December Android updates fix critical zero-click RCE flaw
Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code...
News
Tipalti investigates claims of data stolen in ransomware attack
Updated 12/4/23 to include information from Roblox. Tipalti says they are investigating claims that the ALPHV ransomware gang breached its network...
Fake WordPress security advisory pushes backdoor plugin
WordPress administrators are being emailed fake WordPress security advisories for a fictitious vulnerability tracked as CVE-2023-45124 to infect sites with...
Russian Developer Pleads Guilty to Trickbot Conspiracy
A Russian man has pleaded guilty to charges connected to his involvement in the infamous Trickbot malware.Vladimir Dunaev, 40, of...
US Confirms Iranian Attacks on Water Companies
The US Cybersecurity and Infrastructure Security Agency (CISA) has revealed Iran’s Islamic Revolutionary Guard Corps (IRGC) is behind a series...
Rust-Based Botnet P2Pinfect Targets MIPS Architecture
The cross-platform botnet known as P2Pinfect has been observed taking a significant leap in sophistication. Since its emergence in July 2023,...
Staples Hit With Disruption After Cyber-Attack
Staples is still suffering disruption after being hit by a cyber-attack late last week, the retailer has revealed.The office supplies...
EU Council and Parliament Reach Agreement on Cyber Resilience Act
The Cyber Resilience Act (CRA), the EU’s upcoming legislation to boost the security of digital products, is now only one...
Cybercriminals Escalate Microsoft Office Attacks By 53% in 2023
A recent cybersecurity report by Kaspersky has highlighted a 53% surge in daily cyber-threats targeting Microsoft Office during 2023. The report...
Clever Malvertising Attack Uses Punycode To Look Like Legitimate Website
Threat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a...
Ransomware Review November 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Credit Card Skimming On The Rise For The Holiday Shopping Season
As we head into shopping season, customers aren’t the only ones getting excited. More online shopping means more opportunities for...
Malvertiser Copies Pc News Site To Deliver Infostealer
The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that...
Associated Press Espn Cbs Among Top Sites Serving Fake Virus Alerts
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one...
Atomic Stealer Distributed To Mac Users Via Fake Browser Updates
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious...
North Korea’s state hackers stole $3 billion in crypto since 2017
North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry...
New proxy malware targets Mac users through pirated software
Cybercriminals are targeting Mac users with a new proxy trojan malware bundled with popular, copyrighted macOS software being offered on...
Linux version of Qilin ransomware focuses on VMware ESXi
A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the...
US-CERT Vulnerability Summary for the Week of November 20, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 24.0.2 (and earlier) and 23.6 (and...
US-CERT Vulnerability Summary for the Week of November 20, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 24.0.2 (and earlier) and 23.6 (and...
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks
Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are...
US Health Dept urges hospitals to patch critical Citrix Bleed bug
The U.S. Department of Health and Human Services (HHS) warned hospitals this week to patch the critical 'Citrix Bleed' Netscaler...
US-CERT Vulnerability Summary for the Week of November 20, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoadobe -- after_effectsAdobe After Effects version 24.0.2 (and earlier) and 23.6 (and...
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
A Russian national has been found guilty in connection with his role in developing and deploying a malware known as...
