaboratory (Colab) service, putting an end to the large-scale utilization of the platform's resources for this purpose. [...]
May 30, 2022		Three Nigerians arrested for malware-assisted financial crimes Interpol has announced the arrest of three Nigerian men in Lagos, who are suspected of using remote access trojans (RATs) to reroute financial transactions and steal account credentials. [...]
May 30, 2022		New Microsoft Office zero-day used in attacks to execute PowerShell Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute malicious PowerShell commands viaÂ Microsoft Diagnostic ToolÂ (MSDT) simply by opening a Word document. [...]
May 29, 2022		EnemyBot malware adds exploits for critical VMware, F5 BIG-IP flaws EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently disclosed critical vulnerabilities in web servers, content management systems, IoT, and Android devices. [...]
May 29, 2022		Mobile trojan detections rise as malware distribution level declines Kaspersky's quarterly report on mobile malware distribution records a downward trend that started at the end of 2020, detecting one-third of the malicious installations reported in Q1 2021, and about 85% of those counted in Q4 2021. [...]
May 29, 2022		New Yorker imprisoned for role in carding group behind $568M damages John Telusma, a 37-year-old man from New York, was sentenced to four years in prison for selling and using stolen and compromised credit cards on theÂ InfraudÂ carding portal operated byÂ the transnational cybercrime organization with the same name. [...]
May 28, 2022		Microsoft: The new Windows 11 features from Build 2022 During the Build 2022 developer conference, Microsoft announced a number of new features for Windows 11, including an improved Windows Subsystem for Android (WSA) and more. [...]
May 28, 2022		Clop ransomware gang is back, hits 21 victims in a single month After effectively shutting down their entire operation for several months, between November and February, the Clop ransomware is now back according to NCC Group researchers. [...]
May 28, 2022		New Windows Subsystem for Linux malware steals browser auth cookies Hackers are showing an increased interest in the Windows Subsystem for Linux (WSL) as an attack surface as they build new malware, the more advanced samples being suitable for espionage and downloading additional malicious modules. [...]
May 27, 2022		FBI warns of hackers selling credentials for U.S. college networks Cybercriminals are offering to sell for thousands of U.S. dollars network access credentials for higher education institutions based in the United States. [...]
May 27, 2022		GitHub: Attackers stole login details of 100K npm user accounts GitHub revealed today that an attacker stole the login details of roughly 100,000 npm accounts during a mid-April security breach with the help ofÂ stolen OAuth app tokens issued to Heroku and Travis-CI. [...]
May 27, 2022		Microsoft finds severe bugs in Android apps from large mobile providers Microsoft security researchers have found high severity vulnerabilities in a framework used by AndroidÂ apps from multiple large international mobile service providers. [...]
May 27, 2022		Microsoft to force better security defaults for all Azure AD tenants Microsoft has announced that it will force enable stricterÂ secure default settings known as 'security defaults' on all existingÂ Azure Active Directory (Azure AD) tenantsÂ starting in late June 2022. [...]
May 27, 2022		BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state Austrian federal state Carinthia has been hit by the BlackCatÂ ransomware gang, also known as ALPHV, who demanded aÂ $5 million to unlock the encrypted computer systems. [...]
May 26, 2022		Intuit warns of QuickBooks phishing threatening to suspend accounts Tax software vendor Intuit has warned that QuickBooks customers are being targeted in an ongoing series of phishing attacks impersonating the company and trying to lure them with fake account suspension warnings. [...]
May 26, 2022		Microsoft: Windows 11 22H2 has reached RTM with build 22621 Microsoft's Windows Hardware Compatibility Program has confirmed that Windows 11 22H2 build 22621 is the Released to Manufacturing (RTM) build, meaning that the development of Window's 11 next feature update is ready for release. [...]
May 26, 2022		Windows 11 KB5014019 breaks Trend Micro ransomware protection This week'sÂ Windows optional cumulative update previews have introduced a compatibility issue with some of Trend Micro's security products that breaks some of their capabilities, including theÂ ransomware protection feature. [...]
May 26, 2022		OAS platform vulnerable to critical RCE and API access flaws Threat analysts have disclosed vulnerabilities affecting the Open Automation Software (OAS) platform, leading to device access, denial of service, and remote code execution. [...]
May 26, 2022		Exploit released for critical VMware auth bypass bug, patch now Proof-of-concept exploit code is now available online for a critical authentication bypass vulnerability in multiple VMware products that allows attackers to gain admin privileges. [...]
May 26, 2022		Microsoft shares mitigation for Windows KrbRelayUp LPE attacks Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enableÂ attackers to gain SYSTEM privileges on Windows systems with default configurations. [...]
May 26, 2022		Zyxel warns of flaws impacting firewalls, APs, and controllers Zyxel has published a security advisory to warn admins about multiple vulnerabilities affecting a wide range of firewall, AP, and AP controller products. [...]
May 26, 2022		Google shut down caching servers at two Russian ISPs Two Russian internet service providers (ISPs) have received notices from Google that the global caching servers on their network have been disabled. [...]
May 26, 2022		Industrial Spy data extortion market gets into the ransomware game The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...]
May 26, 2022		New ERMAC 2.0 Android malware steals accounts, wallets from 467 apps The ERMAC Android banking trojan has released version 2.0, increasing the number of applications targeted from 378 to 467, covering a much wider range of apps to steal account credentials and crypto wallets. [...]
May 25, 2022		FTC fines Twitter $150M for using 2FA info for targeted advertising The Federal Trade Commission has fined Twitter $150 million for using phone numbers and email addresses collected to enable two-factor authentication for targeted advertising. [...]
May 25, 2022		Microsoft adds support for WSL2 distros on Windows Server 2022 Microsoft has announced thatÂ Windows Subsystem for Linux (WSL2) distros are now supported on Windows Server 2022 after installing this week's cumulative update previews. [...]
May 25, 2022		New â€˜Cheersâ€™ Linux ransomware targets VMware ESXi servers A new ransomware named 'Cheers' has appeared in the cybercrime space and has started its operations by targeting vulnerable VMware ESXi servers. [...]
May 25, 2022		Microsoft adds Office subscriptions to Windows 11 account settings Microsoft has improved the account settings in the latest Windows 11 preview build, a settings page that now lists Office subscriptions linked to the user's Microsoft 365 account. [...]
May 25, 2022		New ChromeLoader malware surge threatens browsers worldwide The ChromeLoader malware is seeing an uptick in detections this month, following a relatively stable operation volume since the start of the year, which means that the malvertiser is now becoming a widespread threat. [...]
May 25, 2022		Tails 5.0 Linux users warned against using it "for sensitive information" Tails developers have warned users to stop using the portable Debian-based Linux distro until the next release if they're entering or accessing sensitive information using the bundled Tor Browser application. [...]
May 25, 2022		Darknet market Versus shuts down after hacker leaks security flaw â€‹The Versus Market, one of the most popular English-speaking criminal darknet markets, is shutting down after discovering a severe exploit that could have allowed access to its database and exposed the IP address of its servers. [...]
May 25, 2022		Is 100% Cybersecurity Readiness Possible? Medical Device Pros Weigh In As medical devices become more connected and reliant on software, their codebase grows both in size and complexity, and they are increasingly reliant on third-party and open source software components. Learn more from 150 senior decision makers who oversee product security or cybersecurity compliance in the medical device industry, [...]
May 25, 2022		Hacker says hijacking libraries, stealing AWS keys was ethical research The hacker of 'ctx' and 'PHPass' libraries has now broken silence and explained the reasons behind this hijack to BleepingComputer. According to the hacker, this was a bug bounty exercise and no malicious activity was intended. [...]
May 25, 2022		Interpol arrests alleged leader of the SilverTerrier BEC gang After a year-long investigation that involved Interpol and several cybersecurity companies, the Nigeria Police Force has arrested an individual believed to be in the top ranks of a prominent business email compromise (BEC) group known as SilverTerrier or TMT. [...]
May 25, 2022		SpiceJet airline passengers stranded after ransomware attack Indian low-cost airline SpiceJet has informed its customers of an attempted ransomware attack that has impacted some of its systems and caused delays on flight departures today. [...]
May 25, 2022		BPFDoor malware uses Solaris vulnerability to get root privileges New research into the inner workings of theÂ stealthy BPFdoor malwareÂ for Linux and Solaris reveals that the threat actor behind it leveraged an old vulnerability to achieve persistence on targeted systems. [...]
May 24, 2022		Windows 11 KB5014019 update fixes app crashes, slow copying Microsoft has released optional cumulative update previews for Windows 11, Windows 10 version 1809, and Windows Server 2022, with fixes for Direct3D issues impactingÂ client and server systems. [...]
May 24, 2022		DuckDuckGo browser allows Microsoft trackers due to search agreement The privacy-focused DuckDuckGo browser purposely allows Microsoft trackers on third-party sites due to an agreement in their syndicated search content contract between the two companies. [...]
May 24, 2022		Mozilla fixes Firefox, Thunderbird zero-days exploited at Pwn2Own Mozilla has released security updates for multiple products to address zero-day vulnerabilities exploited during theÂ Pwn2Own Vancouver 2022 hacking contest. [...]
May 24, 2022		Hackers target Russian govt with fake Windows updates pushing RATs Hackers are targeting Russian government agencies with phishing emails that pretend to be Windows security updates and other lures to install remote access malware. [...]
May 24, 2022		Microsoft: Credit card stealers are getting much stealthier Microsoft's security researchers have observed a worrying trend in credit card skimming, where threat actors employ more advanced techniques to hide their malicious info-stealing code. [...]
May 24, 2022		CISA adds 41 vulnerabilities to list of bugs used in cyberattacks The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 vulnerabilities to its catalog of known exploited flaws over the past two days, including flaws for the Android kernel and Cisco IOS XR. [...]
May 24, 2022		US Senate: Govtâ€™s ransomware fight hindered by limited reporting A report published today by U.S. Senator Gary Peters, Chairman of the Senate Homeland Security and Governmental Affairs Committee, says law enforcement and regulatory agencies lack insight into ransomware attacks to fight against them effectively. [...]
May 24, 2022		Screencastify Chrome extension flaws allow webcam hijacks The popular Screencastify Chrome extension has fixed a vulnerability that allowed malicious sites to hijack users' webcams and steal recorded videos. However, security flaws still exist that could be exploited by unscrupulous insiders. [...]
May 24, 2022		Trend Micro fixes bug Chinese hackers exploited for espionage Trend Micro says it patched a DLL hijacking flaw in Trend Micro Security used by a Chinese threat group to side-load malicious DLLsÂ and deploy malware. [...]
May 24, 2022		Researchers to release exploit for new VMware auth bypass, patch now Proof-of-concept exploit code is about to be published for a vulnerability that allows administrative access without authentication in several VMware products. [...]
May 24, 2022		Popular PyPI and PHP libraries hijacked to steal AWS keys PyPIÂ module 'ctx' that gets downloaded over 20,000 times a week has been compromised in a software supply chain attack with malicious versions stealing the developer's environment variables. Additionally, versions of a 'phpass' fork published to the PHP/Composer package repository PackagistÂ had been altered to steal secrets. [...]
May 23, 2022		GM credential stuffing attack exposed car owners' personal info US car manufacturer GM disclosed that it was the victim of a credential stuffing attack last month that exposed customer information and allowed hackers to redeem rewards points for gift cards. [...]
May 23, 2022		Fake Windows exploits target infosec community with Cobalt Strike A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. [...]
May 23, 2022		Photos of abused victims used in new ID verification scam Scammers are now leveraging dating apps like Tinder and Grindr to pose themselves as former victims ofÂ physical abuse to gain your trust and sympathy and sell you "ID verification" services. BleepingComputer came across multiple instances of users on online dating apps being approached by these catfishing profiles. [...]
