Google blocked China-linked APT31’s attacks targeting U.S. Government
Google has blocked a phishing campaign conducted by China-linked group APT31 aimed at Gmail users associated with the U.S. government....
News
Twitter makes the leap to Tor
Tor is getting another visibility boost for people who may not otherwise come into contact with it. The reason: an...
Update now! Microsoft patches three zero-day vulnerabilities on Patch Tuesday
The updates for Microsoft’s March 2022 Patch Tuesday should fix 92 vulnerabilities, including three zero-day vulnerabilities. Of the 92 vulnerabilities,...
FormBook spam campaign targets citizens of Ukraine️
Our Threat Intelligence team has been closely monitoring cyber threats related to the war in Ukraine. Today, we discovered a...
Multiple Russian government websites hacked in a supply chain attack
Threat actors hacked Russian federal agencies’ websites in a supply chain attack involving the compromise of a stats widget. Some...
Anonymous hacked Russian cams, websites, announced a clamorous leak
The collective Anonymous has hacked public cameras in Russia and transmitted their live feed on a website, it also announced a...
HP addressed 16 UEFI firmware flaws impacting laptops, desktops, PoS systems
Researchers disclosed 16 high-severity flaws in different implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices. Researchers...
RagnarLocker ransomware gang breached 52 critical infrastructure organizations
In a FLASH publication issued by the FBI in coordination with DHS/CISA, the FBI says it has identified at least...
Azure AutoWarp brings automation headaches
Azure is Microsoft’s cloud computing service providing a wide range of features for businesses worldwide. It’s particularly popular for its...
Samsung data breach: Lapsus$ gang stole Galaxy devices’ source code
Samsung confirmed that threat actors had access to the source code of its Galaxy smartphones in recent security breach. Samsung...
Microsoft March 2022 Patch Tuesday updates fix 89 vulnerabilities
Microsoft March 2022 Patch Tuesday security updates address 89 vulnerabilities in multiple products, including 3 zero-days. Microsoft March 2022 Patch...
New RURansom Wiper Targets Russia
We analyze RURansom, a malware variant discovered to be targeting Russia. Originally suspected to be a ransomware because of its...
US-CERT Bulletin (SB22-066):Vulnerability Summary for the Week of February 28, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Google TAG: Russia, Belarus-linked APTs targeted Ukraine
Google TAG observed Russian, Belarusian, and Chinese threat actors targeting Ukraine and European government and military orgs. Google Threat Analysis...
Access:7 flaws impact +150 device models from over 100 manufacturers
Many IoT and medical devices are affected by seven serious flaws, collectively tracked as Access:7, in widely used Axeda platform....
CISA urges to fix actively exploited Firefox zero-days by March 21
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The Cybersecurity...
Ragnar Locker ransomware group breached at least 52 organizations across 10 critical infrastructure sectors
The US FBI warns that the Ragnar Locker ransomware gang has breached the networks of at least 52 organizations from...
Ukraine’s CERT-UA warns of phishing attacks against Ukrainian citizens
Ukraine’s CERT-UA warned citizens of new phishing attacks launched through compromised email accounts belonging to Indian entities. Ukraine’s Computer Emergency...
When fake dating profiles try the military approach
I’ve run into many romance scams over the years. You’ll find them lurking on social media, instant messaging, chatrooms/forums, and...
Dirty Pipe Linux flaw allows gaining root privileges on major distros
Dirty Pipe is a Linux vulnerability, tracked as CVE-2022-0847, that can allow local users to gain root privileges on all...
Coinbase blocked 25,000 crypto addresses linked to Russian individuals and entities
Coinbase announced that it’s blocking access to more than 25,000 blockchain addresses linked to Russian individuals and entities. The popular...
Update now! Mozilla patches two actively exploited vulnerabilities
Mozilla has announced it has fixed security vulnerabilities in Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus...
The struggle to reduce bug-fixing time is real
There are many reasons why we want a bug fixed as soon as we can, but there are also plenty...
SharkBot, the new generation banking Trojan distributed via Play Store
SharkBot banking malware was able to evade Google Play Store security checks masqueraded as an antivirus app. SharkBot is a banking...
