Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit
We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot...
News
DevOps vs SRE: Differences & Similarities
While DevOps and site reliability engineering teams often work together and have shared goals, there are important distinctions between the...
Experts blame North Korea-linked Lazarus APT for the Harmony hack
North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat...
Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker
A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former...
YTStealer info-stealing malware targets YouTube content creators
Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new...
How to Present Cloud Risk to the Board
Trend Micro Security Researcher, Erin Sindelar, breaks down three popular types of cloud risk assessments to help CISOs and security...
Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers
Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers....
Mitre shared 2022 CWE Top 25 most dangerous software weaknesses
The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top...
Brave Search wants to replace Google’s biased search results with yours
Brave Search, Brave Software’s privacy search engine, just turned one. To celebrate, the company says it is moving the search...
City worker loses USB stick containing data on every resident after day of drinking
A person working in the city of Amagasaki, in Western Japan, has mislaid a USB stick which contained data on...
Hermit spyware is deployed with the help of a victim’s ISP
Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful...
RansomHouse gang claims to have stolen 450GB of data from chip maker giant AMD
The RansomHouse gang claims to have breached the Chipmaker giant AMD and stole 450 GB of data from the company...
NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE
This paper provides a taxonomic classification of non-state actors in the cyberspace, analyzing their role and impact on a state’s...
Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware
We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these...
LockBit 3.0 introduces important novelties, including a bug bounty program
The LockBit ransomware operators released LockBit 3.0 with important novelties, including a bug bounty program and Zcash payments. The Lockbit...
Latest OpenSSL version is affected by a remote memory corruption flaw
Expert discovered a remote memory-corruption vulnerability affecting the latest version of the OpenSSL library. Security expert Guido Vranken discovered a...
You only have nine months to ditch Exchange Server 2013
Microsoft has posted a reminder that Exchange Server 2013 reaches End of Support (EoS) on April 11, 2023. That’s a...
Two critical flaws affect CODESYS ICS Automation Software
CODESYS addressed 11 security flaws in the ICS Automation Software that could lead to information disclosure and trigger a denial-of-service...
Conti vs. LockBit: A Comparative Analysis of Ransomware Groups
We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will...
US-CERT Bulletin (SB22-178):Vulnerability Summary for the Week of June 20, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
The government of Lithuania confirmed it had been hit by an intense cyberattack
Lithuania confirmed it had been hit by an “intense” cyberattack, after Vilnius imposed restrictions on the rail transit of certain...
New Matanbuchus Campaign drops Cobalt Strike beacons
Matanbuchus malware-as-a-service (Maas) has been observed spreading through phishing campaigns, dropping Cobalt Strike beacons. Threat intelligence firm Cyble has observed a...
Cyberattack halted the production at the Iranian state-owned Khuzestan Steel company
Iranian state-owned Khuzestan Steel Company was hit by a cyber attack that forced the company to halt its production. The Khuzestan Steel...
Ukrainian telecommunications operators hit by DarkCrystal RAT malware
The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team...
