Western Digital addressed a critical bug in My Cloud OS 5
Western Digital fixed a critical flaw affecting My Cloud OS 5 devices that allowed attackers to gain remote code execution...
News
CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog
The US Cybersecurity and Infrastructure Security Agency (CISA) added 66 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S....
FCC adds Kaspersky to Covered List due to unacceptable risks to national security
The Federal Communications Commission (FCC) added Kaspersky to its Covered List because it poses unacceptable risks to U.S. national security....
Anonymous leaked 28GB of data stolen from the Central Bank of Russia
Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank...
This Week in Security News – March 25, 2022
An investigation of cryptocurrency scams and schemes, and Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal If you like the...
Purple Fox Uses New Arrival Vector and Improves Malware Arsenal
Purple Fox is an old threat that has been making waves since 2018. This most recent investigation covers Purple Fox’s...
Chrome emergency update fixes actively exploited a zero-day bug
Google addresses an actively exploited zero-day flaw with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google fixed...
Chinese threat actor Scarab targets Ukraine, CERT-UA warns
Ukraine CERT (CERT-UA) released details about a campaign that SentinelLabs linked with the suspected Chinese threat actor tracked as Scarab....
UK police arrested 7 alleged members of Lapsus$ extortion gang
UK police suspect that a 16-year-old from Oxford is one of the leaders of the popular Lapsus$ extortion group. The...
US indicted 4 Russian government employees for attacks on critical infrastructure
The U.S. has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. The U.S....
Phishing-kit market: what’s inside “off-the-shelf” phishing packages
What are phishing kits? One of the most common tricks scammers use in phishing attacks is to create a fake...
Anti-war open-source software developer targets Russians and Belarussians with “protestware”
Russia is in the midst of its fourth week of attack against Ukraine. People worldwide have been increasingly and passionately...
Experts explained how to hack a building controller widely adopted in Russia
A researcher discovered critical flaws that can be exploited by remote attackers to hack a building controller popular in Russia....
An Investigation of Cryptocurrency Scams and Schemes
We provide an overview of the diverse range of NFT- and cryptocurrency-related scams that malicious actors use to steal assets...
Cyber Threat Intelligence: Risk Management Strategies
The ever-expanding attack surface of the cloud calls for effective cyber risk management to enable enterprises to innovate and meet...
Anonymous targets western companies still active in Russia, including Auchan, Leroy Merlin e Decathlon
Anonymous launches its offensive against Wester companies still operating in Russia, it ‘DDoSed’ Auchan, Leroy Merlin e Decathlon websites. Since...
VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control
VMware addressed two critical arbitrary code execution vulnerabilities affecting its Carbon Black App Control platform. VMware released this week, software...
Elden Ring exploit traps players in infinite death loop
Back in January, we wrote about how the Dark Souls games had their online components switched off for PC gamers....
Update now! Many HP printers affected by three critical security vulnerabilities
In two security advisories, HP has alerted users to the existence of security vulnerabilities in several of its printer models....
Anonymous claims to have hacked the Central Bank of Russia
The Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. Anonymous continues...
Okta says 375 customers impacted by the hack, but Lapsus$ gang says it is lying
The provider of access management systems Okta confirmed the data breach and revealed that 2.5% of its customers were impacted....
Ukrainian enterprises hit with the DoubleZero wiper
Ukraine CERT-UA warns of cyberattack aimed at Ukrainian enterprises using the a wiper dubbed DoubleZero. Ukraine CERT-UA continues to observe...
White House urges US businesses: Protect against potential Russian cyberattacks
On Monday, the White House told US business leaders to toughen up their cybersecurity defenses against a potential cyberattack from...
Okta admits 366 customers may have been impacted by LAPSUS$ breach
Through its usual means of communication, its Telegram channel, the LAPSUS$ group has posted screenshots of what appears to be...
