Apple fixes Mac bug that could have allowed takeover of webcams and browser tabs
A researcher has picked up a $100,500 bounty from Apple after discovering a rather nasty method of gaining control of...
News
Experts analyze first LockBit ransomware for Linux and VMware ESXi
LockBit expands its operations by implementing a Linux version of LockBit ransomware that targets VMware ESXi servers. LockBit is the...
Apple fixed the first two zero-day vulnerabilities of 2022
Apple released security updates to fix two zero-day flaws, one of them actively exploited to hack iPhones and Macs. Apple...
New DazzleSpy malware attacks macOS
DazzleSpy, a piece of malware that attacks macOS, was discovered last fall by researchers at ESET, and now those researchers...
German intelligence agency warns of China-linked APT27 targeting commercial organizations
The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. The Bundesamt...
KONNI evolves into stealthier RAT
This blog post was authored by Roberto Santos KONNI is a Remote Administration Tool that has being used for at...
Senate Committee passes new antitrust bill aimed at Big Tech companies
The American Innovation and Choice Online Act (AICOA), a bill that forbids Big Tech platforms like Apple, Alphabet (Google’s parent company),...
New DeadBolt ransomware targets QNAP NAS devices
New malware is targeting targets QNAP NAS devices, it is the DeadBolt ransomware and ask 50 BTC for master key...
Google sued over deceptive location tracking
Four Attorneys General (AG) from the District of Columbia and the states of Indiana, Texas, and Washington have filed separate...
Windows Update has changed over the years. Here are 25 group policies to avoid
Microsoft has published a list of 25 group policies that administrators should not use in Windows 10 and Windows 11...
VMware urges customers to patch VMware Horizon servers against Log4j attacks
VMware released security patches to address critical Log4j security vulnerabilities in VMware Horizon servers targeted in ongoing attacks. VMware urges...
Microsoft warns of phishy OAuth apps
Microsoft is warning Office 365 users to watch out for a phishy emails asking you to install an app called Upgrade....
Cyberinsurance companies don’t want to pay out for “acts of war”
Due to the evolving and growing impact of cybersecurity incidents there are some questions starting to arise about the way...
PwnKit: Local Privilege Escalation bug affects major Linux distros
A flaw in Polkit’s pkexec component, tracked as CVE-2021-4034 (PwnKit) can be exploited to gain full root privileges on major...
PrinterLogic fixes high severity flaws in Printer Management Suite
PrinterLogic has addressed nine vulnerabilities in Web Stack and Virtual Appliance, including three high severity flaws. PrinterLogic has released security...
Segway e-store compromised in a Magecart attack to steal credit cards
Segway e-store suffered a Magecart attack that potentially allowed threat actors to steal credit cards and customer info. The online...
TianySpy Malware Uses Smishing Disguised as Message From Telco
Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The malware might have been...
UK NCSC is going to release Nmap scripts to find unpatched vulnerabilities
The UK NCSC cybersecurity agency is going to release a collection of NMAP scripts that can allow defenders to find...
Sophisticated attackers used DazzleSpy macOS backdoor in watering hole attacks
Experts found an undocumented macOS backdoor, dubbed DazzleSpy, that was employed in watering hole attacks aimed at politically active individuals...
Discord scammers go CryptoBatz phishing
It’s not been a great couple of weeks for people looking to get in on NFTs. Missing apes, rug-pulls, it’s all go in...
Attackers are actively targeting critical RCE bug in SonicWall Secure Mobile Access
Threat actors are actively exploiting a critical flaw (CVE-2021-20038) in SonicWall’s Secure Mobile Access (SMA) gateways addressed in December. Threat...
Latest version of Android RAT BRATA wipes devices after stealing data
A new version of the BRATA malware implements a functionality to perform a factory reset of the device to wipe...
Segway store compromised with Magecart skimmer
In the early 2000’s, the Segway company released a personal transporter that would become iconic. The Segway Human Transporter was...
A flaw in Rust Programming language could allow to delete files and directories
The maintainers of the Rust programming language fixed a high-severity flaw that could allow attackers to delete files and directories...