May 23, 2022		Hackers can hack your online accounts before you even register them Security researchers have revealed that hackers can hijack your online accounts before you even register them by exploiting flaws that have been already been fixed on popular websites, including Instagram, LinkedIn, Zoom, WordPress, and Dropbox. [...]
May 23, 2022		New RansomHouse group sets up extortion market, adds first victims Yet another data-extortion cybercrime operation has appeared on the darknet named 'RansomHouse' where threat actors publish evidence of stolen files and leak data of organizations that refuse to make a ransom payment. [...]
May 23, 2022		Russian hackers perform reconnaissance against Austria, Estonia In a new reconnaissance campaign, the Russian state-sponsored hacking group Turla was observed targeting the Austrian Economic Chamber, a NATO platform, and the Baltic Defense College. [...]
May 22, 2022		Elon Musk deep fakes promote new cryptocurrency scam Cryptocurrency scammers are using deep fake videos of Elon Musk and other prominent cryptocurrency advocates to promote a BitVex trading platform scam that steals deposited currency. [...]
May 22, 2022		PDF smuggles Microsoft Word doc to drop Snake Keylogger malware Threat analysts have discovered a recent malware distribution campaign using PDF attachments to smuggle malicious Word documents that infect users with malware. [...]
May 22, 2022		Microsoft tests new Windows 11 Desktop search that only works with Edge Microsoft is testing a new feature in the latest Windows 11 preview build that displays an Internet search box directly on the desktop. The problem is that it does not honor your default browser and only uses Bing and Microsoft Edge instead. [...]
May 22, 2022		Google: Predator spyware infected Android devices using zero-days Google's Threat Analysis Group (TAG) says that state-backed threat actors used five zero-day vulnerabilities to install Predator spyware developed by commercial surveillance developer Cytrox. [...]
May 21, 2022		Ransomware attack exposes data of 500,000 Chicago students The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December. [...]
May 21, 2022		Malicious PyPI package opens backdoors on Windows, Linux, and Macs Yet another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike beacons and backdoors on Windows, Linux, and macOS systems. [...]
May 21, 2022		Windows 11 hacked three more times on last day of Pwn2Own contest On the third and last day of theÂ 2022 Pwn2Own Vancouver hacking contest, security researchers successfully hackedÂ Microsoft's Windows 11 operating system three more times using zero-day exploits. [...]
May 20, 2022		The Week in Ransomware - May 20th 2022 - Another one bites the dust Ransomware attacks continue toÂ slow down, likely due to the invasion of Ukraine, instability in the region, and subsequent worldwide sanctions against Russia. [...]
May 20, 2022		Cisco urges admins to patch IOS XR zero-day exploited in attacks Cisco has addressed a zero-day vulnerability in itsÂ IOS XR router software that allowed unauthenticated attackers to remotely gain access toÂ Redis instances running in NOSi Docker containers. [...]
May 20, 2022		Microsoft disables telemetry in Windows 11 Subsystem for Android by default Microsoft has updated the Windows Subsystem for Android in Windows 11 to make telemetry collection optional and announced an upgrade to Android 12.1. [...]
May 20, 2022		Backdoor baked into premium school management plugin for WordPress Security researchers have discovered a backdoor in a premium WordPress plugin built as a complete management solution for schools. The malicious code enables a threat actor to execute PHP code without authenticating. [...]
May 20, 2022		Emergency Windows 10 updates fix Microsoft Store app issues Microsoft has released out-of-band (OOB) updates on Thursday evening to address a newly acknowledged issue impacting Microsoft Store apps. [...]
May 20, 2022		Windows 11 hacked again at Pwn2Own, Telsa Model 3 also falls During the second day of the Pwn2Own Vancouver 2022 hacking competition, contestants hacked Microsoft's Windows 11 OS again and demoed zero-days in Tesla Model 3's infotainment system. [...]
May 20, 2022		Russian Sberbank says itâ€™s facing massive waves of DDoS attacks Sberbank's vice president and director of cybersecurity, Sergei Lebed, has told participants of the Positive Hack Days forum that the company is going through a period of unprecedented targeting by hackers. [...]
May 20, 2022		Canada bans Huawei and ZTE from 5G networks over security concerns The Government of Canada announced its intention to ban the use ofÂ Huawei and ZTE telecommunications equipment and services across the country'sÂ 5G and 4G networks. [...]
May 19, 2022		Conti ransomware shuts down operation, rebrands into smaller units The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. [...]
May 19, 2022		Netgear fixes bad Orbi firmware update that locked admin console Netgear is pushing out fixes for a bad Orbi firmware update released earlier this month that prevents users from accessing the device's admin console. [...]
May 19, 2022		Microsoft emergency updates fix Windows AD authentication issues Microsoft has released emergencyÂ out-of-band (OOB) updates to address Active Directory (AD) authenticationÂ issues after installingÂ Windows Updates issued during the May 2022Â Patch Tuesday on domain controllers. [...]
May 19, 2022		Media giant Nikkeiâ€™s Asian unit hit by ransomware attack Publishing giant Nikkei disclosed that the group's headquarters in Singapore was hit by aÂ ransomware attack almost one week ago, on May 13th. [...]
May 19, 2022		Microsoft detects massive surge in Linux XorDDoS malware activity A stealthy and modular malware used to hack intoÂ Linux devices and build aÂ DDoS botnet has seen a massive 254% increase in activity during the last six months, as Microsoft revealedÂ today. [...]
May 19, 2022		U.S. DOJ will no longer prosecute ethical hackers under CFAA The U.S. Department of Justice (DOJ) has announced a revision of its policy on how federal prosecutors should charge violations of the Computer Fraud and Abuse Act (CFAA), carving out "good-fath" security research from being prosecuted. [...]
May 19, 2022		Lazarus hackers target VMware servers with Log4Shell exploits The North Korean hacking group known as Lazarus is exploiting the Log4J remote code execution vulnerability to inject backdoors that fetch information-stealing payloads on VMware Horizon servers. [...]
May 19, 2022		Phishing websites now use chatbots to steal your credentials Phishing attacks are now using automatedÂ chatbotsÂ to guide visitors through the process of handing over their login credentials to threat actors. [...]
May 19, 2022		Microsoft Teams, Windows 11 hacked on first day of Pwn2Own During the first day of Pwn2Own Vancouver 2022, contestants won $800,000 after successfully exploiting 16 zero-day bugs to hackÂ multiple products, including Microsoft's Windows 11Â operating system and the Teams communication platform. [...]
May 19, 2022		QNAP alerts NAS customers of new DeadBolt ransomware attacks Taiwan-based network-attached storage (NAS) maker QNAPÂ warned customers on Thursday to secure their devices against attacks pushing DeadBolt ransomware payloads. [...]
May 19, 2022		Ransomware gangs rely more on weaponizing vulnerabilities Security researchers are warning that external remote access services continue to be the main vector for ransomware gangs to breach company networks. [...]
May 18, 2022		Microsoft releases first ISO image for new Windows 11 Dev builds Microsoft has released the first ISO image for the new Windows 11 Preview builds in the Dev channel, allowing Windows Insiders to perform clean installs of the operating system. [...]
May 18, 2022		Spanish police dismantle phishing gang that emptied bank accounts The Spanish police have announced the arrest of 13 people and the launch of investigations on another 7 for their participation in a phishing ring that defrauded at least 146 people. [...]
May 18, 2022		Critical Jupiter WordPress plugin flaws let hackers take over sites WordPress security analysts have discovered a set of vulnerabilities impacting the Jupiter Theme and JupiterX Core plugins for WordPress, one of which is a critical privilege escalation flaw. [...]
May 18, 2022		National bank hit by ransomware trolls hackers with dick pics After suffering a ransomware attack by the Hive operation, the Bank of Zambia made it clear that they were not going to pay by posting a picture of male genitalia and telling the hackers to sâ€¦ (well, you can use your imagination). [...]
May 18, 2022		US recovers $15 million from global Kovter ad fraud operation The US government has recovered over $15 million from Swiss bank accounts belonging to operators behind the '3ve' online advertising fraud scheme. [...]
May 18, 2022		DHS orders federal agencies to patch VMware bugs within 5 days The Department of Homeland Security's cybersecurity unit ordered Federal Civilian Executive Branch (FCEB) agencies today to urgently update or remove VMware products from their networks by Monday due to an increased risk of attacks. [...]
May 18, 2022		Chinese â€˜Space Piratesâ€™ are hacking Russian aerospace firms A previously unknown Chinese hacking group known as 'Space Pirates' targets enterprises in the Russian aerospace industry with phishing emails to install novel malware on their systems. [...]
May 18, 2022		VMware patches critical auth bypass flaw in multiple products VMware warned customers today to immediately patch a critical authentication bypass vulnerability "affecting local domain users" in multiple products that can be exploitedÂ to obtain admin privileges. [...]
May 18, 2022		CISA shares guidance to block ongoing F5 BIG-IP attacks In a joint advisory issued today,Â CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warned admins of activeÂ attacks targeting a critical F5 BIG-IP network security vulnerability (CVE-2022-1388). [...]
May 18, 2022		Fake crypto sites lure wannabe thieves by spamming login credentials Threat actors are luring potential thieves by spamming login credentials for other people account's on fake crypto trading sites, illustrating once again, that there is no honor among thieves. [...]
May 18, 2022		Microsoft warns of brute-force attacks targeting MSSQL servers Microsoft warned of brute-forcing attacks targeting Internet-exposed and poorly secured Microsoft SQL Server (MSSQL) database servers using weak passwords. [...]
May 17, 2022		North Korean devs pose as US freelancers and aid DRPK govt hackers The U.S. government is warning that the Democratic People's Republic of Korea (DPRK) is dispatching its IT workers to get freelance jobs at companies across the world to obtain privileged access that is sometimes used to facilitate cyber intrusions. [...]
May 17, 2022		Microsoft: Windows Server 20H2 reaches end of service in August Microsoft has reminded customers today thatÂ Windows Server, version 20H2 will beÂ reaching the end of serviceÂ (EOS) on August 9, 2022. [...]
May 17, 2022		NVIDIA fixes ten vulnerabilities in Windows GPU display drivers NVIDIA has released a security update for a wide range of graphics card models, addressing four high-severity and six medium-severity vulnerabilities in its GPU drivers. [...]
May 17, 2022		Microsoft Defender for Endpoint gets new troubleshooting mode Microsoft says Defender for Endpoint now comes with a new 'troubleshooting mode' that will help Windows admins test Defender Antivirus performance and run compatibility scenarios without getting blocked by tamper protection. [...]
May 17, 2022		Cybersecurity agencies reveal top initial access attack vectors A joint security advisory issued by multiple national cybersecurity authorities revealed today the top 10 attack vectors most exploited by threat actors for breaching networks. [...]
May 17, 2022		Hackers can steal your Tesla Model 3, Y using new Bluetooth attack Security researchersÂ at the NCC Group have developed a tool to carry out a Bluetooth Low Energy (BLE) relay attack that bypasses all existing protections to authenticate on target devices. [...]
May 17, 2022		What is ISO 27001 and Why it Matters for Compliance Standards ISO 27001 may seem like a big undertaking, but the certification can pay off in more ways than oneâ€”including overlap with compliance regulations. Read about the benefits of ISO 27001 and how to get started. [...]
May 17, 2022		CISA warns admins to patch actively exploited Spring, Zyxel bugs The Cybersecurity and Infrastructure Security Agency (CISA) has added two more vulnerabilities to its list of actively exploited bugs, a code injection bug in the Spring Cloud Gateway library and a command injection flaw in Zyxel firmware for business firewalls and VPN devices. [...]
May 17, 2022		Hackers target Tatsu WordPress plugin in millions of attacks Hackers are massively exploiting a remote code execution vulnerability,Â CVE-2021-25094, in the Tatsu Builder plugin for WordPress, which is installed on about 100,000 websites. [...]
May 16, 2022		HTML attachments remain popular among phishing actors in 2022 HTML files remain one of the most popular attachments used in phishing attacks for the first four months of 2022, showing that the technique remains effective against antispam engines and works well on the victims themselves. [...]
May 16, 2022		Third-party web trackers log what you type before submitting An extensive study looking into the top 100k ranking websites has revealed that many are leaking information you enter in the site forms to third-party trackers before you even press submit. [...]
May 16, 2022		US links Thanos and Jigsaw ransomware to 55-year-old doctor The US Department of Justice today said thatÂ Moises Luis Zagala Gonzalez (Zagala), aÂ 55-year-old cardiologist with French and Venezuelan citizenship residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and ThanosÂ ransomware to cybercriminals. [...]
