Microsoft Teams phishing attack pushes DarkGate malware
A new phishing campaign is abusing Microsoft Teams messages to send malicious attachments that install the DarkGate Loader malware. The...
News
US-CERT Vulnerability Summary for the Week of August 28, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoearcms -- ear_appAn issue found in Earcms Ear App v.20181124 allows a...
Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that's designed to harvest sensitive...
Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks
A legitimate Windows tool used for creating software packages called Advanced Installer is being abused by threat actors to drop...
Notepad++ 8.5.7 released with fixes for four security vulnerabilities
Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to...
Cisco warns of VPN zero-day exploited by ransomware gangs
Cisco is warning of a CVE-2023-20269 zero-day vulnerability in its Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense...
The Week in Ransomware – September 8th 2023 – Conti Indictments
It started as a slow ransomware news week but slowly picked up pace with the Department of Justice announcing indictments...
Ragnar Locker claims attack on Israel’s Mayanei Hayeshua hospital
The Ragnar Locker ransomware gang has claimed responsibility for an attack on Israel's Mayanei Hayeshua hospital, threatening to leak 1...
Dymocks Booksellers suffers data breach impacting 836k customers
Dymocks Booksellers is warning customers their personal information was exposed in a data breach after the company's database was shared...
Regulator to Investigate Fertility App Security Concerns
The UK’s data protection regulator is set to review how period and fertility tracking applications process user information, after revealing...
CISA Adds Critical RocketMQ Bug to Must-Patch List
The US government has ordered all federal civilian agencies to patch a critical vulnerability in Apache RocketMQ, which is currently...
Apple Patches Two Zero-Days Exploited in Pegasus Attacks
Apple has patched two critical zero-day vulnerabilities exploited in the wild to deliver eavesdropping malware from a notorious commercial spyware...
Google TAG Exposes North Korean Campaign Targeting Researchers
Google’s Threat Analysis Group (TAG) has shed light on a cyber campaign originating from North Korea, targeting security researchers engaged...
China Unleashes AI-Powered Image Generation For Influence Operations
China has unveiled a new cyber capability powered by artificial intelligence, enabling the automatic generation of images for influence operations....
Cyber-criminals Exploit GPUs in Graphic Design Software
Security researchers at Cisco Talos have uncovered a scheme that preys on graphic designers and 3D modelers. Cyber-criminals are using...
Russian Man Handed Nine-Year Sentence for Hacking Scheme
A US court has sentenced a Russian businessman to nine years in prison for an elaborate corporate hacking scheme that...
U.K. and U.S. Sanction 11 Russia-based Trickbot Cybercrime Gang Members
The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based...
US-CERT Vulnerability Summary for the Week of August 28, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoearcms -- ear_appAn issue found in Earcms Ear App v.20181124 allows a...
Cisco Issues Urgent Fix for Authentication Bypass Bug Affecting BroadWorks Platform
Cisco has released security fixes to address multiple security flaws, including a critical bug, that could be exploited by a...
CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in...
Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones
Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have...
Protecting Your Microsoft IIS Servers Against Malware Attacks
Microsoft Internet Information Services (IIS) is a web server software package designed for Windows Server. Organizations commonly use Microsoft IIS...
North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers
Threat actors associated with North Korea are continuing to target the cybersecurity community using a zero-day bug in unspecified software...
The Initial Access Broker Economy: A Deep Dive into Dark Web Hacking Forums
How much does it cost to buy hacked domain administrator access to a Fortune 500 U.S.chemical manufacturer? More than a...