Attackers exploited a zero-day in Mitel VOIP devices to compromise a network
Experts warn threat actors have exploited a zero-day vulnerability in a Mitel VoIP appliance in a ransomware attack. CrowdStrike researchers...
News
Private Network 5G Security Risks & Vulnerabilities
Why cybersecurity is the first step to private network deployment If you like the site, please consider joining the telegram...
Threat actors continue to exploit Log4Shell in VMware Horizon Systems
The U.S. CISA and the Coast Guard Cyber Command (CGCYBER) warn of attacks exploiting the Log4Shell flaw in VMware Horizon...
Vulnerabilities in the Jacuzzi SmartTub app could allow to access users’ data
Researchers discovered multiple vulnerabilities in Jacuzzi SmartTub app web interface that can expose private data. Multiple vulnerabilities in Jacuzzi SmartTub...
Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users
Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on...
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
These days ransomware analysis gets a lot of coverage in commercial and public reports, with vendors issuing dozens of ransomware-related...
Trend Micro CEO Discusses Need for a Unified Cybersecurity Platform
In the face of evolving cyberattacks, an ever-expanding digital attack surface, and a global skills shortage, organizations need a more...
Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor
China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. Check Point Research uncovered an activity...
NSO Group told lawmakers that Pegasus spyware was used by at least 5 European countries
The Israeli surveillance firm NSO Group revealed that its Pegasus spyware was used by at least five European countries. The...
QNAP warns of a critical PHP flaw that could lead to remote code execution
Taiwanese company QNAP is addressing a critical PHP vulnerability that could be exploited to achieve remote code execution. Taiwanese vendor...
7-Zip gets Mark of the Web feature, increases protection for users
One of the most popular zip programs around, 7-Zip, now offers support for “Mark of the Web” (MOTW), which gives...
MEGA claims it can’t decrypt your files. But someone’s managed to…
MEGA, the cloud storage provider and file hosting service, is very proud of its end-to-end encryption. It says it couldn’t...
Researchers found flaws in MEGA that allowed to decrypt of user data
Researchers at ETH Zurich discovered several critical flaws in the MEGA cloud storage service that could have allowed the decryption...
Azure vs. AWS Developer Tools
Both AWS and Azure developer tools provide key efficiencies in your DevOps environment, learn the comparison between tools, any overlap,...
Exclusive: Lithuania under cyber-attack after the ban on Russian railway goods
Cyber Spetsnaz is targeting government resources and critical infrastructure in Lithuania after the ban of Russian railway goods Cyber Spetsnaz...
Magecart attacks are still around but are more difficult to detect
Researchers from Malwarebytes warns that the Magecart skimming campaign is active, but the attacks are more covert. Magecart threat actors...
Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer
Threat actors are using the Rig Exploit Kit to spread the Dridex banking trojan instead of the Raccoon Stealer malware....
Flagstar Bank discloses a data breach that impacted 1.5 Million individuals
US Flagstar Bank disclosed a data breach that exposed files containing the personal information of 1.5 million individuals. US-based Flagstar...
APT ToddyCat
ToddyCat is a relatively new APT actor that we have not been able to relate to other known actors, responsible...
US-CERT Bulletin (SB22-171):Vulnerability Summary for the Week of June 13, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New ToddyCat APT targets high-profile entities in Europe and Asia
Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia...
New DFSCoerce NTLM relay attack allows taking control over Windows domains
Experts discovered a new kind of Windows NTLM relay attack dubbed DFSCoerce that allows taking control over a Windows domain. Researchers warn...
You can be tracked online using your Chrome browser extensions
A researcher has found a way to generate a fingerprint of your device from your installed Google Chrome extensions, and...
Cybercriminals Use Azure Front Door in Phishing Attacks
Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft....