May 16, 2022		Apple emergency update fixes zero-day used to hack Macs, Watches Apple has released security updatesÂ to address a zero-day vulnerability that threat actors can exploit in attacks targetingÂ Macs and Apple Watch devices. [...]
May 16, 2022		Ukraine supporters in Germany targeted with PowerShell RAT malware An unknown threat actor is targeting German users interested in the Ukraine crisis, infecting them with a custom PowerShell RAT (remote access trojan) and stealing their data. [...]
May 16, 2022		CISA warns not to install May Windows updates on domain controllers The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog ofÂ known exploited vulnerabilities due toÂ Active Directory (AD) authentication issues caused by theÂ May 2022 updates that patch it. [...]
May 16, 2022		Kali Linux 2022.2 released with 10 new tools, WSL improvements, and more Offensive Security has released â€‹Kali Linux 2022.2, the second version in 2022, with desktop enhancements, a fun April Fools screensaver, WSL GUI improvements, terminal tweaks, and best of all,Â new tools to play with! [...]
May 16, 2022		Sophos antivirus driver caused BSODs after Windows KB5013943 update Sophos has released a fix for a known issue triggering blue screens of death (aka BSODs) on Windows 11 systems running Sophos HomeÂ antivirus software after installing theÂ KB5013943 upda [...]
May 16, 2022		Engineering firm Parker discloses data breach after ransomware attack The Parker-Hannifin Corporation announced a data breach exposing employees' personal information after the Conti ransomware gang began publishing allegedly stolen data last month. [...]
May 15, 2022		What's new and improved in Windows 11 22H2, coming soon Windows 11 version 22H2 aka Sun Valley 2 is set to launch later this year. Unlike the original Windows 11 release, it won't be a massive update with radical design changes. Instead, Sun Valley 2 will be similar to Windows 10 Anniversary Update, so you can expect minor improvements and a few new features. [...]
May 15, 2022		Hackers are exploiting critical bug in Zyxel firewalls and VPNs Hackers have started to exploit a recently patched critical vulnerability, tracked as CVE-2022-30525, that affects Zyxel firewall and VPN devices for businesses. [...]
May 15, 2022		Fake Pixelmon NFT site infects you with password-stealing malware A fake Pixelmon NFT site entices fans with free tokens and collectibles while infecting them with malware that steals their cryptocurrency wallets. [...]
May 15, 2022		Windows admins frustrated by Quick Assist moving to Microsoft Store Windows admins have been expressing their dismay at Microsoft's decision to move the Quick Assist remote assistance tool to the Microsoft Store. [...]
May 14, 2022		Microsoft fixes new PetitPotam Windows NTLM Relay attack vector A recent security update for a Windows NTLM Relay Attack has been confirmed to be a previously unfixed vector for the PetitPotam attack. [...]
May 14, 2022		Angry IT admin wipes employerâ€™s databases, gets 7 years in prison Han Bing, a former database administrator for Lianjia, a Chinese real-estate brokerage giant, has been sentenced to 7 years in prison for logging into corporate systems and deleting the company's data. [...]
May 14, 2022		Crypto thief threatened to cut man's fingers 'one by one,' stole Â£34K Online crypto scams and ponzi schemesÂ leveraging social media platforms are hardly anything new. But, this gruesome case of a London-based crypto robberÂ transcends theÂ virtual realm and tells a shocking tale ofÂ real-life victims from whom the perpetrator successfully stole Â£34,000. [...]
May 13, 2022		The Week in Ransomware - May 13th 2022 - A National Emergency While ransomware attacks have slowed during Russia's invasion of Ukraine and the subsequent sanctions, the malware threat continues to affect organizations worldwide. [...]
May 13, 2022		Italian CERT: Hacktivists hit govt sites in â€˜Slow HTTPâ€™ DDoS attacks Italy's Computer Security Incident Response Team (CSIRT) has published an announcement about the recent DDoS attacks that key sites in the country suffered in the last couple of days. [...]
May 13, 2022		Microsoft: Sysrv botnet targets Windows, Linux servers with new exploits Microsoft says theÂ Sysrv botnet is now exploiting vulnerabilities in theÂ Spring Framework and WordPress toÂ ensnare and deploy cryptomining malware on vulnerable Windows and Linux servers. [...]
May 13, 2022		Fake Binance NFT Mystery Box bots steal victim's crypto wallets A new RedLine malware distribution campaign promotes fake Binance NFT mystery box bots on YouTube to lure people into infecting themselves with the information-stealing malware from GitHub repositories. [...]
May 13, 2022		SonicWall â€˜strongly urgesâ€™ admins to patch SSLVPN SMA1000 bugs SonicWall "strongly urges"Â customers toÂ patch several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products that can letÂ attackers bypass authorizationÂ and, potentially, compromise unpatched appliances. [...]
May 13, 2022		Google Chrome updates failing on Android devices in Russia A growing number of Russian Chrome users on Android report getting errors when attempting to install the latest available update of the popular web browser. [...]
May 12, 2022		Iranian hackers exposed in a highly targeted espionage campaign Threat analysts have spotted a novel attack attributed to the Iranian hacking group known as APT34 group or Oilrig, who targeted a Jordanian diplomat with custom-crafted tools. [...]
May 12, 2022		Ukrainian imprisoned for selling access to thousands of PCs Glib Oleksandr Ivanov-Tolpintsev, a 28-year-old from Ukraine, was sentenced today to 4 years in prison for stealing thousands of login credentials per week and selling them on a dark web marketplace. [...]
May 12, 2022		Eternity malware kit offers stealer, miner, worm, ransomware tools Threat actors have launched the 'Eternity Project,' a new malware-as-a-service where threat actors can purchase a malware toolkit that can be customized with different modules depending on the attack being conducted. [...]
May 12, 2022		Zyxel silently fixes critical RCE vulnerability in firewall products Threat analysts who discovered a vulnerability affecting multiple Zyxel products report that the network equipment company fixed it via a silent update pushed out two weeks ago. [...]
May 12, 2022		BPFdoor: Stealthy Linux malware bypasses firewalls for remote access A recently discovered backdoor malware called BPFdoor has been stealthily targeting Linux and Solaris systems without being noticed for more than five years. [...]
May 12, 2022		NVIDIA has open-sourced its Linux GPU kernel drivers NVIDIA has published the source code of its kernel modules for the R515 driver, using a dual licensing model that combines the GPL and MIT licenses, making the modules legally re-distributable. [...]
May 12, 2022		Historic Hotel Stay, Complementary Emotet Exposure included Historic Hotel of America serving up modern malware to their guests. Why securing your inbox with more than just anti-malware engines is needed to prevent cybercrime attacks. [...]
May 12, 2022		Microsoft: May Windows updates cause AD authentication failures Microsoft is investigating a known issue causing authentication failures for some Windows services after installing updates released during theÂ May 2022 Patch Tuesday. [...]
May 11, 2022		Windows 11 to show suggested actions when copying data to the clipboard Microsoft is testing a new 'Suggested Actions' feature in Windows 11 Dev builds where the operating system suggests actions you can take with data you copy into the clipboard. [...]
May 11, 2022		Windows 11 KB5013943 update causes 0xc0000135 application errors Windows 11 users are receiving 0xc0000135 errorsÂ when attempting to launch applications after installing the recent Windows 11 KB5013943 cumulative update. [...]
May 11, 2022		US charges hacker for breaching brokerage accounts, securities fraud The U.S. Department of Justice (DoJ) has charged Idris Dayo Mustapha for a range of cybercrime activities that took place between 2011 and 2018, resulting in financial losses estimated to over $5,000,000. [...]
May 11, 2022		Microsoft: Windows 10 20H2 has reached end of service Microsoft says multiple editions of Windows 10 20H2 and Windows 10 1909 have reached their end of service (EOS) on this month's Patch Tuesday, on May 10, 2022. [...]
May 11, 2022		HP fixes bug letting attackers overwrite firmware in over 200 models HP has released BIOS updates today to fix two high-severity vulnerabilities affecting a wide range of PC and notebook products, which might allow arbitrary code execution. [...]
May 11, 2022		New stealthy Nerbian RAT malware spotted in ongoing attacks A new remote access trojan called Nerbian RAT has been discovered that includes a rich set of features, including the ability to evade detection and analysis by researchers. [...]
May 11, 2022		CISA tells federal agencies to fix actively exploited F5 BIG-IP bug The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a new security vulnerability to its list of actively exploited bugs, the critical severity CVE-2022-1388 affecting BIG-IP network devices. [...]
May 11, 2022		Our Medical Devices' Open Source Problem - What Are the Risks? There is no doubt that open source powers our development processes, enabling software developers to build high quality, innovative products faster than ever before. But OSS also comes with its own set of risks that device manufacturers must address while leveraging its many advantages. [...]
May 11, 2022		FBI, CISA, and NSA warn of hackers increasingly targeting MSPs Members of the Five Eyes (FVEY) intelligence alliance today warned managed service providers (MSPs) and their customers that they're increasingly targeted by supply chain attacks. [...]
May 11, 2022		Bitter cyberspies target South Asian govts with new malware New activity has been observed from Bitter, an APT group focused on cyberespionage, targeting the government of Bangladesh with new malware with remote file execution capabilities. [...]
May 11, 2022		Microsoft fixes Windows Direct3D issue behind app crashes Microsoft has addressed a known issue causing apps using Direct3D 9 to experience issues after installing April 2022 cumulative updates, including crashes and errors on systems using certain GPUs. [...]
May 11, 2022		New IceApple exploit toolset deployed on Microsoft Exchange servers Security researchers have found a new post-exploitation framework that they dubbed IceApple, deployed mainly on Microsoft Exchange servers across a wide geography. [...]
May 10, 2022		Critical F5 BIG-IP vulnerability targeted by destructive attacks A recently disclosed F5 BIG-IP vulnerability has been used in destructive attacks, attempting to erase a device's file system and make the server unusable. [...]
May 10, 2022		UK cybersecurity center sent 33 million alerts to companies The NCSC (National Cyber Security Centre) in the UK reports having served 33 million alerts to organizations signed up for its "Early Warning" service. Additionally, the government agency has dealt with a record number of online scams in 2021, removing more than 2.7 million from the internet. [...]
May 10, 2022		Apple discontinues the revolutionary iPod music player â€‹Apple has decided to pull the plug on the production of the iPod Touch (7th gen), discontinuing the revolutionary iOS-based music player introduced 15 years ago. [...]
May 10, 2022		GitHub announces enhanced 2FA experience for npm accounts Today, GitHub has launched a new public beta to notably improve the two-factor authentication (2FA) experience for all npm user accounts. [...]
May 10, 2022		Microsoft fixes new NTLM relay zero-day in all Windows versions Microsoft has addressed an actively exploited Windows LSA spoofing zero-day that unauthenticated attackers can exploit remotely to force domain controllers to authenticate them via the Windows NT LAN Manager (NTLM) security protocol. [...]
May 10, 2022		Windows 11 KB5013943 update fixes screen flickers and .NET app issues Microsoft has released the Windows 11 KB5013943 cumulative update with security updates, improvements, and fixes for screen flickers in Safe Mode and a bug causing some NET 3.5 apps not to open. [...]
May 10, 2022		Microsoft May 2022 Patch Tuesday fixes 3 zero-days, 75 flaws Today is Microsoft's May 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities, with one actively exploited, and a total of 75 flaws. [...]
May 10, 2022		Windows 10 KB5013942 and KB5013945 updates released Microsoft has released Windows 10 KB5013945 and KB5013942 cumulative updates for versions 21H2, version 21H1, version 20H2, and 1909 to fix security vulnerabilities and resolve bugs. [...]
May 10, 2022		FluBot Android malware targets Finland in new SMS campaigns Finland's National Cyber Security Center (NCSC-FI) has issued a warning about the FluBot Android malware infections increasing due to a new campaign that relies on SMS and MMS for distribution. [...]
May 10, 2022		UK govt releases free tool to check for email cybersecurity risks The United Kingdom's National Cyber Security Centre (NCSC) today released a new email security check service to help organizations easily identify vulnerabilities that could allow attackers to spoof emails or can lead to email privacy breaches. [...]
May 10, 2022		German automakers targeted in year-long malware campaign A years-long phishing campaign has targeted German companies in the automotive industry, attempting to infect their systems with password-stealing malware. [...]
May 10, 2022		US, EU blame Russia for cyberattack on satellite modems in Ukraine The European Union formally accused Russia of coordinating the cyberattack that hit satellite Internet modems in Ukraine on February 24, roughly one hour before Russia invaded Ukraine. [...]
