New Linux-Based Ransomware ‘Cheerscrypt’ Targets EXSi Devices
Trend Micro Research detected “Cheerscrypt”, a new Linux-based ransomware variant that compromises EXSi servers. We discuss our initial findings on...
News
New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices
Trend Micro Research detected “Cheerscrypt”, a new Linux-based ransomware variant that compromises ESXi servers. We discuss our initial findings on...
Celebrating 15 Years of Pwn2Own
Join Erin Sindelar, Mike Gibson, Brian Gorenc, and Dustin Childs as they discuss Pwn2Own's 15th anniversary, what we've learned, and...
Internationa police operation led to the arrest of the SilverTerrier gang leader
The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international...
Eerie GoodWill ransomware forces victims to publish videos of “good” deeds on social media
Ransomware does what the name implies: holds your files or network to ransom. Pay the authors, typically in cryptocurrency, and...
Massive increase in XorDDoS Linux malware in last six months
Microsoft says it’s recorded a massive increase in XorDDoS activity (254 percent) in the last six months. XorDDoS, a Linux...
How the Saitama backdoor uses DNS tunnelling
Thanks to the Malwarebytes Threat Intelligence Team for the information they provided for this article. Understandably, a lot of cybersecurity...
Chaining Zoom bugs is possible to hack users in a chat by sending them a message
Security flaws in Zoom can be exploited to compromise another user over chat by sending specially crafted messages. A set...
Update now! Multiple vulnerabilities patched in Google Chrome
Google has announced an update for the Chrome browser that includes 32 security fixes. The severity rating for one of...
CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure...
The Fault in Our kubelets: Analyzing the Security of Publicly Exposed Kubernetes Clusters
While researching cloud-native tools, our Shodan scan revealed over 200,000 publicly exposed Kubernetes clusters and kubelet ports that can be...
US-CERT Bulletin (SB22-143):Vulnerability Summary for the Week of May 16, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT
Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy...
Instagram verification services: What are the dangers?
Instagram, like other social platforms, has a verification system for high profile accounts. A verified badge means Instagram has confirmed that...
Microsoft warns of new highly evasive web skimming campaigns
Threat actors behind web skimming campaigns are using malicious JavaScript to mimic Google Analytics and Meta Pixel scripts to avoid...
General Motors suffers credential stuffing attack
American car manufacturer General Motors (GM) says it experienced a credential stuffing attack last month. During the attack customer information...
Nation-state malware could become a commodity on dark web soon, Interpol warns
Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary...
Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware
The Google Threat Analysis Group (TAG) has revealed that of the nine zero-day vulnerabilities affecting Chrome, Android, Apple and Microsoft...
Unknown APT group has targeted Russia repeatedly since Ukraine invasion
An unknown Advanced Persistent Threat (APT) group has targeted Russian government entities with at least four separate spear phishing campaigns...
ISaPWN – research on the security of ISaGRAF Runtime
In early 2020, we notified the Rockwell Automation Product Security Incident Response Team (RA PSIRT) of several vulnerabilities we had...
Russia-linked Turla APT targets Austria, Estonia, and NATO platform
Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College....
Russia-linked Fronton botnet could run disinformation campaigns
Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed...
Hunting down your data with Whitney Merrill: Lock and Code S03E11
Depending on where you live, you can ask a company to hand over all the data it has collected about...
A flaw in PayPal can allow attackers to steal money from users’ account
A security researcher announced the discovery of an unpatched flaw in PayPal that could allow attackers to steal money from...
