Nitrokod crypto miner infected systems across 11 countries since 2019
Researchers spotted a Turkish-based crypto miner malware campaign, tracked as Nitrokod, which infected systems across 11 countries. Check Point researchers...
News
CISA adds 10 new flaws to its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 10 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity...
Scammers used a deepfake AI hologram of Binance executive to scam crypto projects
Scammers used a deepfake AI hologram of the Binance chief communications officer for fraudulent activities. Patrick Hillmann, chief communications officer...
COVID-19 data put for sale on Dark Web
Researchers discovered leaked PII stolen from Thailand’s Department of Medical Sciences containing information about citizens with COVID-19. Resecurity, a California-based...
Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit
Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an...
Experts warn of the first known phishing attack against PyPI
The Python Package Index (PyPI) warns of an ongoing phishing campaign to steal developer credentials and distribute malicious updates. The...
Security Affairs newsletter Round 381
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
New Agenda Ransomware appears in the threat landscape
Trend Micro researchers warn of a new ransomware family called Agenda, which has been used in attacks on organizations in...
Twilio hackers also breached the food delivery firm DoorDash
Twilio hackers also compromised the food delivery firm DoorDash, the attackers had access to company data, including customer and employee...
Unprecedented cyber attack hit State Infrastructure of Montenegro
The state Infrastructure of Montenegro was hit by a massive and “unprecedented” cyber attack, authorities announced. An unprecedented cyber attack...
Threat actor abuses Genshin Impact Anti-Cheat driver to disable antivirus
Threat actors abused a vulnerable anti-cheat driver for the Genshin Impact video game to disable antivirus software. Threat actors abused...
Critical flaw impacts Atlassian Bitbucket Server and Data Center
Atlassian addressed a critical vulnerability in Bitbucket Server and Data Center that could lead to malicious code execution on vulnerable instances. Atlassian...
Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access
An Iran-linked Mercury APT group exploited the Log4Shell vulnerability in SysAid applications for initial access to the targeted organizations. The Log4Shell...
GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique
The North Korea-linked Kimsuky APT is behind a new campaign, tracked as GoldDragon, targeting political and diplomatic entities in South...
0ktapus phishing campaign: Twilio hackers targeted other 136 organizations
The threat actors behind Twilio and Cloudflare attacks have been linked to a phishing campaign that targeted other 136 organizations. The threat actors...
LastPass data breach: threat actors stole a portion of source code
Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. Password...
ZTNA vs VPN: Secure Remote Work & Access – SASE Part 2
Explore the drivers behind switching from VPN to Zero Trust Network Access (ZTNA) for any device access from anywhere. If...
Unlocking Serverless with AWS Lambda and IAM
Learn how Lambda and IAM unlock the power and versatility of the cloud by implementing a serverless User API that...
New Golang Ransomware Agenda Customizes Attacks
A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and...
LastPass Security Alert Compromised Development Area
LastPass have released the below statement regarding a compromise to the development environment. Dear valued customer,We are writing to inform...
Nobelium APT uses new Post-Compromise malware MagicWeb
Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered...
GAIROSCOPE attack allows to exfiltrate data from Air-Gapped systems via ultrasonic tones
GAIROSCOPE: An Israeli researcher demonstrated how to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The popular...
Threat actors are using the Tox P2P messenger as C2 server
Threat actors are using the Tox peer-to-peer instant messaging service as a command-and-control server, Uptycs researchers reported. Tox is a...
Kimsuky’s GoldDragon cluster and its C2 operations
Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related...
