Intuit phish says “we have put a temporary hold on your account”
Intuit released a warning about a phishing email being sent to its customers. The phishing emails tell recipients that their...
News
Multiple Microsoft Office versions impacted by an actively exploited zero-day
A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems....
GoodWill Ransomware victims have to perform socially driven activities to decryption their data
Researchers discovered a new ransomware family called GoodWill that asks victims to donate the ransom for social causes. CloudSEK’s Threat Intelligence Research...
EnemyBot malware adds new exploits to target CMS servers and Android devices
The operators of the EnemyBot botnet added exploits for recently disclosed flaws in VMware, F5 BIG-IP, and Android systems. Operators...
Pro-Russian hacker group KillNet plans to attack Italy on May 30
Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian hacker...
Security Affairs newsletter Round 367 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
US man sentenced to 4 years in prison for his role in Infraud scheme
A man from New York was sentenced to four years in prison for trading stolen credit card data and assisting...
How to implement AWS Sustainability Pillar principles
Learn more about the AWS Well-Architected Framework Sustainability Pillar and how to securely and efficiently implement the six design principles...
Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks
360 Qihoo reported DDoS attacks launched by APT-C-53 (aka Gamaredon) conducted through the open-source DDoS Trojan program LOIC. Researchers at 360 Qihoo observed...
The strange link between Industrial Spy and the Cuba ransomware operation
The recently launched Industrial Spy data extortion marketplace has now started its ransomware operation. In April, Malware HunterTeam and Bleeping...
Reuters: Russia-linked APT behind Brexit leak website
Russia-linked threat actors are behind a new website that published leaked emails from leading proponents of Britain’s exit from the...
GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack
GitHub provided additional details into the theft of its integration OAuth tokens that occurred in April, with nearly 100,000 NPM users’ credentials....
IT threat evolution in Q1 2022. Mobile statistics
IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022....
IT threat evolution Q1 2022
IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022....
IT threat evolution in Q1 2022. Non-mobile statistics
IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022....
Android pre-installed apps are affected by high-severity vulnerabilities
Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research...
GhostTouch: how to remotely control touchscreens with EMI
Security researchers devised a technique, dubbed GhostTouch, to remotely control touchscreens using electromagnetic signals. A team of researchers from Zhejiang...
FBI: Compromised US academic credentials available on various cybercrime forums
The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors...
Twitter fined $150M after using 2FA phone numbers for marketing
The Federal Trade Commission (FTC) and the Department of Justice (DOJ) have ordered Twitter to pay a $150M penalty for...
Firefox, Thunderbird, receive patches for critical security issues
Mozilla has published updates for two critical security issues in Firefox and Thunderbird, demonstrated during Pwn2Own Vancouver. The vulnerabilities, discovered...
ERMAC 2.0 Android Banking Trojan targets over 400 apps
A new version of the ERMAC Android banking trojan is able to target an increased number of apps. The ERMAC...
Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Horizon3 security researchers...
Managed detection and response in 2021
Kaspersky Managed Detection and Response (MDR) helps organizations to complement existing detection capabilities or to expand limited in-house resources to...
Cyber Risk Management Strategies from Arjo CIO
Andrea Berg, CIO of Arjo, explores the critical need for effective and inclusive communication around IT requirements to expand beyond...