May 9, 2022		Lincoln College to close after 157 years due ransomware attack Lincoln College, a liberal-arts school from rural Illinois, says it will close its doors later this month, 157 years since it was founded and following a hard hit on its finances after the COVID-19 pandemic and a recent ransomware attack. [...]
May 9, 2022		Hackers display "blood is on your hands" on Russian TV, take down RuTube â€‹Hackers continue to target Russia with cyberattacks, defacing Russian TV to show pro-Ukrainian messages and taking down the RuTube video streaming site. [...]
May 9, 2022		Dell, Apple, Netflix face lawsuits for pulling services out of Russia A Moscow Arbitration Court has reportedly seized almost $11 million belonging to Dell LLC after the company failed to provide paid-for services to a local system integrator. [...]
May 9, 2022		Microsoft releases fixes for Azure flaw allowing RCE attacks Microsoft has released security updates to address a security flaw affecting Azure Synapse and Azure Data Factory pipelines that could let attackers execute remote commands across Integration Runtime infrastructure. [...]
May 9, 2022		Ukraine warns of "chemical attack" phishing pushing stealer malware Ukraine's Computer Emergency Response Team (CERT-UA) is warning of the mass distribution of Jester Stealer malware via phishing emails using warnings of impending chemical attacks to scare recipients into opening attachments. [...]
May 9, 2022		Hackers exploiting critical F5 BIG-IP flaw to drop backdoors Threat actors have started massively exploiting the critical vulnerability tracked as CVE-2022-1388, which affects multiple versions of all F5 BIG-IP modules, to drop malicious payloads. [...]
May 9, 2022		Hackers are now hiding malware in Windows Event Logs Security researchers have noticed a malicious campaign that used Windows event logs to store malware, a technique that has not been previously documented publicly for attacks in the wild. [...]
May 9, 2022		Costa Rica declares national emergency after Conti ransomware attacks The Costa Rican President Rodrigo Chaves has declared a national emergency following cyber attacks from Conti ransomware group. BleepingComputer also observed Conti published most of the 672 GB dump that appears to contain data belonging to the Costa Rican government agencies. [...]
May 8, 2022		Check your gems: RubyGems fixes unauthorized package takeover bug The RubyGems package repository has fixed a critical vulnerability that would allow anyone to unpublish ("yank") certain Ruby packages from the repository and republish their tainted or malicious versions with the same file names and version numbers. [...]
May 8, 2022		Exploits created for critical F5 BIG-IP flaw, install patch immediately Security researchers are warning F5 BIG-IP admins to immediately install the latest security updates after creating exploits for a recently disclosed critical CVE-2022-1388 remote code execution vulnerability. [...]
May 8, 2022		Caramel credit card stealing service is growing in popularity A credit card stealing service is growing in popularity, allowing any low-skilled threat actors an easy and automated way to get started in the world of financial fraud. [...]
May 8, 2022		Google Play now blocks paid app downloads, updates in Russia Google is now blocking Russian users and developers from downloading or updating paid applications from the Google Play Store due to sanctions, starting Thursday. [...]
May 7, 2022		Fake crypto giveaways steal millions using Elon Musk Ark Invest video Fake cryptocurrency giveaways are stealing millions of dollars simply by replaying old Elon Musk and Jack Dorsey Ark Invest videos on YouTube. [...]
May 7, 2022		UK sanctions Russian microprocessor makers, banning them from ARM The UK government added 63 Russian entities to its sanction list on Wednesday. Among them are Baikal Electronics and MCST (Moscow Center of SPARC Technologies), the two most important chip makers in Russia. [...]
May 7, 2022		Trend Micro antivirus modified Windows registry by mistake - How to fix Trend Micro antivirus has fixed a false positive affecting its Apex One endpoint security solution that caused Microsoft Edge updates to be tagged as malware and the Windows registry to be incorrectly modified. [...]
May 7, 2022		US offers $15 million reward for info on the Conti ransomware gang The US Department of State is offering up to $15 million for information that helps identify and locate leadership and co-conspirators of the infamous Conti ransomware gang. [...]
May 6, 2022		The Week in Ransomware - May 6th 2022 - An evolving landscape Ransomware operations continue to evolve, with new groups appearing and others quietly shutting down their operations or rebranding as new groups. [...]
May 6, 2022		Xbox is down worldwide with users unable to play games Microsoft says the Xbox Live services are currently down in a major outage, impacting customers worldwide and preventing them from launching or buying games. [...]
May 6, 2022		Ferrari subdomain hijacked to push fake Ferrari NFT collection One of Ferrari's subdomains was hijacked yesterday to host a scam promoting fake Ferrari NFT collection, according to researchers. The Ethereum wallet associated with the cryptocurrency scam appears to have collected a few hundred dollars before the hacked subdomain was shut down. [...]
May 6, 2022		US agricultural machinery maker AGCO hit by ransomware attack AGCO, a leading US-based agricultural machinery producer, has announced it was hit by a ransomware attack impacting some of its production facilities. [...]
May 6, 2022		QNAP fixes critical QVR remote command execution vulnerability QNAP has released several security advisories today to alert its customers about various fixes for flaws affecting its products. The one that stands out is a critical RCE (remote code execution) in QVR. [...]
May 6, 2022		US sanctions Bitcoin laundering service used by North Korean hackers The US Department of Treasury today sanctioned cryptocurrency mixer Blender.io used last month by the North Korean-backed Lazarus hacking group to launder funds stolen from Axie Infinity's Ronin bridge. [...]
May 6, 2022		NVIDIA fined for failure to disclose cryptomining sales boost The U.S. Securities and Exchange Commission (SEC) announced Friday that it settled charges against multinational tech firm NVIDIA for "inadequate disclosures" of cryptomining's impact on its gaming business. [...]
May 6, 2022		SheetJS ditches npm registry over 2FA requirement and 'legal matters' In a surprising move, the popular open source project, SheetJS aka "xlsx," has dropped support for the npm registry. Downloaded about 1.4 million times every week on npm, SheetJS is relied upon by NodeJS developers looking to craft and parse Excel spreadsheets using nothing but JavaScript. [...]
May 6, 2022		Google Docs crashes on seeing "And. And. And. And. And." A bug in Google Docs is causing it to crash when a series of words are typed into a document opened with the online word processor. BleepingComputer was able to reproduce the issue last night and reached out to Google. [...]
May 5, 2022		New Raspberry Robin worm uses Windows Installer to drop malware Red Canary intelligence analysts have discovered a new Windows malware with worm capabilities that spreads using external USB drives. [...]
May 5, 2022		White House: Prepare for cryptography-cracking quantum computers President Joe Biden signed a national security memorandum (NSM) on Thursday asking government agencies to implement a set of measures that would mitigate risks posed by quantum computers to US national cyber security. [...]
May 5, 2022		Ukraine's IT Army is disrupting Russia's alcohol distribution Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia. [...]
May 5, 2022		NIST updates guidance for defending against supply-chain attacks The National Institute of Standards and Technology (NIST) has released updated guidance on securing the supply chain against cyberattacks. [...]
May 5, 2022		FTC to force ISP to deploy fiber for 60K users to match speed claims The Federal Trade Commission (FTC) today proposed an order requiring Connecticut-based internet service provider Frontier Communications to stop "lying" to its customers and support its high-speed internet claims. [...]
May 5, 2022		Microsoft, Apple, and Google to support FIDO passwordless logins Microsoft, Apple, and Google announced today plans to support a common passwordless sign-in standard (known as passkeys) developed by the World Wide Web Consortium (W3C) and the FIDO Alliance. [...]
May 5, 2022		Google fixes actively exploited Android kernel vulnerability Google has released the second part of the May security patch for Android, including a fix for an actively exploited Linux kernel vulnerability. [...]
May 5, 2022		New NetDooka malware spreads via poisoned search results A new malware framework known as NetDooka has been discovered being distributed through the PrivateLoader pay-per-install (PPI) malware distribution service, allowing threat actors full access to an infected device. [...]
May 5, 2022		Tor project upgrades network speed performance with new system The Tor Project has published details about a newly introduced system called Congestion Control that promises to eliminate speed limits on the network. [...]
May 5, 2022		Heroku admits that customer credentials were stolen in cyberattack Heroku has now revealed that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database. The Salesforce-owned cloud platform acknowledged the same compromised token was used by attackers to exfiltrate customers' hashed and salted passwords from "a database." [...]
May 4, 2022		F5 warns of critical BIG-IP RCE bug allowing device takeover F5 has issued a security advisory warning about a flaw that may allow unauthenticated attackers with network access to execute arbitrary system commands, perform file actions, and disable services on BIG-IP. [...]
May 4, 2022		Cisco fixes NFVIS bugs that help gain root and hijack hosts Cisco has addressed several security flaws found in the Enterprise NFV Infrastructure Software (NFVIS), a solution that helps virtualize network services for easier management of virtual network functions (VNFs). [...]
May 4, 2022		Pixiv, DeviantArt artists hit by NFT job offers pushing malware Users on Pixiv, DeviantArt, and other creator-oriented online platforms report receiving multiple messages from people claiming to be from the "Cyberpunk Ape Executives" NFT project, with the main goal to infect artists' devices with information-stealing malware. [...]
May 4, 2022		Attackers hijack UK NHS email accounts to steal Microsoft logins For about half a year, work email accounts belonging to over 100 employees of the National Health System (NHS) in the U.K. were used in several phishing campaigns, some aiming to steal Microsoft logins. [...]
May 4, 2022		Heroku forces user password resets but fails to explain why Salesforce-owned Heroku is performing a forced password reset on a subset of user accounts in response to last month's security incident while providing no information as to why they are doing so other than vaguely mentioning it is to further secure accounts. [...]
May 4, 2022		FBI says business email compromise is a $43 billion scam The Federal Bureau of Investigation (FBI) said today that the amount of money lost to business email compromise (BEC) scams continues to grow each year, with a 65% increase in the identified global exposed losses between July 2019 and December 2021. [...]
May 4, 2022		Hackers stole data undetected from US, European orgs since 2019 Cybersecurity analysts have exposed a lengthy operation attributed to the group of Chinese hackers known as "Winnti" and tracked as APT41, which focused on stealing intellectual property assets like patents, copyrights, trademarks, and other types of valuable data. [...]
May 4, 2022		GitHub to require 2FA from active developers by the end of 2023 GitHub announced today that all users who contribute code on its platform (an estimated 83 million developers in total) will be required to enable two-factor authentication (2FA) on their accounts by the end of 2023. [...]
May 4, 2022		Microsoft: Windows 11 KB5012643 update will break some apps Microsoft has warned Windows 11 users that they might experience issues launching and using some .NET Framework 3.5 applications. [...]
May 4, 2022		Using PowerShell to manage password resets in Windows domains With breaches running rampant, it's common to force password resets on your Windows domain. This article shows how admins can use PowerShell to manage password resets and introduce software that makes it even easier. [...]
May 4, 2022		Pro-Ukraine hackers use Docker images to DDoS Russian sites Docker images with a download count of over 150,000 have been used to run distributed denial-of-service (DDoS) attacks against a dozen Russian and Belarusian websites managed by government, military, and news organizations. [...]
May 4, 2022		Mitsubishi Electric faked safety and quality control tests for decades Mitsubishi Electric, one of the world's leading providers of large-scale electrical and HVAC systems has admitted to fraudulently conducting quality assurance tests on its transformersâ€”for decades. [...]
May 4, 2022		Microsoft warns Exchange Online basic auth will be disabled Microsoft warned customers today that it will start disabling Basic Authentication in random tenants worldwide on October 1, 2022. [...]
May 3, 2022		New ransomware strains linked to North Korean govt hackers Several ransomware strains have been linked to APT38, a North Korean-sponsored hacking group known for its focus on targeting and stealing funds from financial institutions worldwide. [...]
May 3, 2022		Conti, REvil, LockBit ransomware bugs exploited to block encryption Hackers commonly exploit vulnerabilities in corporate networks to gain access, but a researcher has turned the table by finding exploits in the most common ransomware and malware being distributed today. [...]
