US-CERT Vulnerability Summary for the Week of March 27, 2023
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info grinnellplans -- grinnellplans A vulnerability...
News
Sorting Through Haystacks to Find CTI Needles
Clouded vision# CTI systems are confronted with some major issues ranging from the size of the collection networks to their...
FBI Cracks Down on Genesis Market: 119 Arrested in Cybercrime Crackdown
A coordinated international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of...
Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation’s Crown Jewels
Critical infrastructure attacks are a preferred target for cyber criminals. Here's why and what's being done to protect them. What...
Typhon info-stealing malware devs upgrade evasion capabilities
The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a...
New dark web market STYX focuses on financial fraud services
A new dark web marketplace called STYX launched earlier this year and appears to be on its way to becoming a...
Spain’s most dangerous and elusive hacker now in police custody
The police in Spain have arrested José Luis Huertas (aka "Alcaseca", "Mango", “chimichuri”), a 19-year-old regarded as the most dangerous...
Hackers can open Nexx garage doors remotely, and there’s no fix
Multiple vulnerabilities discovered Nexx smart devices can be exploited to control garage doors, disable home alarms, or smart plugs. There are...
Biometric Authentication Isn’t Bulletproof —Here’s How to Secure It
Biometric authentication is often thought of as nearly impossible to steal or fake, a perfect addition to your cybersecurity arsenal....
Sorting Through Haystacks to Find CTI Needles
Clouded vision# CTI systems are confronted with some major issues ranging from the size of the collection networks to their...
Google Mandates Android Apps to Offer Easy Account Deletion In-App and Online
Google is enacting a new data deletion policy for Android apps that allow account creation to also offer users with...
US-CERT Vulnerability Summary for the Week of March 27, 2023
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info grinnellplans -- grinnellplans A vulnerability...
Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks
A North Korean government-backed threat actor has been linked to attacks targeting government and military personnel, think tanks, policy makers,...
Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks
An unknown threat actor used a malicious self-extracting archive (SFX) file in an attempt to establish persistent backdoor access to...
Sorting Through Haystacks to Find CTI Needles
Clouded vision# CTI systems are confronted with some major issues ranging from the size of the collection networks to their...
CryptoClippy: New Clipper Malware Targeting Portuguese Cryptocurrency Users
Portuguese users are being targeted by a new malware codenamed CryptoClippy that's capable of stealing cryptocurrency as part of a...
Typhon Reborn Stealer Malware Resurfaces with Advanced Evasion Techniques
The threat actor behind the information-stealing malware known as Typhon Reborn has resurfaced with an updated version (V2) that packs...
Protect Your Company: Ransomware Prevention Made Easy
Every year hundreds of millions of malware attacks occur worldwide, and every year businesses deal with the impact of viruses,...
Sorting Through Haystacks to Find CTI Needles
Clouded vision# CTI systems are confronted with some major issues ranging from the size of the collection networks to their...
FBI seizes stolen credentials market Genesis in Operation Cookie Monster
The domains for Genesis Market, one of the most popular marketplaces for stolen credentials of all types, were seized by...
HP to patch critical bug in LaserJet printers within 90 days
HP announced in a security bulletin this week that it would take up to 90 days to patch a critical-severity...
IRS-authorized eFile.com tax return software caught serving JS malware
eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript...
ALPHV ransomware exploits Veritas Backup Exec bugs for initial access
An ALPHV/BlackCat ransomware affiliate was observed exploiting three vulnerabilities impacting the Veritas Backup product for initial access to the target network. The...
New Rorschach ransomware is the fastest encryptor seen so far
Following a cyberattack on a U.S.-based company, malware researchers discovered what appears to be a new ransomware strain with "technically unique features,"...
