Experts observed Amadey malware deploying LockBit 3.0 Ransomware
Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems. Researchers from AhnLab Security Emergency...
News
Microsoft Patch Tuesday updates fix 6 actively exploited zero-days
Microsoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days. Microsoft Patch Tuesday updates for...
VMware fixes three critical flaws in Workspace ONE Assist
VMware address three critical bugs in the Workspace ONE Assist solution that allow remote attackers to bypass authentication and elevate...
DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework
This report provides defenders and security operations center teams with the technical details they need to know should they encounter...
Hybrid Cloud Management Security Tools
Explore hybrid cloud management security challenges, components, and tips to minimize your cyber risk. If you like the site, please...
Citrix ADC and Citrix Gateway are affected by a critical authentication bypass flaw
Citrix released security updates to address a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway. Citrix is urging...
SmokeLoader campaign distributes new Laplas Clipper malware
Researchers observed a SmokeLoader campaign that is distributing a new clipper malware dubbed Laplas Clipper that targets cryptocurrency users. Cyble...
Medibank confirms ransomware attack impacting 9.7M customers, but doesn’t pay the ransom
Australian health insurer Medibank confirmed that personal data belonging to around 9.7 million current and former customers were exposed as...
US DoJ seizes $3.36B Bitcoin from Silk Road hacker
The U.S. Department of Justice condemned James Zhong, a hacker who stole 50,000 bitcoins from the Silk Road dark net...
DDoS attacks in Q3 2022
News overview In Q3 2022, DDoS attacks were, more often than not, it seemed, politically motivated. As before, most news...
Are Containers Affected by OpenSSL Vulnerabilities?
Find out if your container-based applications are vulnerable to the new OpenSSL vulnerabilities and the recommendations to help ensure you...
US-CERT Bulletin (SB22-311):Vulnerability Summary for the Week of October 31, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
‘Justice Blade’ Hackers are Targeting Saudi Arabia
Threats actors calling themselves “Justice Blade” published leaked data from an outsourcing IT vendor. The group of threat actors calling...
Robin Banks phishing-as-a-service platform continues to evolve
The phishing-as-a-service (PhaaS) platform Robin Banks migrated its infrastructure to DDoS-Guard, a Russian bulletproof hosting service. The phishing-as-a-service (PhaaS) platform Robin...
Water sector in the US and Israel still unprepared to defeat cyber attacks
Expert warns that the US and Israel are still unprepared to defeat a cyber attack against organizations in the water...
UK NCSC govt agency is scanning the Internet for flawed devices in the UK
The UK National Cyber Security Centre (NCSC) announced that is scanning all Internet-exposed devices hosted in the UK for vulnerabilities....
Abusing Microsoft Dynamics 365 Customer Voice in phishing attacks
Researchers uncovered a campaign abusing Microsoft Dynamics 365 customer voice to steal credentials from the victims. Microsoft’s Dynamics 365 Customer...
LockBit 3.0 gang claims to have stolen data from Kearney & Company
The ransomware group LockBit claimed to have stolen data from consulting and IT services provider Kearney & Company. Kearney is...
A cyberattack blocked the trains in Denmark
At the end of October, a cyber attack caused the trains to stop in Denmark, the attack hit a third-party...
Security Affairs newsletter Round 392
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
29 malicious PyPI packages spotted delivering the W4SP Stealer
Cybersecurity researchers discovered 29 malicious PyPI packages delivering the W4SP stealer to developers’ systems. Cybersecurity researchers have discovered 29 packages...
Zero-day are exploited on a massive scale in increasingly shorter timeframes
Microsoft warns of an uptick among threat actors increasingly using publicly-disclosed zero-day exploits in their attacks. According to the Digital...
Guide to Better Threat Detection and Response
50% of teams in a Trend Micro global study said they’re overwhelmed by the number of alerts surfaced by disconnected...