May 3, 2022		New phishing warns: Your verified Twitter account may be at risk Phishing emails increasingly target verified Twitter accounts with emails designed to steal their account credentials, as shown by numerous ongoing campaigns conducted by threat actors. [...]
May 3, 2022		SEC ramps up fight on cryptocurrency fraud by doubling cyber unit The US Securities and Exchange Commission (SEC) announced today that it will almost double the Crypto Assets and Cyber Unit to ramp up the fight against cryptocurrency fraud to protect investors from "cyber-related threats." [...]
May 3, 2022		Google: Chinese state hackers keep targeting Russian govt agencies Google said today that a Chinese-sponsored hacking group linked to China's People's Liberation Army Strategic Support Force (PLA SSF) is targeting Russian government agencies. [...]
May 3, 2022		Microsoft PowerShell lets you track Windows Registry changes â€‹A handy tip was shared online this week, showing how you can use PowerShell to monitor changes to the Windows Registry over time. [...]
May 3, 2022		Unpatched DNS bug affects millions of routers and IoT devices A vulnerability in the domain name system (DNS) component of a popular C standard library that is present in a wide range of IoT products may put millions of devices at DNS poisoning attack risk. [...]
May 3, 2022		Aruba and Avaya network switches are vulnerable to RCE attacks Security researchers have discovered five vulnerabilities in network equipment from Aruba (owned by HP) and Avaya (owned by ExtremeNetworks), that could allow malicious actors to execute code remotely on the devices. [...]
May 2, 2022		Chinese cyber-espionage group Moshen Dragon targets Asian telcos Researchers have identified a new cluster of malicious cyber activity tracked as Moshen Dragon, targeting telecommunication service providers in Central Asia. [...]
May 2, 2022		New PyScript project lets you run Python programs in the browser The project was announced this weekend at PyCon US 2022 and acts as a wrapper around the Pyodide project, which loads the CPython interpreter as a WebAssembly browser module. [...]
May 2, 2022		Microsoft Defender for Business stand-alone now generally available Microsoft says that its enterprise-grade endpoint security for small to medium-sized businesses is now generally available. [...]
May 2, 2022		Google SMTP relay service abused for sending phishing emails Phishing actors abuse Google's SMTP relay service to bypass email security products and successfully deliver malicious emails to targeted users. [...]
May 2, 2022		Cyberspies breach networks via IP cameras to steal Exchange emails A newly discovered and uncommonly stealthy Advanced Persistent Threat (APT) group is breaching corporate networks to steal Exchange (on-premise and online) emails from employees involved in corporate transactions such as mergers and acquisitions. [...]
May 2, 2022		Car rental giant Sixt facing disruptions due to a cyberattack â€‹Car rental giant Sixt was hit by a weekend cyberattack causing business disruptions at customer care centers and select branch [...]
May 2, 2022		Microsoft fixes Windows 11 bug causing flickers in safe mode Microsoft has addressed a newly acknowledged known issue that caused flickering screen problems and made some Windows apps (e.g., File Explorer, Start Menu, and Taskbar) seem unstable in Safe Mode without Networking. [...]
May 2, 2022		U.S. DoD tricked into paying $23.5 million to phishing actor The U.S. Department of Justice (DoJ) has announced the conviction of Sercan Oyuntur, 40, resident of California, for multiple counts relating to a phishing operation that caused $23.5 million in damages to the U.S. Department of Defense (DoD). [...]
May 1, 2022		REvil ransomware returns: New malware sample confirms gang is back The notorious REvil ransomware operation has returned amidst rising tensions between Russia and the USA, with new infrastructure and a modified encryptor allowing for more targeted attacks. [...]
May 1, 2022		Open source 'Package Analysis' tool finds malicious npm, PyPI packages The Open Source Security Foundation (OpenSSF), a Linux Foundation-backed initiative has released its first prototype version of the 'Package Analysis' tool that aims to catch and counter malicious attacks on open source registries. the open source tool released on GitHub was able to identify over 200 malicious npm and PyPI packages. [...]
May 1, 2022		Russian hackers compromise embassy emails to target governments Security analysts have uncovered a recent phishing campaign from Russian hackers known as APT29 (Cozy Bear or Nobelium) targeting diplomats and government entities. [...]
May 1, 2022		A YouTuber is promoting DDoS attacks on Russia â€” how legal is this? A YouTube influencer with hundreds of thousands of subscribers is encouraging everyone to conduct cyber warfare against Russia. How risky is it and can you get in trouble? [...]
May 1, 2022		Google fights doxxing with updated personal info removal policy Google has expanded its policies to allow doxxing victims to remove more of their personally identifiable information (PII) from search engine results starting earlier this week. [...]
April 30, 2022		Fake Windows 10 updates infect you with Magniber ransomware Fake Windows 10 updates on crack sites are being used to distribute the Magniber ransomware in a massive campaign that started earlier this month. [...]
April 30, 2022		Atlassian doubles the number of orgs affected by two week outage Atlassian says that this month's two-week-long cloud outage has impacted almost double the number of customers it initially estimated after learning of the incident. [...]
April 29, 2022		The Week in Ransomware - April 29th 2022 - New operations emerge This week we have discovered numerous new ransomware operations that have begun operating, with one appearing to be a rebrand of previous operations. [...]
April 29, 2022		Windows 11 gets new group policies to tweak the Start Menu Microsoft has released a new Windows 11 build to the Dev and Beta Channels that introduces multiple group policies that IT administrators can use to tweak the Start menu, the taskbar, and the system tray. [...]
April 29, 2022		Online library app Onleihe faces issues after cyberattack on provider Library lending app Onleihe announced problems lending several media formats offered on the platform, like audio, video, and e-book files, after a cyberattack targeted their vendor. [...]
April 29, 2022		Google gives 50% bonus to Android 13 Beta bug bounty hunters Google has announced that all security researchers who report Android 13 Beta vulnerabilities through its Vulnerability Rewards Program (VRP) will get a 50% bonus on top of the standard reward until May 26th, 2022. [...]
April 29, 2022		India to require cybersecurity incident reporting within six hours The Indian government has issued new directives requiring organizations to report cybersecurity incidents to CERT-IN within six hours, even if those incidents are port or vulnerability scans of computer systems. [...]
April 29, 2022		Russian hacktivists launch DDoS attacks on Romanian govt sites The Romanian national cyber security and incident response team, DNSC, has issued a statement about a series of distributed denial-of-service (DDoS) attacks targeting several public websites managed by the state entities. [...]
April 28, 2022		Hands on with Microsoft Edge's new built-in VPN feature Edge's Secure Network is powered by Cloudflare - one of the most trusted DNS hosts in the industry - and it aims to protect your device and sensitive data as you browse. The feature is in the early stage of development available to select users in Edge Canary and it's not a full-fledged VPN service offered in browsers like Opera. [...]
April 28, 2022		WhatsApp is currently down with users reporting connection issues WhatsApp is down according to user reports mentioning issues connecting to the messaging platform and the inability to send messages although still connected. [...]
April 28, 2022		EmoCheck now detects new 64-bit versions of Emotet malware The Japan CERT has released a new version of their EmoCheck utility to detect new 64-bit versions of the Emotet malware that began infecting users this month. [...]
April 28, 2022		Synology warns of critical Netatalk bugs in multiple products Synology has warned customers that some of its network-attached storage (NAS) appliances are exposed to attacks exploiting multiple critical Netatalk vulnerabilities. [...]
April 28, 2022		Microsoft fixes ExtraReplica Azure bugs that exposed user databases Microsoft has addressed a chain of critical vulnerabilities found in the Azure Database for PostgreSQL Flexible Server that could let malicious users escalate privileges and gain access to other customers' databases after bypassing authentication. [...]
April 28, 2022		Medical software firm fined €1.5M for leaking data of 490k patients The French data protection authority (CNIL) fined medical software vendor Dedalus Biology with EUR 1.5 million for violating three articles of the GDPR (General Data Protection Regulation). [...]
April 28, 2022		Ukraine targeted by DDoS attacks from compromised WordPress sites Ukraine's computer emergency response team (CERT-UA) has published an announcement warning of ongoing DDoS (distributed denial of service) attacks targeting pro-Ukraine sites and the government web portal. [...]
April 28, 2022		How to Attack Your Own Company's Service Desk to spot risks Specops Secure Service Desk is an excellent tool for keeping a help desk safe from social engineering attacks. Although Specops Secure Service Desk offers numerous features, there are three capabilities that are especially useful for thwarting social engineering attacks. [...]
April 28, 2022		New Bumblebee malware takes over BazarLoader's ransomware delivery A newly discovered malware loader called Bumblebee is likely the latest development of the Conti syndicate, designed to replace the BazarLoader backdoor used to deliver ransomware payloads. [...]
April 28, 2022		NPM flaw let attackers add anyone as maintainer to malicious packages A logical flaw in the npm registry, dubbed 'package planting' let authors of malicious packages quietly add anyone and any number of users as 'maintainers' to their packages in an attempt to boost the trust in their package. [...]
April 28, 2022		Ransom payment is roughly 15% of the total cost of ransomware attacks Researchers analyzing the collateral consequences of a ransomware attack include costs that are roughly seven times higher than the ransom demanded by the threat actors. [...]
April 28, 2022		Austin Peay State University resumes after ransomware cyber attack Austin Peay State University (APSU) confirmed yesterday that it had been a victim of a ransomware attack. The university, located in Clarksville, Tennessee advised students, staff, and faculty to disconnect their computers and devices from the university network immediately as a precaution. [...]
April 27, 2022		PSA: Onyx ransomware destroys large files instead of encrypting them A new Onyx ransomware operation is destroying large files instead of encrypting them, preventing those files from being decrypted even if a ransom is paid. [...]
April 27, 2022		New Black Basta ransomware springs into action with a dozen breaches A new ransomware gang known as Black Basta has quickly catapulted into operation this month, claiming to have breached over twelve companies in just a few weeks. [...]
April 27, 2022		GitHub: How stolen OAuth tokens helped breach dozens of orgs GitHub has shared a timeline of this month's security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations. [...]
April 27, 2022		QNAP warns users to disable AFP until it fixes critical bugs Taiwanese corporation QNAP has asked customers this week to disable the AFP file service protocol on their network-attached storage (NAS) appliances until it fixes multiple critical Netatalk vulnerabilities. [...]
April 27, 2022		Microsoft says Russia hit Ukraine with hundreds of cyberattacks Microsoft has revealed the true scale of Russian-backed cyberattacks against Ukraine since the invasion, with hundreds of attempts from multiple Russian hacking groups targeting the country's infrastructure and Ukrainian citizens. [...]
April 27, 2022		Russian govt impersonators target telcos in phishing attacks A previously unknown and financially motivated hacking group is impersonating a Russian agency in a phishing campaign targeting entities in Eastern European countries. [...]
April 27, 2022		Cybersecurity agencies reveal top exploited vulnerabilities of 2021 In partnership with the NSA and the FBI, cybersecurity authorities worldwide have released today a list of the top 15 vulnerabilities routinely exploited by threat actors during 2021. [...]
April 27, 2022		RIG Exploit Kit drops RedLine malware via Internet Explorer bug Threat analysts have uncovered yet another large-scale campaign delivering the RedLine stealer malware onto worldwide targets. [...]
April 27, 2022		Chinese state-backed hackers now target Russian state officers Security researchers analyzing a phishing campaign targeting Russian officials found evidence that points to the China-based threat actor tracked as Mustang Panda (also known as HoneyMyte and Bronze President). [...]
April 27, 2022		Number of publicly exposed database instances hits new record Security researchers have noticed an increase in the number of databases publicly exposed to the Internet, with 308,000 identified in 2021. The growth continued quarter over quarter, peaking in the first months of this year. [...]
April 27, 2022		New Nimbuspwn Linux vulnerability gives hackers root privileges A new set of vulnerabilities collectively tracked as Nimbuspwn could let local attackers escalate privileges on Linux systems to deploy malware ranging from backdoors to ransomware. [...]
