Email Security Best Practices for Phishing Prevention
Trend Micro Research reported a 137.6% growth in phishing attacks blocked and detected in 2021. Explore the latest phishing trends...
News
Global Cyber Risk at Elevated Level
North America Least Prepared for Cyberattacks If you like the site, please consider joining the telegram channel or supporting us...
Magento and Adobe Commerce websites under attack
Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022,...
Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police
A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last...
Iran-linked threat actors compromise US Federal Network
Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. According...
Will Cloud-Native Network Security Oust Firewalls?
Security threats have already begun to outpace cloud firewalls. It’s a fact. But organizations exploring new cloud-native solution find themselves...
Electricity/Energy Cybersecurity: Trends & Survey Response
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper...
Pilfered Keys: Free App Infected by Malware Steals Keychain Data
Open-source applications are a practical way to save money while keeping up with your productivity. However, this can be abused...
Complete Guide to Protecting 7 Attack Vectors
The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews 7 key initial...
F5 fixed 2 high-severity Remote Code Execution bugs in its products
Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products. Rapid7 researchers discovered...
Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs
North Korea-linked Lazarus APT is using a new version of the DTrack backdoor in attacks aimed at organizations in Europe...
New RapperBot Campaign targets game servers with DDoS attacks
Fortinet researchers discovered new samples of RapperBot used to build a botnet to launch Distributed DDoS attacks against game servers....
Beginning 2023 Google plans to rollout the initial Privacy Sandbox Beta
Google announced it will roll out the Privacy Sandbox system for Android in beta to a limited number of Android...
DTrack activity targeting Europe and Latin America
Introduction DTrack is a backdoor used by the Lazarus group. Initially discovered in 2019, the backdoor remains in use three...
Happy birthday Security Affairs … 11 years together!
Happy BirthDay Security Affairs! Eleven years together! I launched Security Affairs for passion in November 2011 and since then the...
Experts found critical RCE in Spotify’s Backstage
Researchers discovered a critical vulnerability impacting Spotify’s Backstage Software Catalog and Developer Platform. Researchers from the security firm Oxeye discovered...
US-CERT Bulletin (SB22-318):Vulnerability Summary for the Week of November 7, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Experts revealed details of critical SQLi and access issues in Zendesk Explore
Researchers disclosed technical details of critical SQLi and access vulnerabilities in the Zendesk Explore Service. Cybersecurity researchers at Varonis disclosed...
China-linked APT Billbug breached a certificate authority in Asia
A suspected China-linked APT group breached a digital certificate authority in Asia as part of a campaign aimed at government...
Google to Pay a record $391M fine for misleading users about the collection of location data
Google is going to pay $391.5 million to settle with 40 states in the U.S. for secretly collecting personal location...
Previously undetected Earth Longzhi APT group is a subgroup of APT41
Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. Early this...
Avast details Worok espionage group’s compromise chain
Cyber espionage group Worok abuses Dropbox API to exfiltrate data via using a backdoor hidden in apparently innocuous image files. Researchers...
Advanced threat predictions for 2023
It is fair to say that since last year’s predictions, the world has dramatically changed. While the geopolitical landscape has...
Massive Black hat SEO campaign used +15K WordPress sites
Experts warn of a malicious SEO campaign that has compromised over 15,000 WordPress websites to redirect visitors to fake Q&A portals....
