Swiss army asks its personnel to use the Threema instant-messaging app
The Swiss army has banned all instant messaging apps, including Signal, Telegram, and WhatsApp, recommending the use of the Threema...
News
Russian submarines threatening undersea cables, UK defence chief warns
Russian submarines threatening undersea network of undersea cables, says UK defence chief Sir Tony Radakin UK defence chief Sir Tony...
Security Affairs newsletter Round 348
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Unauthenticated RCE in H2 Database Console is similar to Log4Shell
Researchers disclosed a critical RCE flaw in the H2 open-source Java SQL database which is similar to the Log4J vulnerability....
FluBot malware continues to evolve. What’s new in Version 5.0 and beyond?
Researchers warn of new campaigns distributing a new improved version of the FluBot malware posing as Flash Player. Researchers from...
Alfer Microsoft, also SonicWall confirmed that its products were affected by Y2K22 bug
SonicWall confirmed that some of its Email Security and firewall products have been impacted by the Y2K22 bug. Security vendor...
FIN7 group continues to target US companies with BadUSB devices
The Federal Bureau of Investigation (FBI) warns US companies that the FIN7 cybercriminals group is targeting the US defense industry...
This Week in Security News – January 7th, 2022
This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns...
Codex Exposed: Exploring the Capabilities and Risks of OpenAI’s Code Generator
The first of a series of blog posts examines the security risks of Codex, a code generator powered by the...
This Week in Security News – January 7, 2022
This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns...
Organized Cybercrime Cases: What CISOs Need to Know
Jon Clay, VP of Threat Intelligence at Trend Micro, explores the latest Trend Micro Research covering Access as a Service...
Ransomware attacks Finalsite, renders 8,000 school sites unreachable for days
Finalsite, a popular platform for creating school websites, appears to have recovered significant functionality after being attacked by a still-unknown...
How to secure QNAP NAS devices? The vendor’s instructions
QNAP is warning customers of ransomware attacks targeting network-attached storage (NAS) devices exposed online. Taiwanese vendor QNAP has warned customers...
Patchwork APT caught in its own web
Patchwork is an Indian threat actor that has been active since December 2015 and usually targets Pakistan via spear phishing...
Sophisticated phishing scheme spent years robbing authors of their unpublished work
Three years ago on Quora, someone asked what writers do to keep their manuscripts from being stolen. One of the...
Google and Facebook fined $240 million for making cookies hard to refuse
French privacy watchdog, the Commission Nationale de l’Informatique et des Libertés (CNIL), has hit Google with a 150 million euro...
Threat actor targets VMware Horizon servers using Log4Shell exploits, UK NHS warns
A threat actor attempted to exploit the Log4Shell vulnerability to hack VMWare Horizon servers at UK NHS and deploy web...
Norton Crypto, the controversial cryptomining feature of Norton 360
Experts warn that the popular antivirus product Norton 360 has installed a cryptocurrency miner on its customers’ computers. Many users...
Over 3.7 million accounts were compromised in the FlexBooker data breach
The appointment scheduling service FlexBooker discloses a data breach that impacted over 3.7 million accounts. Threat actors compromised the FlexBooker...
Night Sky, a new ransomware operation in the threat landscape
Researchers warn of a new ransomware family, called ‘Night Sky,’ that uses a double-extortion model in attacks again businesses. Researchers...
North Korea-linked Konni APT targets Russian diplomatic bodies
North Korea-linked APT group Konni targets Russian Federation’s Ministry of Foreign Affairs (MID) new versions of malware implants. Security researchers...
Threat actors stole 1.1 million customer accounts from 17 well-known companies
NY OAG warned 17 companies that roughly 1.1 million of their customers have had their user accounts compromised in credential...
Google Docs comment feature abused in phishing campaign
Experts warn of a new phishing technique that abuses the commenting feature of Google Docs to send out emails that...
New iPhone malware spies via camera when device appears off
When removing malware from an iOS device, it is said that users need to restart the device to clear the...