April 26, 2022		US offers $10 million reward for tips on Russian Sandworm hackers The U.S. is offering up to $10 million to identify or locate six Russian GRU hackers who are part of the notorious Sandworm hacking group. [...]
April 26, 2022		Emotet malware now installs via PowerShell in Windows shortcut files The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. [...]
April 26, 2022		American Dental Association hit by cyberattack, operations disrupted The American Dental Association (ADA) was hit by a weekend cyberattack causing them to shut down portions of their network while investigating the attack. [...]
April 26, 2022		Coca-Cola investigates hackers' claims of breach and data theft Coca-Cola, the world's largest soft drinks maker, has confirmed in a statement to BleepingComputer that it is aware of the reports about a cyberattack on its network and is currently investigating the claims. [...]
April 26, 2022		Google Play Store now forces apps to disclose what data is collected Google is rolling out a new Data Safety section on the Play Store, Android's official app repository, where developers must declare what data their software collects from users of their apps. [...]
April 26, 2022		Public interest in Log4Shell fades but attack surface remains It's been four months since Log4Shell, a critical zero-day vulnerability in the ubiquitous Apache Log4j library, was discovered, and threat analysts warn that the application of the available fixes is still way behind. [...]
April 26, 2022		David Colombo on Tesla Hacks and Growing into Hacking Cybellum interviewed David Colombo, the cyber boy wonder of Germany, and founder of Colombo Technologies for our podcast, Left to Our Own Devices. Not yet 20 years old, the prolific cyber researcher already has to his credit the exposure of numerous critical vulnerabilities, including the honor of hacking his way into Tesla vehicles. [...]
April 26, 2022		Hackers exploit critical VMware RCE flaw to install backdoors Advanced hackers are actively exploiting a critical remote code execution (RCE) vulnerability, CVE-2022-22954, that affects in VMware Workspace ONE Access (formerly called VMware Identity Manager). [...]
April 25, 2022		Windows 10 KB5011831 update released with 26 bug fixes, improvements Microsoft has released the optional KB5011831 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2 that fixes 26 bugs. [...]
April 25, 2022		CISA adds 7 vulnerabilities to list of bugs exploited in attacks The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added seven vulnerabilities to its list of actively exploited security issues, including those from Microsoft, Linux, and Jenkins. [...]
April 25, 2022		Emotet malware infects users again after fixing broken installer The Emotet malware phishing campaign is up and running again after the threat actors fixed a bug preventing people from becoming infected when they opened malicious email attachments. [...]
April 25, 2022		North Korean hackers targeting journalists with novel malware North Korean state-sponsored hackers known as APT37 have been discovered targeting journalists specializing in the DPRK with a novel malware strain. [...]
April 25, 2022		French hospital group disconnects Internet after hackers steal data The GHT Coeur Grand Est. Hospitals and Health Care group comprising nine establishments with 3,370 beds across Northeast France has disclosed a cyberattack that resulted in the theft of sensitive administrative and patient data. [...]
April 25, 2022		New powerful Prynt Stealer malware sells for just $100 per month Threat analysts have spotted yet another addition to the growing space of info-stealer malware infections, named Prynt Stealer, which offers powerful capabilities and extra keylogger and clipper modules. [...]
April 25, 2022		Quantum ransomware seen deployed in rapid network attacks The Quantum ransomware, a strain first discovered in August 2021, were seen carrying out speedy attacks that escalate quickly, leaving defenders little time to react. [...]
April 24, 2022		Enable Windows 11's God Mode to access all settings in one screen The settings app has been significantly improved, but several Control Panel features are still missing. Thankfully, Windows 11 still comes with the Control Panel and File Explorer-based advanced configuration page called "God Mode" that allows you to easily access all advanced tools, features, and tasks. [...]
April 23, 2022		Animated QR codes: how do they work, and how to create your own? Is there such a thing as animated QR codes? And could they work? Even those who may not know how exactly QR codes work have pretty much been exposed to them by now. [...]
April 22, 2022		'Hack DHS' bug hunters find 122 security flaws in DHS systems The Department of Homeland Security (DHS) today revealed that bug bounty hunters enrolled in its 'Hack DHS' bug bounty program have found 122 security vulnerabilities in external DHS systems, 27 of them rated critical severity. [...]
April 22, 2022		Russian hackers are seeking alternative money-laundering options The Russian cybercrime community, one of the most active and prolific in the world, is turning to alternative money-laundering methods due to sanctions on Russia and law enforcement actions against dark web markets. [...]
April 22, 2022		US govt grants academics $12M to develop cyberattack defense tools The US Department of Energy (DOE) has announced that it will provide $12 million in funding to six university teams to develop defense and mitigation tools to protect US energy delivery systems from cyberattacks. [...]
April 22, 2022		T-Mobile confirms Lapsus$ hackers breached internal systems T-Mobile has confirmed that the Lapsus$ extortion gang breached its network "several weeks ago" using stolen credentials and gained access to internal systems. [...]
April 22, 2022		Chinese hackers behind most zero-day exploits during 2021 Threat analysts report that zero-day vulnerability exploitation is on the rise with Chinese hackers using most of them in attacks last year. [...]
April 22, 2022		Atlassian fixes critical Jira authentication bypass vulnerability Atlassian has published a security advisory to alert that its Jira and Jira Service Management products are affected by a critical authentication bypass vulnerability in Seraph, the company's web application security framework. [...]
April 22, 2022		Ubuntu 22.04 LTS released with performance and security improvements Canonical has announced the general availability of version 22.04 of the Ubuntu Linux distribution, codenamed 'Jammy Jellyfish', which brings better hardware support and an improved security baseline. [...]
April 22, 2022		Windows 10 KB5012636 cumulative update fixes freezing issues Microsoft has released the optional KB5012636 cumulative update preview for Windows 10 1809 and Windows Server 2019, with fixes for system freezing issues affecting client and server systems. [...]
April 21, 2022		Docker servers hacked in ongoing cryptomining malware campaign Docker APIs on Linux servers are being targeted by a large-scale Monero crypto-mining campaign from the operators of the Lemon_Duck botnet. [...]
April 21, 2022		Hackers earn $400K for zero-day ICS exploits demoed at Pwn2Own Pwn2Own Miami 2022 has ended with competitors earning $400,000 for 26 zero-day exploits (and several bug collisions) targeting ICS and SCADA products demoed during the contest between April 19 and April 21. [...]
April 21, 2022		QNAP asks users to mitigate critical Apache HTTP Server bugs QNAP has asked customers to apply mitigation measures to block attempts to exploit Apache HTTP Server security vulnerabilities impacting their network-attached storage (NAS) devices. [...]
April 21, 2022		U.S. Treasury sanctions Russian cryptocurrency mining companies The U.S. Department of the Treasury has announced a new package of sanctions targeting parties that facilitate evasion of previous measures imposed on Russia. [...]
April 21, 2022		Critical bug in Android could allow access to users' media files Security analysts have found that Android devices running on Qualcomm and MediaTek chipsets were vulnerable to remote code execution due to a flaw in the implementation of the Apple Lossless Audio Codec (ALAC). [...]
April 21, 2022		GitHub restores popular Python repo hit by bogus DMCA takedown Yesterday, following a DMCA complaint, GitHub took down a repository that hosts the official SymPy project documentation website. It turns out the DMCA notice filed by HackerRank's representatives was sent out in error and generated much backlash from the open source community. The DMCA notice has since been rescinded. [...]
April 21, 2022		Binance tells Russian users with over €10k to withdraw everything Binance has announced some significant changes in its services for Russia-based users, which mark the company's effort to align with European Union's fifth wave of sanctions against Russia. [...]
April 21, 2022		Cisco Umbrella default SSH key allows theft of admin credentials Cisco has released security updates to address a high severity vulnerability in the Cisco Umbrella Virtual Appliance (VA), allowing unauthenticated attackers to steal admin credentials remotely. [...]
April 21, 2022		FBI: BlackCat ransomware breached at least 60 entities worldwide The Federal Bureau of Investigation (FBI) says the Black Cat ransomware gang, also known as ALPHV, has breached the networks of at least 60 organizations worldwide, between November 2021 and March 2022. [...]
April 20, 2022		REvil's TOR sites come alive to redirect to new ransomware operation REvil ransomware's servers in the TOR network are back up after months of inactivity and redirect to a new operation that appears to have started since at least mid-December last year. [...]
April 20, 2022		Microsoft Exchange servers hacked to deploy Hive ransomware A Hive ransomware affiliate has been targeting Microsoft Exchange servers vulnerable to ProxyShell security issues to deploy various backdoors, including Cobalt Strike beacon. [...]
April 20, 2022		FBI warns of ransomware attacks targeting US agriculture sector The US Federal Bureau of Investigation (FBI) warned Food and Agriculture (FA) sector organizations today of an increased risk that ransomware gangs "may be more likely" to attack them during the harvest and planting seasons. [...]
April 20, 2022		US and allies warn of Russian hacking threat to critical infrastructure Today, Five Eyes cybersecurity authorities warned critical infrastructure network defenders of an increased risk that Russia-backed hacking groups could target organizations within and outside Ukraine's borders. [...]
April 20, 2022		Okta: Lapsus$ breach lasted only 25 minutes, hit 2 customers Identity and access management firm Okta says an investigation into the January Lapsus$ breach concluded the incident's impact was significantly smaller than expected. [...]
April 20, 2022		Microsoft Defender flags Google Chrome updates as suspicious Microsoft Defender for Endpoint has been tagging Google Chrome updates delivered via Google Update as suspicious activity due to a false positive issue. [...]
April 20, 2022		Brave adds Discussions to enrich its search results Brave, the maker of the homonymous web browser, has announced a new feature called Discussions that adds conversations from online forums to its privacy-focused search engine. [...]
April 20, 2022		Russian state hackers hit Ukraine with new malware variants Threat analysts report the activity of the Russian state-sponsored threat group known as Gamaredon (Armageddon, Shuckworm), is still notably active in Ukrainian computer networks. [...]
April 20, 2022		Amazon Web Services fixes container escape in Log4Shell hotfix Amazon Web Services (AWS) has fixed four security issues in its hot patch from December that addressed the critical Log4Shell vulnerability (CVE-2021-44228) affecting cloud or on-premise environments running Java applications with a vulnerable version of the Log4j logging library or containers. [...]
April 19, 2022		CISA warns of attackers now exploiting Windows Print Spooler bug The Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its list of actively exploited bugs, including a local privilege escalation bug in the Windows Print Spooler. [...]
April 19, 2022		Emotet botnet switches to 64-bit modules, increases activity The Emotet malware is having a burst in distribution and is likely to soon switch to new payloads that are currently detected by fewer antivirus engines. [...]
April 19, 2022		QNAP urges customers to disable UPnP port forwarding on routers Taiwanese hardware vendor QNAP urged customers on Monday to disable Universal Plug and Play (UPnP) port forwarding on their routers to prevent exposing their network-attached storage (NAS) devices to attacks from the Internet. [...]
April 19, 2022		Microsoft disables SMB1 by default for Windows 11 Home Insiders Microsoft announced today that the 30-year-old SMBv1 file-sharing protocol is now disabled by default on Windows systems running the latest Windows 11 Home Dev channel builds, the last editions of Windows or Windows Server that still came with SMBv1 enabled. [...]
April 19, 2022		Real-time voice concealment algorithm blocks microphone spying Columbia University researchers have developed a novel algorithm that can block rogue audio eavesdropping via microphones in smartphones, voice assistants, and IoTs in general. [...]
April 19, 2022		GitHub notifies owners of private repos stolen using OAuth tokens GitHub says it notified all organizations believed to have had data stolen from their private repositories by attackers abusing compromised OAuth user tokens issued to Heroku and Travis-CI. [...]
