US Gov warns of BEC attacks to hijack shipments of food products
US government is warning of business email compromise (BEC) attacks aimed at hijacking shipments of food products and ingredients. The...
News
Glupteba botnet is back after Google disrupted it in December 2021
The Glupteba botnet is back, researchers reported a surge in infection worldwide after Google disrupted its operation in 2021. In...
Security Affairs newsletter Round 398 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Google announced end-to-end encryption for Gmail web
Google introduces end-to-end encryption for Gmail web to its Workspace and education customers to protect emails sent using the web...
Fire and rescue service in Victoria, Australia, confirms cyber attack
The fire and rescue service in the state of Victoria, Australia, has shut down its network and turned to operating...
Samba addressed multiple high-severity vulnerabilities
Samba released updates to address multiple vulnerabilities that can be exploited to take control of impacted systems. Samba released updates...
Agenda Ransomware Uses Rust to Target More Vital Industries
This year, various ransomware-as-a-service groups have developed versions of their ransomware in Rust, including Agenda. Agenda's Rust variant has targeted...
Former Twitter employee sentenced to 3.5 years in jail for spying on behalf of Saudi Arabia
An ex Twitter employee has been sentenced to three-and-a-half years in prison for spying on individuals on behalf of Saudi...
Social Blade discloses security breach
Social media analytics service Social Blade disclosed a security breach after a database containing allegedly stolen data from the company...
Data of 5.7M Gemini users available for sale on hacking forums
Gemini crypto exchange warns users of an ongoing phishing campaign after a third-party vendor suffered a security breach. Gemini crypto...
CISA adds Veeam Backup and Replication bugs to Known Exploited Vulnerabilities Catalog
US CISA added two vulnerabilities impacting Veeam Backup & Replication software to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure...
MCCrash botnet targets private Minecraft servers, Microsoft warns
Microsoft announced that a botnet dubbed MCCrash is launching distributed denial-of-service (DDoS) attacks against private Minecraft servers. Microsoft spotted a...
Microsoft revised CVE-2022-37958 severity due to its broader scope
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022....
Ransomware Business Models: Future Pivots and Trends
Ransomware groups and their business models are expected to change from what and how we know it to date. In...
Trend Joining App Defense Alliance Announced by Google
Trend Micro’s participation in Google’s App Defense Alliance will ensure the security of customers by preventing malicious apps from being...
Managing Cyber Risk in 2023: The People Element
Explore the latest findings from Trend Micro’s Cyber Risk Index (1H’2022) and discover how to enhance cybersecurity risk management across...
Chinese MirrorFace APT group targets Japanese political entities
A Chinese-speaking APT group, tracked as MirrorFace, is behind a spear-phishing campaign targeting Japanese political entities. ESET researchers recently discovered a...
Database of the FBI’s InfraGard US Critical Infrastructure Intelligence portal available for sale
The portal of the FBI’s InfraGard US Critical Infrastructure Intelligence was hacked, and data is available for sale on a...
FBI seized 48 domains linked to DDoS-for-Hire service platforms
The U.S. Department of Justice (DoJ) seized forty-eight domains that offered DDoS-for-Hire Service Platforms to crooks. The U.S. Department of...
Crooks use HTML smuggling to spread QBot malware via SVG files
Talos researchers uncovered a phishing campaign distributing the QBot malware to Windows systems using SVG files. Talos researchers uncovered a...
Reassessing cyberwarfare. Lessons learned in 2022
At this point, it has become cliché to say that nothing in 2022 turned out the way we expected. We...
Probing Weaponized Chat Applications Abused in Supply-Chain Attacks
This report examines the infection chain and the pieces of malware used by malicious actors in supply-chain attacks that leveraged...
GoTrim botnet actively brute forces WordPress and OpenCart sites
Researchers discovered a new Go-based botnet, dubbed GoTrim, attempting to brute force WordPress websites. Fortinet FortiGuard Labs researchers spotted a...
December 2022 Patch Tuesday fixed 2 zero-day flaws
Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. Microsoft December 2022 Patch Tuesday security updates...
