VMWare vulnerabilities are actively being exploited, CISA warns
The Cybersecurity & Infrastructure Security Agency has issued an Emergency Directive ED 22-03 and released a Cybersecurity Advisory (CSA) about...
News
10 ways attackers gain access to networks
A joint multi-national cybersecurity advisory has revealed the top ten attack vectors most exploited by cybercriminals in order to gain...
CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws
CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 vulnerabilities by May 23, 2022. The Cybersecurity and Infrastructure Security...
VMware fixed a critical auth bypass issue in some of its products
VMware addressed a critical authentication bypass vulnerability “affecting local domain users” in multiple products. The virtualization giant warns that a...
Uncovering a Kingminer Botnet Attack Using Trend Micro™ Managed XDR
Trend Micro’s Managed XDR team addressed a Kingminer botnet attack conducted through an SQL exploit. We discuss our findings and...
Trend Micro’s One Vision, One Platform
Why Trend Micro is evolving its approach to enterprise protection If you like the site, please consider joining the telegram...
Microsoft warns of attacks targeting MSSQL servers using the tool sqlps
Microsoft warns of brute-forcing attacks targeting Microsoft SQL Server (MSSQL) database servers exposed online. Microsoft warns of a new hacking...
Microsoft warns of the rise of cryware targeting hot wallets
Microsoft researchers warn of the rising threat of cryware targeting non-custodial cryptocurrency wallets, also known as hot wallets. Microsoft warns...
Sysrv botnet is out to mine Monero on your Windows and Linux servers
In a Twitter thread, the Microsoft Security Intelligence team have revealed new information about the latest versions of the Sysrv...
Conti Ransomware gang threatens to overthrow the government of Costa Rica
The Conti ransomware gang is threatening to ‘overthrow’ the new government of Costa Rica after last month’s attack. Last month,...
Experts spotted a new variant of UpdateAgent macOS malware dropper written in Swift
Researchers spotted a new variant of the UpdateAgent macOS malware dropper that was employed in attacks in the wild. Researchers...
Evaluation of cyber activities and the threat landscape in Ukraine
Introduction When the war in Ukraine broke out, many analysts were surprised to discover that what was simultaneously happening in...
US-CERT Bulletin (SB22-136):Vulnerability Summary for the Week of May 9, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Car owners warned of another theft-enabling relay attack
Tesla owners are no strangers to seeing reports of cars being tampered with outside of their control. Back in 2021,...
Venezuelan cardiologist accused of operating and selling Thanos ransomware
The U.S. Justice Department accused a 55-year-old Venezuelan cardiologist of operating and selling the Thanos ransomware. The U.S. Justice Department accused...
Update now! Apple patches zero-day vulnerability affecting Macs, Apple Watch, and Apple TV
Apple has released security updates for a zero-day vulnerability that affects multiple products, including Mac, Apple Watch, and Apple TV....
Gmail-linked Facebook accounts vulnerable to attack using a chain of bugs—now fixed
A security researcher has disclosed how he chained together multiple bugs in order to take over Facebook accounts that were...
Long lost @ symbol gets new life obscuring malicious URLs
Threat actors have rediscovered an old and little-used feature of web URLs, the innocuous @ symbol we usually see in...
AirTag stalking: What is it, and how can I avoid it?
More voices are being raised against the use of everyday technology repurposed to attack and stalk people. Most recently, it’s...
Over 200 Apps on Play Store were distributing Facestealer info-stealer
Experts spotted over 200 Android apps on the Play Store distributing spyware called Facestealer used to steal sensitive data. Trend Micro researchers...
“Look what I found here” phish targets Facebook users
Facebook-themed messages are a frequent source of bogus links from both spam and compromised accounts. Whether you receive the messages...
CISA adds CVE-2022-30525 flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-30525 RCE flaw in Zyxel Firewalls to its Known Exploited Vulnerabilities Catalog....
A custom PowerShell RAT uses to target German users using Ukraine crisis as bait
Researchers spotted a threat actor using a custom PowerShell RAT targeting German users to gain intelligence on the Ukraine crisis....
HTML attachments in phishing e-mails
The use of embedded HTML documents in phishing e-mails is a standard technique employed by cybercriminals. It does away with...