April 19, 2022		How to protect your ADFS from password spraying attacks Microsoft recommends a multi-tiered approach for securing your ADFS environment from password attacks. Learn how Specops can fill in the gaps to add further protection against password sprays and other password attacks. [...]
April 19, 2022		New stealthy BotenaGo malware variant targets DVR devices Threat analysts have spotted a new variant of the BotenaGo botnet malware, and it's the stealthiest seen so far, running undetected by any anti-virus engine. [...]
April 19, 2022		Lenovo UEFI firmware driver bugs affect over 100 laptop models Lenovo has published a security advisory on vulnerabilities that impact its Unified Extensible Firmware Interface (UEFI) loaded on at least 100 of its laptop models. [...]
April 19, 2022		LinkedIn brand takes lead as most impersonated in phishing attacks Security researchers are warning that LinkedIn has become the most spoofed brand in phishing attacks, accounting for more than 52% of all such incidents at a global level. [...]
April 18, 2022		US warns of Lazarus hackers using malicious cryptocurrency apps CISA, the FBI, and the US Treasury Department warned today that the North Korean Lazarus hacking group is targeting organizations in the cryptocurrency and blockchain industries with trojanized cryptocurrency applications. [...]
April 18, 2022		Free decryptor released for Yanluowang ransomware victims Kaspersky today revealed it found a vulnerability in Yanluowang ransomware's encryption algorithm, which makes it possible to recover files it encrypts. [...]
April 18, 2022		Newly found zero-click iPhone exploit used in NSO spyware attacks Digital threat researchers at Citizen Lab have discovered a new zero-click iMessage exploit used to install NSO Group spyware on devices belonging to Catalan politicians, journalists, and activists. [...]
April 18, 2022		Hackers steal $655K after picking MetaMask seed from iCloud backup MetaMask has published a warning for their iOS users about the seeds of cryptocurrency wallets being stored in Apple's iCloud if app data backup is active. [...]
April 18, 2022		Unofficial Windows 11 upgrade installs info-stealing malware Hackers are luring unsuspecting users with a fake Windows 11 upgrade that comes with malware that steals browser data and cryptocurrency wallets. [...]
April 18, 2022		Windows 10 21H2 now in broad deployment, available to everyone Microsoft says Windows 10, version 21H2 (aka the November 2021 Update) is now designated for broad deployment, making it available to everyone via Windows Update. [...]
April 18, 2022		Beanstalk DeFi platform loses $182 million in flash-load attack The decentralized, credit-based finance system Beanstalk disclosed on Sunday that it suffered a security breach that resulted in financial losses of $182 million, the attacker stealing $80 million in crypto assets. [...]
April 17, 2022		Customize Windows 11 experience with these apps Windows 11 is now available with a long list of limitations and missing features. The big feature update is currently available for download as an optional update and if you've already upgraded to the new operating system, you can try the third-party programs highlighted below. [...]
April 17, 2022		Microsoft: Office 2013 will reach end of support in April 2023 Microsoft has reminded customers this week that Microsoft Office 2013 is approaching its end of support next year, advising to switch to a newer version to reduce their exposure to security risks. [...]
April 16, 2022		New Industrial Spy stolen data market promoted through cracks, adware Threat actors have launched a new marketplace called Industrial Spy that sells stolen data from breached companies, promoting the site through adware and software cracks. [...]
April 16, 2022		GitHub suspends accounts of Russian devs at sanctioned companies Russian software developers are reporting that their GitHub accounts are being suspended without warning if they work for or previously worked for companies under US sanctions. [...]
April 15, 2022		GitHub: Attacker breached dozens of orgs using stolen OAuth tokens GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. [...]
April 15, 2022		The Week in Ransomware - April 15th 2022 - Encrypting Russia While countries worldwide have been the frequent target of ransomware attacks, Russia and CIS countries have been avoided by threat actors. The tables have turned with the NB65 hacking group modifying the leaked Conti ransomware to use in attacks on Russian entities. [...]
April 15, 2022		T-Mobile customers warned of unblockable SMS phishing attacks An ongoing phishing campaign targets T-Mobile customers with malicious links using unblockable texts sent via SMS (Short Message Service) group messages. [...]
April 15, 2022		Cisco vulnerability lets hackers craft their own login credentials Cisco has released a security advisory to warn about a critical vulnerability (CVSS v3 score: 10.0), tracked as CVE-2022-20695, impacting the Wireless LAN Controller (WLC) software. [...]
April 15, 2022		CISA orders agencies to fix actively exploited VMware, Chrome bugs The Cybersecurity and Infrastructure Security Agency (CISA) has added nine more security flaws to its list of actively exploited bugs, including a VMware privilege escalation flaw and a Google Chrome zero-day that could be used for remote code execution. [...]
April 15, 2022		Cryptocurrency DeFi platforms are now more targeted than ever Hackers are increasingly targeting DeFi (Decentralized Finance) cryptocurrency platforms, with Q1 2022 data showing that more platforms are being targeted than ever before. [...]
April 15, 2022		'Mute' button in conferencing apps may not actually mute your mic A new study shows that pressing the mute button on popular video conferencing apps (VCA) may not actually work like you think it should, with apps still listening in on your microphone. [...]
April 15, 2022		Karakurt revealed as data extortion arm of Conti cybercrime syndicate After breaching servers managed by the cybercriminals, security researchers found a connection between Conti ransomware and the recently emerged Karakurt data extortion group, showing that the two gangs are part of the same operation. [...]
April 14, 2022		Wind turbine firm Nordex hit by Conti ransomware attack The Conti ransomware operation has claimed responsibility for a cyberattack on wind turbine giant Nordex, which was forced to shut down IT systems and remote access to the managed turbines earlier this month. [...]
April 14, 2022		Critical Windows RPC CVE-2022-26809 flaw raises concerns - Patch now Microsoft has fixed a new Windows RPC CVE-2022-26809 vulnerability that is raising concerns among security researchers due to its potential for widespread, significant cyberattacks once an exploit is developed. Therefore, all organization needs to apply Windows security updates as soon as possible. [...]
April 14, 2022		FBI: Payment app users targeted in social engineering attacks Cybercriminals are attempting to trick American users of digital payment apps into making instant money transfers in social engineering attacks using text messages with fake bank fraud alerts. [...]
April 14, 2022		Google Chrome emergency update fixes zero-day used in attacks Google has released Chrome 100.0.4896.127 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability actively used by threat actors in attacks. [...]
April 14, 2022		Windows 11 tool to add Google Play secretly installed malware A popular Windows 11 ToolBox script used to add the Google Play Store to the Android Subsystem has secretly infected users with malicious scripts, Chrome extensions, and potentially other malware. [...]
April 14, 2022		Microsoft increases awards for high-impact Microsoft 365 bugs Microsoft has increased the maximum awards for high-impact security flaws reported through the Microsoft 365 and the Dynamics 365 / Power Platform bug bounty programs. [...]
April 14, 2022		New ZingoStealer infostealer drops more malware, cryptominers A new information-stealing malware called ZingoStealer has been discovered with powerful data-stealing features and the ability to load additional payloads or mine Monero. [...]
April 14, 2022		FBI links largest crypto hack ever to Lazarus state hackers The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the address that received the cryptocurrency stolen in the largest cryptocurrency hack ever, the hack of Axie Infinity's Ronin network bridge. [...]
April 14, 2022		Atlassian finally explains the cause of ongoing cloud outage Atlassian has finally revealed the exact cause of an ongoing cloud services outage the company estimates could impact some of its customers for up to two more weeks. [...]
April 14, 2022		Hackers target Ukrainian govt with IcedID malware, Zimbra exploits Hackers are targeting Ukrainian government agencies with new attacks exploiting Zimbra exploits and phishing attacks pushing the IcedID malware. [...]
April 14, 2022		Hetzner lost customer data and gave 20€ as compensation Hetzner Online GmbH, a German cloud services provider, told some customers this week that their data had been irreversibly lost and were provided a 20â‚¬ compensation in online credit. [...]
April 14, 2022		The top 10 password attacks and how to stop them To better understand how to protect passwords in your environment from attacks, let's look at the top 10 password attacks and see what your organization can do to prevent them. [...]
April 14, 2022		Instagram beyond pics: Sexual harassers, crypto crooks, ID thieves A platform for everyone to seamlessly share their best moments online, Instagram is slowly turning into a mecca for the undesirablesâ€”from sexual harassers to crypto "investors" helping you "get rich fast." How do you keep yourself safe against such profiles? [...]
April 14, 2022		Flaw in Rarible NFT market allowed tricky crypto asset transfers A security flaw in the Rarible NFT (non-fungible token) marketplace allowed threat actors to use a relatively simple attack vector to steal digital assets from the target's accounts and transfer them directly to their wallets. [...]
April 14, 2022		OldGremlin ransomware deploys new malware on Russian mining org OldGremlin, a little-known threat actor that uses its particularly advanced skills to run carefully prepared, sporadic campaigns, has made a comeback last month after a gap of more than one year. [...]
April 13, 2022		CISA warns orgs to patch actively exploited Windows LPE bug The Cybersecurity and Infrastructure Security Agency (CISA) has added ten new security bugs to its list of actively exploited vulnerabilities, including a high severity local privilege escalation bug in the Windows Common Log File System Driver. [...]
April 13, 2022		African banks heavily targeted in RemcosRAT malware campaigns African banks are increasingly targeted by malware distribution campaigns that employ HTML smuggling tricks and typo-squatted domains to drop remote access trojans (RATs). [...]
April 13, 2022		New Fodcha DDoS botnet targets over 100 victims every day A rapidly growing botnet is ensnaring routers, DVRs, and servers across the Internet to target more than 100 victims every day in distributed denial-of-service (DDoS) attacks. [...]
April 13, 2022		Hackers exploit critical VMware CVE-2022-22954 bug, patch now Security researchers have published various proof of concepts (PoCs) scripts for exploiting CVE-2022-22954 on social media and other channels, essentially enabling malicious actors to attack unpatched systems. [...]
April 13, 2022		US warns of govt hackers targeting industrial control systems A joint cybersecurity advisory issued by CISA, NSA, FBI, and the Department of Energy (DOE) warns of government-backed hacking groups being able to hijack multiple industrial devices using a new ICS-focused malware toolkit. [...]
April 13, 2022		Microsoft disrupts Zloader malware in global operation A months-long global operation led by Microsoft's Digital Crimes Unit (DCU) has taken down dozens of domains used as command-and-control (C2) servers by the notorious ZLoader botnet. [...]
April 13, 2022		3 Reasons Connected Devices are More Vulnerable than Ever We are surrounded by billions of connected devices that contribute round-the-clock to practically every aspect of our lives - from transportation, to entertainment, to health and well-being. Here are the top three reasons why connected-device cybersecurity is more fragile than ever. [...]
April 13, 2022		New EnemyBot DDoS botnet recruits routers and IoTs into its army A new Mirai-based botnet malware named Enemybot has been observed growing its army of infected devices through vulnerabilities in modems, routers, and IoT devices, with the threat actor operating it known as Keksec. [...]
April 13, 2022		Critical flaw in Elementor WordPress plugin may affect 500k sites The authors of the Elementor Website Builder plugin for WordPress have just released version 3.6.3 to address a critical remote code execution flaw that may impact as many as 500,000 websites. [...]
April 13, 2022		Critical Apache Struts RCE vulnerability wasn't fully fixed, patch now Apache has fixed a critical vulnerability in its vastly popular Struts project that was previously believed to have been resolved but, as it turns out, wasn't fully remedied. As such, CISA is urging users and administrators to upgrade to the latest, patched Struts 2 versions. [...]
April 12, 2022		Ethereum dev imprisoned for helping North Korea evade sanctions Virgil Griffith, a US cryptocurrency expert, was sentenced on Tuesday to 63 months in prison after pleading guilty to assisting the Democratic People's Republic of Korea (DPRK) with technical info on how to evade sanctions. [...]
April 12, 2022		Microsoft: Windows Server now supports automatic .NET updates Microsoft says Windows admins can now opt into automatic updates for .NET (.NET Core) via Microsoft Update (MU) on Windows Server systems. [...]

