SolarWinds Warns of Attacks Targeting Web Help Desk Users
SolarWinds warns customers of potential cyberattacks targeting unpatched installs of its Web Help Desk (WHD) product. SolarWinds has published a...
News
Gh0stCringe RAT makes database servers squeal for protection
Researchers have found that the Gh0stCringe RAT is infecting Microsoft SQL and MySQL, and seems to focus on servers with...
Clouding the issue: what cloud threats lie in wait in 2022?
As more services move ever cloud-wards, so too do thoughts by attackers as to how best exploit them. With all...
Ukraine SBU arrested a hacker who supported Russia during the invasion
The Security Service of Ukraine (SBU) announced the arrest of a “hacker” who helped Russian Army during the invasion. The...
FBI catches up with one of its Most Wanted, arrests head of advance-fee crime network
Some don’t mind putting extra effort into making their crime appear as legitimate as possible by perpetuating more lies as...
B1txor20 Linux botnet use DNS Tunnel and Log4J exploit
Researchers uncovered a new Linux botnet, tracked as B1txor20, that exploits the Log4J vulnerability and DNS tunnel. Researchers from Qihoo...
Russia’s disinformation uses deepfake video of Zelenskyy telling people to lay down arms
Russian disinformation continues, this time it used a deepfake video of Zelenskyy inviting Ukrainians to ‘lay down arms.’ A deepfake...
CISA adds 15 new flaws to the Known Exploited Vulnerabilities Catalog
The US Cybersecurity and Infrastructure Security Agency (CISA) added 15 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S....
“Threatening and coercive” cold-callers who targeted the elderly hit with big fines
Every so often, fines hit the news as a result of phone/communication spam. Much of it targets older members of...
CafePress faces $500,000 fine for data breach cover up
The US Federal Trade Commission (FTC) has announced that it took action against online customized merchandise platform CafePress over allegations...
Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud
FBI and CISA warn Russia-linked threats actors gained access to an NGO cloud after enrolling their own device in the...
Valorant cheats on YouTube are actually information-stealing malware
Valorant, the popular free-to-play team based shooter, is attracting the attention of scammers. It’s reported that a malware distribution campaign...
Fake Royal Mail chatbot offers up…a new iPhone?
Royal Mail scams are always popular techniques for people up to no good. We’ve covered them several times over the...
Hacker breaches key Russian ministry in blink of an eye
In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of...
CVE-2022-0778 DoS flaw in OpenSSL was fixed
OpenSSL addressed a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, related to certificate parsing. OpenSSL released updates to address a high-severity...
How to Build a Serverless API with Lambda and Node.js
Is your app server serving more stress than function? Explore this walkthrough for configuring and deploying a serverless API and...
US-CERT Bulletin (SB22-073):Vulnerability Summary for the Week of March 7, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Escobar is the new Android banking Trojan we’ve met before
Aberebot, a known Android banking Trojan, has changed its name and returned loaded with new features. First spotted by @MalwareHunterTeam in early...
DDoS barrage against Israel described as the “largest ever” cyberattack its faced
Several government websites in Israel—those using the .gov.il domain—were inaccessible after a distributed denial of service (DDoS) attack hit Israel’s...
Update now! Apple fixes several serious vulnerabilities in iOS and macOS
Apple has released patches for macOS Monterey 12.3, iOS 15.4 and iPadOS 15.4. In these security updates, released on March...
Stolen Nvidia certificates used to sign malware—here’s what to do
As we wrote on March 3, 2022 Nvidia, was recently attacked by the LAPSUS$ ransomware group. The ensuing data leak...
Critical flaws affect Veeam Data Backup software
Veeam addressed two critical vulnerabilities impacting the Backup & Replication product for virtual environments. Veeam has released security patches to...
The German BSI agency recommends replacing Kaspersky antivirus software
German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The...
Dirty Pipe Linux flaw impacts most QNAP NAS devices
Taiwanese vendor QNAP warns most of its NAS devices are impacted by high severity Linux vulnerability dubbed ‘Dirty Pipe.’ Taiwanese...
