Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer
Threat actors are using the Rig Exploit Kit to spread the Dridex banking trojan instead of the Raccoon Stealer malware....
News
Flagstar Bank discloses a data breach that impacted 1.5 Million individuals
US Flagstar Bank disclosed a data breach that exposed files containing the personal information of 1.5 million individuals. US-based Flagstar...
APT ToddyCat
ToddyCat is a relatively new APT actor that we have not been able to relate to other known actors, responsible...
US-CERT Bulletin (SB22-171):Vulnerability Summary for the Week of June 13, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New ToddyCat APT targets high-profile entities in Europe and Asia
Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia...
New DFSCoerce NTLM relay attack allows taking control over Windows domains
Experts discovered a new kind of Windows NTLM relay attack dubbed DFSCoerce that allows taking control over a Windows domain. Researchers warn...
You can be tracked online using your Chrome browser extensions
A researcher has found a way to generate a fingerprint of your device from your installed Google Chrome extensions, and...
Cybercriminals Use Azure Front Door in Phishing Attacks
Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft....
DDoS-for-hire service provider jailed
Matthew Gatrel, a 33-year-old man from St. Charles, Illinois, has been sentenced to two years in prison for running websites...
Cloudflare Outage
Major CDN provider Cloudflare has had a terrible time today with a major outage! Many major websites, including some huge...
‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace
Introduction When reports of a cyberattack appear in the headlines, questions abound regarding who launched it and why. Even if...
Russian APT28 hacker accused of the NATO think tank hack in Germany
The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for...
Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild
Google Project Zero experts disclosed details of a 5-Year-Old Apple Safari flaw actively exploited in the wild. Researchers from the...
Security Affairs newsletter Round 370 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Cisco will not address critical RCE in end-of-life Small Business RV routers
Cisco announced that it will not release updates to fix the CVE-2022-20825 flaw in end-of-life Small Business RV routers. Cisco...
BRATA Android Malware evolves and targets the UK, Spain, and Italy
The developers behind the BRATA Android malware have implemented additional features to avoid detection. The operators behind the BRATA Android malware have implemented...
Critical flaw in Ninja Forms WordPress Plugin actively exploited in the wild
A critical vulnerability in Ninja Forms plugin potentially impacted more than one million WordPress websites In middle June, the Wordfence...
Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS
Experts warn of a new ech0raix ransomware campaign targeting QNAP Network Attached Storage (NAS) devices. Bleeping Computer and MalwareHunterTeam researchers,...
US DoJ announced to have shut down the Russian RSOCKS Botnet
The U.S. Department of Justice (DoJ) announced to have shut down the infrastructure associated with the Russian botnet RSOCKS. The...
MaliBot Android Banking Trojan targets Spain and Italy
Malibot is a new Android malware targeting online banking and cryptocurrency wallet customers in Spain and Italy. F5 Labs researchers...
Chinese DriftingCloud APT exploited Sophos Firewall Zero-Day before it was fixed
China-linked threat actors exploited the zero-day flaw CVE-2022-1040 in Sophos Firewall weeks before it was fixed by the security vendor....
Websites Hosting Fake Cracks Spread Updated CopperStealer Malware
We found updated samples of the CopperStealer malware infecting systems via websites hosting fake software. If you like the site,...
Security 101: Cloud-native Virtual Patching
Learn about the challenges faced when implementing a vulnerability and patch management policy and how does cloud-native virtual patching can...
State of OT Security in 2022: Big Survey Key Insights
Learn about the state of OT Security in 2022 by reading the key insights found through surveying more than 900...