Home >>>

Place Service Call

(Request Support Desk Call Back)

Contact Us

Western Networks Inc.

8351 Melburn Court
Mission, British Columbia
CANADA V2V 7B3

Telephone:

604.590.2590

Latest Security Alerts

Oct
2nd

Microsoft Defender no longer flags Tor Browser as malware

For Windows users who frequently use the TorBrowser, there's been a pressing concern. Recent versions of the TorBrowser, specifically because of the tor.exe file it contained, were being flagged as potential threats by Windows Defender. [...]

Oct
2nd

Exim patches three of six zero-day bugs disclosed last week

Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro's Zero Day Initiative (ZDI), one of them allowing unauthenticated attackers to gain remote code execution. [...]

Oct
2nd

New BunnyLoader threat emerges as a feature-rich malware-as-a-service

Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard. [...]

Oct
2nd

Ransomware gangs now exploiting critical TeamCity RCE flaw

Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains' TeamCity continuous integration and deployment server. [...]

Oct
2nd

Exploit available for critical WS_FTP bug exploited in attacks

Over the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity remote code execution vulnerability in Progress Software's WS_FTP Server file sharing platform. [...]

See All Security Alerts >>>

Latest Company News

JUL
11th

Western Networks Supports Animals in Need with LAPS

Western Networks is proud to sponsor the photo booth at the upcoming LAPS (Langley Animal Protection Society) 10th Annual Furry Tail Endings Gala, An Enchanted Ball on Saturday, November 4, 2017 at the Coast Hotel & Convention Centre in Langley. It will be a formal-dress evening of dining, dancing, and entertainment, with a silent and live auction. Proceeds go to helping protect and promote the physical, emotional, and psychological well being of companion animals in Langley. This will be a great event for a great cause!

More information and tickets are available through LAPS by phone or in person. Purchase information is here.

The results of the LAPS Dream Vacation Lottery will be announced at the Gala, as well. Tickets for the LAPS $5000 Dream Vacation Lottery are available in advance. Purchase information is here.

Come out and support our furry friends while having a "ball" doing it! We'll see you there!

FEB
3rd

Western Networks Offers In-House Hosting and Spam Protection

Seeing a need for better web, e-mail, and FTP hosting solutions, as well as superior spam-filtering solutions, Western Networks has begun offering in-house answers.

Using a group of servers to offer redundant, fail-safe hosting, Western Networks servers are high performance machines that provide reliable hosting for customer websites and e-mail. Scalability has been achieved through server virtualization, with quick and monitored fail-over in the event of an unresponsive server.

In addition, Western Networks has begun offering spam-filtering solutions via SonicWALL's outstanding Email Security appliance products. SonicWALL's Email Security products offer the best spam and virus protection available, and Western Networks is proud to be able to offer that protection to it's clients at a low cost.

Between the two new service offerings, Western Networks is able to offer an end-to-end e-mail and hosting solution that provides maximum security, excellent spam and virus filtering, and complete control over e-mail flow and hosting for easy diagnostics of any issues that may present themselves.

Previous Company News >>>

RingCentral Americas Status

	Calling - Inbound
	Calling - Outbound
	Calling - Call Queue
	Phones - Deskphone
	Phones - Softphone
	Meetings - RingCentral Meetings
	Meetings - RingCentral Video
	Webinar
	Contact Center
	Messaging
	SMS - Inbound
	SMS - Outbound
	Fax - Inbound
	Fax - Outbound
	Connect Platform
	Service Portal
	Developer Sandbox
	Engage - Voice
	Engage - Digital AWS
	Engage - Digital Claranet
	Analytics - Live Reports
	Analytics - Analytics Portal
	Other

Last updated: October 2, 2023 8:39:00pm PDT