Anonymous and Ukraine IT Army continue to target Russian entities
The Anonymous collective and the volunteer group Ukraine IT Army continues to launch cyber attacks on Russian entities. The Anonymous...
News
NetDooka framework distributed via a pay-per-install (PPI) malware service
Researchers discovered a sophisticated malware framework, dubbed NetDooka, distributed via a pay-per-install (PPI) malware service known as PrivateLoader. Trend Micro...
Steer clear of fake premium mobile app unlockers
A site has been bouncing around YouTube comments for the past couple of weeks. The site sometimes changes, the messages...
How Instagram scammers talk users out of their accounts
If you’ve dealt with a scammer, you’ll know that making up stories is their bread and butter. Think about it:...
Vulnerable Docker Installations Are A Playhouse for Malware Attacks
Uptycs researchers identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API. The Uptycs Threat Research team has...
Ransomware: April 2022 review
The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of...
Ukraine IT Army hit EGAIS portal impacting Russia’s alcohol distribution
Ukraine IT Army launched massive DDoS attacks on the EGAIS portal that has a crucial role in Russia’s alcohol distribution....
NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
This report focuses on the components and infection chain of the NetDooka framework. Its scope ranges from the release of...
Workshop: Simplifying Network Security in the Cloud
In this workshop, you will learn how to leverage Trend Micro Cloud One™ - Network Security to provide a powerful...
Google addresses actively exploited Android flaw in the kernel
Google released the May security bulletin for Android, 2022-05-05 security patch level, which fixed an actively exploited Linux kernel flaw....
The $43 billion Business Email Compromise threat
The FBI has released a public service announcement regarding the ever-present threat of Business Email Compromise (BEC). This comes hot...
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Agent Tesla is a well-known data stealer written in .NET that has been active since 2014 and is perhaps one...
Cisco addresses three bugs in Enterprise NFVIS Software
Cisco addresses three flaws impacting its Enterprise NFV Infrastructure Software (NFVIS) that could allow the compromise of the hosts. Cisco...
Google fixes two critical Pixel vulnerabilities: Get your updates when you can!
Google has made updates available for Android 10, 11, 12 and 12L. The May Android Security Bulletin contains details of...
A couple of 10-Year-Old flaws affect Avast and AVG antivirus
Researcher discovered a couple of high-severity security flaws that affect a driver used by Avast and AVG antivirus solutions. SentinelOne...
It’s business as usual for REvil ransomware
After the FBS arrested 14 of its members in January, and a subsequent lull in action, the REvil ransomware gang...
World Password Day: Brushing up on the basics
World Password Day is today, reminding us of the value of solid passwords, and good password practices generally. There are...
F5 warns its customers of tens of flaws in its products
Cybersecurity provider F5 released security patches to address tens of vulnerabilities affecting its products. Security and application delivery solutions provider...
A new secret stash for “fileless” malware
In February 2022 we observed the technique of putting the shellcode into Windows event logs for the first time “in...
China-linked Winnti APT steals intellectual property from companies worldwide
A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers...
Unfixed vulnerability in popular library puts IoT products at risk
Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform...
8 security tips for small businesses
Small businesses and startups are known to face some extra challenges when it comes to cybersecurity. Because they don’t have...
Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites
Pro-Ukraine hackers are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen Russian and Belarusian websites. Pro-Ukraine hackers, likely linked...
Experts linked multiple ransomware strains North Korea-backed APT38 group
Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on...
