New PHP Version of Ducktail info-stealer hijacks Facebook Business accounts
Experts spotted a PHP version of an information-stealing malware called Ducktail spread as cracked installers for legitimate apps and games. Zscaler researchers...
News
Palo Alto Networks fixed a high-severity auth bypass flaw in PAN-OS
Palo Alto Networks addressed a high-severity authentication bypass vulnerability affecting the PAN-OS 8.1 software. Palo Alto Networks released security patches...
Indian power generation giant Tata Power hit by a cyber attack
Tata Power Company Limited, India’s largest power generation company, announced it was hit by a cyberattack. Tata Power on Friday announced...
Experts disclose technical details of now-patched CVE-2022-37969 Windows Zero-Day
Researchers disclosed details of a now-patched flaw, tracked as CVE-2022-37969, in Windows Common Log File System (CLFS). The CVE-2022-37969 (CVSS score:...
WIP19, a new Chinese APT targets IT Service Providers and Telcos
Chinese-speaking threat actor, tracked as WIP19, is targeting telecommunications and IT service providers in the Middle East and Asia. SentinelOne researchers...
Experts released PoC exploit code for critical bug CVE-2022-40684 in Fortinet products
Experts released the PoC exploit code for the authentication bypass flaw CVE-2022-40684 in FortiGate firewalls and FortiProxy web proxies. A...
DJI drone tracking data exposed in the US
Over 80,000 drone IDs were exposed in the leak of a database containing information from airspace monitoring devices manufactured by...
Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)
Overview On September 10, 2022, a user reported on Zimbra’s official forums that their team detected a security incident originating...
China-linked Budworm APT returns to target a US entity
The Budworm espionage group resurfaced targeting a U.S.-based organization for the first time, Symantec Threat Hunter team reported. The Budworm cyber...
Prevent Ransomware Attacks on Critical Infrastructure
Cyberattacks against critical infrastructure can cause massive societal disruption and take an enormous financial toll. Discover how to protect six...
Oil and Gas Cybersecurity: Trends & Response to Survey
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper...
Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server
Cloudflare mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers. Cloudflare announced it has...
The discovery of Alchimist C2 tool, revealed a new attack framework to target Windows, macOS, and Linux systems
Experts discovered a new attack framework, including a C2 tool dubbed Alchimist, used in attacks against Windows, macOS, and Linux...
POLONIUM APT targets Israel with a new custom backdoor dubbed PapaCreep
An APT group tracked as Polonium employed custom backdoors in attacks aimed at Israelian entities since at least September 2021....
YoWhatsApp, unofficial WhatsApp Android app spreads the Triada Trojan
Kaspersky researchers warn of a recently discovered malicious version of a popular WhatsApp messenger mod dubbed YoWhatsApp. Kaspersky researchers discovered...
Malicious WhatsApp mod distributed through legitimate apps
Last year, we wrote about the Triada Trojan inside FMWhatsApp, a modified WhatsApp build. At that time, we discovered that...
Aruba fixes critical vulnerabilities in EdgeConnect Enterprise Orchestrator
Aruba addressed multiple critical severity vulnerabilities in the EdgeConnect Enterprise Orchestrator. Aruba addressed multiple critical severity vulnerabilities in the EdgeConnect...
Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to...
NCSC issues fresh guidance following recent rise in supply chain cyber attacks
N New cyber security guidance issued in response to growing trend in supply chain attacks GCHQ’s National Cyber Security Centre...
Microsoft Patch Tuesday for October 2022 doesn’t fix Exchange Server flaws
Microsoft Patch Tuesday security updates for October 2022 addressed a total of 85 security vulnerabilities, including an actively exploited zero-day. Microsoft...
VMware has yet to fix CVE-2021-22048 flaw in vCenter Server disclosed one year ago
VMware has yet to address the CVE-2021-22048 privilege escalation vulnerability in vCenter Server disclosed in November 2021. VMware warns customers...
LockBit affiliates compromise Microsoft Exchange servers to deploy ransomware
Lockbit ransomware affiliates are compromising Microsoft Exchange servers to deploy their ransomware, experts warn. South-Korean cybersecurity firm AhnLab reported that...
Enhance Cyber Defense with 2022 Cybersecurity Trends
Jon Clay, VP of Threat Intelligence, reviews cybersecurity trends from the first half of 2022 to help CISOs and security...
US-CERT Bulletin (SB22-284):Vulnerability Summary for the Week of October 3, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
