Massive AdSense Fraud Campaign Uncovered – 10,000+ WordPress Sites Infected
The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70...
News
US-CERT Bulletin (SB23-045):Vulnerability Summary for the Week of February 6, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
After the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released a decryptor for affected victims to recover from ESXiArgs...
CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog,...
Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users
Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities...
Hackers Targeting U.S. and German Firms Monitor Victims’ Desktops with Screenshotter
A previously unknown threat actor has been targeting companies in the U.S. and Germany with bespoke malware designed to...
Chinese Tonto Team Hackers’ Second Attempt to Target Cybersecurity Firm Group-IB Fails
The advanced persistent threat (APT) actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB...
Patch Now: Apple’s iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw
Apple on Monday rolled out security updates for iOS, iPadOS, macOS, and Safari to address a zero-day flaw that it...
Honeypot-Factory: The Use of Deception in ICS/OT Environments
There have been a number of reports of attacks on industrial control systems (ICS) in the past few years. Looking...
Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players’ Systems
An unknown threat actor created malicious game modes for the Dota 2 multiplayer online battle arena (MOBA) video game...
Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second
Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over...
US-CERT Bulletin (SB23-037):Vulnerability Summary for the Week of January 30, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Ransomware review: February 2023
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their...
Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility
Cybersecurity researchers have disclosed details of two security flaws in the open source ImageMagick software that could potentially lead...
New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers
At least 1,200 Redis database servers worldwide have been corralled into a botnet using an "elusive and severe threat"...
North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign
A new intelligence gathering campaign linked to the prolific North Korean state-sponsored Lazarus Group leveraged known security flaws in...
Experts Warn of ‘Ice Breaker’ Cyberattacks Targeting Gaming and Gambling Industry
A new attack campaign has been targeting the gaming and gambling sectors since at least September 2022, just as...
New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities
The State Cyber Protection Centre (SCPC) of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon...
CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its Known Exploited...
Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability
Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server and Data Center that...
Cybersecurity Budgets Are Going Up. So Why Aren’t Breaches Going Down?
Over the past few years, cybersecurity has become a major concern for businesses around the globe. With the total cost...
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary code...
Ransomware in December 2022
Malwarebytes Threat Intelligence builds a monthly picture of ransomware activity by monitoring the information published by ransomware gangs on their...
US-CERT Bulletin (SB23-030):Vulnerability Summary for the Week of January 23, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
