New Nerbian RAT spreads via malspam campaigns using COVID-19
Researchers spotted a new remote access trojan, named Nerbian RAT, which implements sophisticated evasion and anti-analysis techniques. Researchers from Proofpoint...
News
Virtual credit cards coming to Chrome: What you need to know
When you’re buying things online, reducing the exposure of payment details during transactions is one way to help reduce the...
Clearview AI banned from selling facial recognition data in the US
Clearview AI, a facial recognition software and surveillance company, is permanently banned from selling its faceprint database within the United...
Massive hacking campaign compromised thousands of WordPress websites
Researchers uncovered a massive hacking campaign that compromised thousands of WordPress websites to redirect visitors to scam sites. Cybersecurity researchers...
Cyberattacks on SATCOM networks attributed to Russian threat actors
The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have updated their joint cybersecurity advisory,...
F5 BIG-IP vulnerability is now being used to disable servers
As we reported a few days ago, a F5 BIG-IP vulnerability listed as CVE-2022-1388 is actively being exploited. But now researchers...
Red TIM Research (RTR) founds 2 bugs affecting F5 Traffix SDC
Experts at TIM research laboratory, Red Team Research (RTR), have disclosed a couple of bugs affecting F5 Traffix SDC. Among...
Five Eyes agencies warn of attacks on MSPs
Cybersecurity authorities from Five Eye warn of threats targeting managed service providers (MSPs) and potential supply chain attacks through them....
College closes down after ransomware attack
Lincoln College, one of the few rural schools in Illinois, said that it will permanently close on Friday, May 13,...
New ransomware trends in 2022
Ahead of the Anti-Ransomware Day, we summarized the tendencies that characterize ransomware landscape in 2022. This year, ransomware is no...
CISA adds CVE-2022-1388 flaw in F5 BIG-IP to its Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog....
Adding Guardrails To A Cloud Account After The Fact
This article outlines a priority checklist of which guardrails need to be applied to an existing cloud account. Answering questions...
US-CERT Bulletin (SB22-129):Vulnerability Summary for the Week of May 2, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Update now! Microsoft releases patches, including one for actively exploited zero-day
Microsoft has released patches for 74 security problems, including fixes for seven “critical” vulnerabilities, and an actively exploited zero-day vulnerability that...
Canon printer owners: Be careful of bogus driver download sites
Think of all the really common, very mundane things you search for of a tech nature. Drivers. Scanners. Printers. A...
Microsoft Patch Tuesday updates for May 2022 fixes 3 zero-days, 1 under active attack
Microsoft Patch Tuesday security updates for May 2022 address three zero-day vulnerabilities, one of them actively exploited. Microsoft Patch Tuesday...
EU condemns Russian cyber operations against Ukraine
The European Union condemns the cyberattacks conducted by Russia against Ukraine, which targeted the satellite KA-SAT network. The European Union...
Security Above and Beyond CNAPPs
How Trend Micro’s unified cybersecurity platform is transforming cloud security If you like the site, please consider joining the telegram...
Examining the Black Basta Ransomware’s Infection Routine
We analyze the Black Basta ransomware and examine the malicious actor’s familiar infection tactics. If you like the site, please...
APT34 targets Jordan Government using new Saitama backdoor
On April 26th, we identified a suspicious email that targeted a government official from Jordan’s foreign ministry. The email contained...
Microsoft fixed RCE flaw in a driver used by Azure Synapse and Data Factory
Microsoft disclosed a now-fixed vulnerability in Azure Synapse and Azure Data Factory that could have allowed remote code execution. Microsoft...
Client side scanning may cost more than it delivers
On May 11, 2022, the EU will publicize a proposal for a law on mandatory chat control. The European Commission...
“Chemical attack” email warnings deliver Jester Stealer malware
Jester Stealer, a malicious file capable of large amounts of data theft, is on the prowl again. The Ukrainian Computer...
Hacktivists hacked Russian TV schedules during Victory Day and displayed anti-war messages
Hacktivists yesterday defaced the Russian TV with pro-Ukraine messages and took down the RuTube video streaming site. Hacktivists and white...
