Gootkit AaaS malware is still active and uses updated tactics
Gootkit access-as-a-service (AaaS) malware is back with tactics and fileless delivery of Cobalt Strike beacons. Gootkit runs on an access-a-as-a-service model, it...
News
Austria investigates DSIRF firm for allegedly developing Subzero spyware
Austria is investigating a report that an Austrian firm DSIRF developed spyware targeting law firms, banks and consultancies. At the...
ALPHV/BlackCat ransomware gang claims to have stolen data from Creos Luxembourg S.A.
The ALPHV/BlackCat ransomware gang claims to have breached the European gas pipeline Creos Luxembourg S.A. The ALPHV/BlackCat ransomware gang claims...
Australian man charged with creating and selling the Imminent Monitor spyware
An Australian national has been charged for the creation and sale of the Imminent Monitor (IM) spyware, which was also used...
A flaw in Dahua IP Cameras allows full take over of the devices
A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The CVE-2022-30563...
US Federal Communications Commission (FCC) warns of the rise of smishing attacks
The Federal Communications Commission (FCC) warned Americans of the rising threat of smishing (robotexts) attacks. The Federal Communications Commission (FCC)...
Threat actor claims to have hacked European manufacturer of missiles MBDA
Threat actors that go online with the moniker Adrastea claim to have hacked the multinational manufacturer of missiles MBDA. MBDA is a...
17 Android Apps on Google Play Store, dubbed DawDropper, were serving banking malware
The researchers discovered over a dozen Android Apps on Google Play Store, collectively dubbed DawDropper, that were dropping Banking malware. Trend...
Security Affairs newsletter Round 376 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
North Korea-linked SharpTongue spies on email accounts with a malicious browser extension
North Korea-linked threat actor SharpTongue is using a malicious extension on Chromium-based web browsers to spy on victims’ email accounts....
Reading the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report
I’m proud to announce the release of the “ENISA THREAT LANDSCAPE FOR RANSOMWARE ATTACKS” report, Enjoy it! Ransomware has become...
CISA orders to patch an actively exploited flaw in Confluence servers
US Critical Infrastructure Security Agency (CISA) adds the critical Confluence flaw, tracked as CVE-2022-26138, to its Known Exploited Vulnerabilities Catalog. US...
Criminals using compromised social media accounts to “post indecent images of children” says UK cybercrime organization
Action Fraud, the UK’s national reporting center for fraud and cybercrime, is warning of a very disturbing scam involving social...
Google delays Chrome third party cookie sunsetting…again
We’ve seen many examples of third-party cookies being tackled by browsers recently. It’s not so long ago that Firefox effectively...
To settle with the DoJ, Uber must confess to a cover-up. And it did.
Uber covered up the 2016 data breach that affected its 57 million customers and drivers. The confession came as part...
Examining New DawDropper Banking Dropper and DaaS on the Dark Web
In this blog post, we discuss the technical details of a new banking dropper that we have dubbed DawDropper, give...
Transport Layer Security (TLS): Issues & Protocol
Although Transport layer security (TLS) provides enhanced security, cybercriminals have become increasingly savvy, finding ways to circumvent many of these...
Microsoft experts linked the Raspberry Robin malware to Evil Corp operation
Microsoft linked the recently discovered Raspberry Robin Windows malware to the notorious Evil Corp operation. On July 26, 2022, Microsoft...
Strong Authentication – Robust Identity and Access Management Is a Strategic Choice
Passwords no longer meet the demands of today’s identity and access requirements. Therefore, strong authentication methods are needed. “Usernames and...
Exploitation is underway for a critical flaw in Atlassian Confluence Server and Data Center
Threat actors are actively exploiting the recently patched critical flaw in Atlassian Confluence Server and Data Center Recenlty Atlassian released...
TikTok owner ByteDance pushed a pro-China agenda to Americans, say former employees
Controversy over supposed pro-China messaging in apps from TikTok owner Bytedance continues to grow. Tales are emerging relating to a...
“Orwellian in the extreme” food store installs facial recognition cameras to stop crime, faces backlash
A convenience shop chain is under fire and facing legal charges for installing cameras with facial recognition software in 35...
Radioactivity monitoring and warning system hacked, disabled by attackers
The Spanish police arrested two people under the accusation of tampering with the Red de Alerta a la Radiactividad (RAR)....
Malware-laced npm packages used to target Discord users
Threat actors used multiple npm packages to target Discord users with malware designed to steal their payment card data. A...
