US-CERT Bulletin (SB22-325):Vulnerability Summary for the Week of November 14, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
News
Researcher warns that Cisco Secure Email Gateways can easily be circumvented
A researcher revealed how to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using...
Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem
Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer...
Two Estonian citizens arrested in $575M cryptocurrency fraud scheme
Two Estonian citizens were arrested in Tallinn for allegedly running a $575 million cryptocurrency fraud scheme. Two Estonian nationals were...
Emotet is back and delivers payloads like IcedID and Bumblebee
The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Proofpoint...
Expert published PoC exploit code for macOS sandbox escape flaw
A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Reguła...
Google won a lawsuit against the Glupteba botnet operators
Google won a lawsuit filed against two Russian nationals involved in the operations of the Glupteba botnet. This week, Google...
Google provides rules to detect tens of cracked versions of Cobalt Strike
Researchers at Google Cloud identified 34 different hacked release versions of the Cobalt Strike tool in the wild. Cobalt Strike...
Octocrypt, Alice, and AXLocker Ransomware, new threats in the wild
Experts from Cyble Research and Intelligence Labs (CRIL) discovered three new ransomware families: AXLocker, Octocrypt, and Alice Ransomware. Threat intelligence...
Security Affairs newsletter Round 394
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online
Proof-of-concept exploit code for two actively exploited Microsoft Exchange ProxyNotShell flaws released online. Proof-of-concept exploit code has been released online...
DEV-0569 group uses Google Ads to distribute Royal Ransomware
Microsoft warns that a threat actor, tracked as DEV-0569, is using Google Ads to distribute the recently discovered Royal ransomware....
Black Friday and Cyber Monday, crooks are already at work
Every year during Black Friday and Cyber Monday, crooks take advantage of the bad habits of users with fraudulent schema....
New improved versions of LodaRAT spotted in the wild
Cisco Talos spotted multiple updated versions of LodaRAT that were deployed alongside other malware families, including RedLine and Neshta. Researchers...
IT threat evolution in Q3 2022. Non-mobile statistics
IT threat evolution in Q3 2022 IT threat evolution in Q3 2022. Non-mobile statistics IT threat evolution in Q3 2022. Mobile statistics These...
IT threat evolution in Q3 2022. Mobile statistics
IT threat evolution in Q3 2022 IT threat evolution in Q3 2022. Non-mobile statistics IT threat evolution in Q3 2022. Mobile statistics These...
IT threat evolution Q3 2022
IT threat evolution in Q3 2022 IT threat evolution in Q3 2022. Non-mobile statistics IT threat evolution in Q3 2022. Mobile statistics Targeted...
Earth Preta Spear-Phishing Governments Worldwide
We break down the cyberespionage activities of advanced persistent threat (APT) group Earth Preta, observed in large-scale attack deployments that...
Atlassian fixed 2 critical flaws in Crowd and Bitbucket products
Atlassian addressed this week two critical vulnerabilities impacting its Crowd and Bitbucket products. Atlassian announced the release of security updates...
Hive Ransomware extorted over $100M in ransom payments from over 1,300 companies
Hive ransomware operators have extorted over $100 million in ransom payments from over 1,300 companies worldwide as of November 2022....
Ongoing supply chain attack targets Python developers with WASP Stealer
A threat actor tracked as WASP is behind an ongoing supply chain attack targeting Python developers with the WASP Stealer....
China-based Fangxiao group behind a long-running phishing campaign
A China-based financially motivated group, tracked as Fangxiao, is behind a large-scale phishing campaign dating back as far as 2019. Researchers...
Two public schools in Michigan hit by a ransomware attack
Public schools in two Michigan counties were forced to halt their activities, including the lessons, after a ransomware attack. ...
Email Security Best Practices for Phishing Prevention
Trend Micro Research reported a 137.6% growth in phishing attacks blocked and detected in 2021. Explore the latest phishing trends...
