Counterfeit versions of popular mobile devices target WhatsApp and WhatsApp Business
Experts found backdoors in budget Android device models designed to target WhatsApp and WhatsApp Business messaging apps. Researchers from Doctor...
News
Lockbit leak sites hit by mysterious DDoS attack after Entrust hack
LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. Entrust Corp., provides...
US-CERT Bulletin (SB22-234):Vulnerability Summary for the Week of August 15, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
European Cybersecurity in Context: A Policy-Oriented Comparative Analysis
I’m proud to have contributed to the “European Cybersecurity in Context: A Policy-Oriented Comparative Analysis“ Worldwide connectivity has unleashed global...
8-year-old Linux Kernel flaw DirtyCred is nasty as Dirty Pipe
Researchers shared details of an eight-year-old flaw dubbed DirtyCred, defined as nasty as Dirty Pipe, in the Linux kernel. Researchers...
Group-IB CEO will remain in jail – complaint denied
On August 18, a Russian judge decided that Ilya Sachkov, founder and CEO of the Russian-led Group-IB, will remain in...
Escanor Malware delivered in Weaponized Microsoft Office Documents
Researchers spotted a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram called Escanor Resecurity, a Los Angeles-based...
Donot Team cyberespionage group updates its Windows malware framework
The Donot Team threat actor, aka APT-C-35, has added new capabilities to its Jaca Windows malware framework. The Donot Team has been active since...
Fake DDoS protection pages on compromised WordPress sites lead to malware infections
Threat actors compromise WordPress sites to display fake Cloudflare DDoS protection pages to distribute malware. DDoS Protection pages are associated with...
Threat actors are stealing funds from General Bytes Bitcoin ATM
Threat actors have exploited a zero-day vulnerability in the General Bytes Bitcoin ATM servers to steal BTC from multiple customers....
Grandoreiro banking malware targets Mexico and Spain
A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a...
White hat hackers broadcasted talks and hacker movies through a decommissioned satellite
Hackers took control of a decommissioned satellite and broadcasted hacking conference talks and hacker movies. During the latest edition of...
Security Affairs newsletter Round 380
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
CISA added 7 new flaws to its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 7 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity...
TA558 cybercrime group targets hospitality and travel orgs
TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America Researchers from Proofpoint...
Russia-linked Cozy Bear uses evasive techniques to target Microsoft 365 users
Russia-linked APT group Cozy Bear continues to target Microsoft 365 accounts in NATO countries for cyberespionage purposes. Mandiant researchers reported...
CISA added SAP flaw to its Known Exploited Vulnerabilities Catalog
US CISA added a critical SAP flaw to its Known Exploited Vulnerabilities Catalog after its details were disclosed at the...
A flaw in Amazon Ring could expose user’s camera recordings
Amazon addressed a high-severity flaw in its Ring app for Android that could have exposed sensitive information and camera recordings....
Cisco fixes High-Severity bug in Secure Web Appliance
Cisco addressed a high-severity escalation of privilege vulnerability (CVE-2022-20871) in AsyncOS for Cisco Secure Web Appliance. Cisco Secure Web Appliance (formerly Secure Web Appliance (WSA)) offers protection from...
Bumblebee attacks, from initial access to the compromise of Active Directory Services
Threat actors are using the Bumblebee loader to compromise Active Directory services as part of post-exploitation activities. The Cybereason Global Security...
Estonia blocked cyberattacks claimed by Pro-Russia Killnet group
Estonia announced to have blocked a wave of cyber attacks conducted by Russian hackers against local institutions. Undersecretary for Digital...
Safari 15.6.1 addresses a zero-day flaw actively exploited in the wild
Apple released Safari 15.6.1 for macOS Big Sur and Catalina to address a zero-day vulnerability actively exploited in the wild....
Business Email Compromise Attack Tactics
Is BEC more damaging than ransomware? What tactics are BEC actors using? How can organizations bolster their defenses? Jon Clay,...
Google blocked the largest Layer 7 DDoS reported to date
Google announced to have blocked the largest ever HTTPs DDoS attack, which reached 46 million requests per second (RPS). Google...
