Microsoft disrupted APT28 attacks on Ukraine through a court order
Microsoft obtained a court order to take over seven domains used by the Russia-linked APT28 group to target Ukraine. Microsoft...
News
Hamas-linked threat actors target high-profile Israeli individuals
Hamas-linked threat actors conducted an elaborate campaign aimed at high-profile Israeli individuals employed in sensitive sectors. Researchers from Cybereason observed...
A Bad Luck BlackCat
In early December 2021, a new ransomware actor started advertising its services on a Russian underground forum. They presented themselves...
How to Optimize Your Lambda Code
Learn how to make your code run more efficiently in AWS Lambda, so you can save money and time! If...
Colibri Loader employs clever persistence mechanism
Recently discovered malware loader Colibri leverages a trivial and efficient persistence mechanism to deploy Windows Vidar data stealer. Malwarebytes researchers...
CVE-2022-22292 flaw could allow hacking of Samsung Android devices
Experts discovered a vulnerability, tracked as CVE-2022-22292, which can be exploited to compromise Android 9, 10, 11, and 12 devices....
Watch out for fake WhatsApp “New Incoming Voicemessage” emails
Thanks to the Threat Intelligence team for their help with this article. Security researchers from Armorblox, a cybersecurity company specializing...
Cash App breached by a former employee could affect millions
In December last year, the customer information of Cash App users was accessed by a former employee of Block, the...
Palo Alto Networks devices affected by CVE-2022-0778 OpenSSL bug
Palo Alto Networks addressed a high-severity OpenSSL infinite loop vulnerability, tracked as CVE-2022-0778, that affects some of its firewall, VPN, and...
VMware addressed several critical vulnerabilities in multiple products
VMware fixed critical vulnerabilities in multiple products that could be exploited by remote attackers to execute arbitrary code. VMware has...
US dismantled the Russia-linked Cyclops Blink botnet
The U.S. government announced the disruption of the Cyclops Blink botnet operated by the Russia-linked Sandworm APT group. The U.S....
An In-Depth Look at ICS Vulnerabilities Part 3
In our series wrap-up, we look into CVEs that affect critical manufacturing based on MITRE’s matrix. We also explore common...
Detecting Exploitation of Local Vulnerabilities Through Trend Micro Vision One™ and Cloud One™
We provide a guide to detecting Dirty Pipe, a Linux kernel vulnerability tracked as CVE-2022-0847. If you like the site, please...
5 Zero Trust Security Model DevOps Integrations
Learn how the zero trust security model can be integrated into your DevOps lifecycle without implicating the agility or speed...
Ukraine warns of attacks aimed at taking over Telegram accounts
Ukraine’s technical security and intelligence service warns of threat actors targeting aimed at gaining access to users’ Telegram accounts. State...
Block discloses data breach involving Cash App potentially impacting 8.2 million US customers
Block disclosed a data breach related to the Cash App investing app and is notifying 8.2 million current and former...
Beware Ukraine-themed fundraising scams
Unfortunately scammers continue to focus on the invasion of Ukraine to make money. A flurry of bogus domains and scam...
U.S. Treasury Department sanctions darkweb marketplace Hydra Market
The U.S. Treasury Department sanctioned the Hydra Market, the world’s largest and longest-running dark web marketplace. The U.S. Treasury Department...
A cyber attack forced the wind turbine manufacturer Nordex Group to shut down some of IT systems
Nordex Group, one of the largest manufacturers of wind turbines, was hit by a cyberattack that forced the company to...
Germany police shut down Hydra Market dark web marketplace
Germany’s Federal Criminal Police Office shut down Hydra Market, the Russian-language darknet marketplace specialized in drug dealing. Germany’s Federal Criminal...
Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of...
US-CERT Bulletin (SB22-094):Vulnerability Summary for the Week of March 28, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns
Ukraine CERT-UA spotted a spear-phishing campaign conducted by Russia-linked Armageddon APT targeting local state organizations. Ukraine CERT-UA published a security...
Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique
This blog post was authored by Ankur Saini, with contributions from Hossein Jazi and Jérôme Segura Colibri Loader is a...
