GALLIUM APT used a new PingPull RAT in recent campaigns
China-linked Gallium APT employed a previously undocumented RAT, tracked as PingPull, in recent cyber espionage campaign targeting South Asia, Europe,...
News
Update Chrome now: Four high risk vulnerabilities found
Users of Chrome have been advised to apply updates as soon as possible related to seven security vulnerabilities. CISA has...
HelloXD Ransomware operators install MicroBackdoor on target systems
Experts observed the HelloXD ransomware deploying a backdoor to facilitate persistent remote access to infected hosts. The HelloXD ransomware first appeared...
Serious vulnerabilities found in ITarian software, patches available for SaaS products
Dutch research group DIVD has identified multiple vulnerabilities in ITarian products. In cooperation with DIVD, ITarian has made patches available...
A week in security (June 6 – June 12)
Last week on Malwarebytes Labs: FBI warns of scammers soliciting donations for UkraineMicrosoft autopatch is here…but can you use it?Prometheus...
Using WiFi connection probe requests to track users
Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track. A group of academics...
Security Affairs newsletter Round 369 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers
Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware...
HID Mercury Access Controller flaws could allow to unlock Doors
Experts found vulnerabilities in HID Mercury Access Controllers can be exploited by attackers to remotely unlock doors. Researchers from security...
Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal
Iran-linked Lyceum APT group uses a new .NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The...
PACMAN, a new attack technique against Apple M1 CPUs
PACMAN is a new attack technique demonstrated against Apple M1 processor chipsets that could be used to hack macOS systems....
Amazon EKS vs Azure Kubernetes Service
Managed Kubernetes services help organizations deploy, configure, and manage Kubernetes clusters. This article compares two of the biggest service providers:...
Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign
Threat actors are exploiting the recently disclosed CVE-2022-26134 RCE in Atlassian Confluence servers to deploy cryptocurrency miners. CheckPoint researchers have...
WhatsApp spam offers up “B&Q Father’s Day Contest 2022”
Father’s Day in the UK (June 19) is almost upon us, and scammers are taking advantage of it—and the fractional...
Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques
The Cuba ransomware operators are back and employed a new version of its malware in recent attacks. Cuba ransomware has...
Vice Society ransomware gang adds the Italian City of Palermo to its data leak site
The Vice Society group has claimed responsibility for the ransomware attack that hit the Italian city of Palermo forcing the...
New Sandworm malware Cyclops Blink replaces VPNFilter
New Sandworm malware Cyclops Blink replaces VPNFilter The UK National Cyber Security Centre (NCSC), the Cybersecurity and Infrastructure Security Agency...
New Sandworm malware Cyclops Blink replaces VPNFilter
New Sandworm malware Cyclops Blink replaces VPNFilter The UK and US have today published a joint advisory that identifies a new...
Joint security guidance offered to data centre operators and users
Joint security guidance offered to data centre operators and users The National Cyber Security Centre and the Centre for the...
Joint advisory on MuddyWater actor
Joint advisory on MuddyWater actor This joint advisory provides information about activity carried out by the Iranian actor MuddyWater against...
Students tackle tech innovation challenge set by UK cyber experts
Students tackle tech innovation challenge set by UK cyber experts Innovative students from around the country put their cyber studies...
Registration opens for CYBERUK 2022
Registration opens for CYBERUK 2022 National Cyber Security Centre’s CYBERUK 2022 event will take place across two days on 10-11...
Expressions of Interest sought for Cyber Incident Response L2 and Cyber Incident Exercising Scheme
Expressions of Interest sought for Cyber Incident Response L2 and Cyber Incident Exercising Scheme The NCSC is seeking Expressions of...
NCSC supports White House call for increased cyber security precautions
NCSC supports White House call for increased cyber security precautions The NCSC - a part of GCHQ - has today...
