Emotet modules and recent attacks
Emotet was first found in the wild in 2014. Back then its main functionality was stealing user banking credentials. Since...
News
Microsoft has taken legal and technical action to dismantle the Zloader botnet
Microsoft’s Digital Crimes Unit (DCU) announced to have shut down dozens C2 servers used by the infamous ZLoader botnet. Microsoft dismantled...
Cybersecurity Basics: Authentication and Authorization
With most security incidents caused by exposed secrets in DevOps pipelines and tools, proper authentication and authorization is essential. Explore...
CVE-2021-31805 RCE bug in Apache Struts was finally patched
Apache addressed a critical flaw in Apache Struts RCE that was linked to a previous issue that was not properly...
SMS group spam promises free gifts in return for bill payment
We’re seeing lots of examples of peculiar SMS messages sent to random groups of people. Most of these messages promise...
China-linked Hafnium APT leverages Tarrask malware to gain persistence
China-linked Hafnium APT group started using a new piece of new malware to gain persistence on compromised Windows systems. The...
April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities
It’s that time of the month again. Time to check what needs to be updated and prioritize where necessary. The...
JekyllBot:5 flaws allow hacking TUG autonomous mobile robots in hospitals
Researchers discovered five vulnerabilities that can be exploited to remotely hack hospital Aethon’s TUG autonomous mobile robots. Researchers at healthcare...
NGINX zero-day vulnerability: Check if you’re affected
On April 9, hacking group BlueHornet tweeted about an experimental exploit for NGINX 1.18 and promised to warn companies affected...
Steer clear of this “TestNTrace” SMS spam
Yesterday I received an SMS from “TestNTrace”, with the message resembling an official NHS communication: The text reads as follows:...
EU officials were targeted with Israeli surveillance software
According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the...
The State of Stalkerware in 2021
The state of stalkerware in 2021 (PDF) Main findings of 2021 Every year Kaspersky analyzes the use of stalkerware around...
Microsoft Partch Tuesday for April 2022 fixed 10 critical vulnerabilities
Microsoft Partch Tuesday security updates for April 2022 fixed 128 vulnerabilities, including an actively exploited zero-day reported by NSA. Microsoft...
Malwarebytes Evaluation of the MITRE ENGENUITY ATT&CK Round 4 Emulations
The results of the MITRE Engenuity ATT&CK Evaluation of the Wizard Spider and Sandworm adversaries were officially released1 last week....
Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums
The dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of Operation TOURNIQUET. The...
Russia-linked Sandworm APT targets energy facilities in Ukraine with wipers
Russia-linked Sandworm APT group targeted energy facilities in Ukraine with INDUSTROYER2 and CADDYWIPER wipers. Russia-linked Sandworm threat actors targeted energy...
NGINX project maintainers fix flaws in LDAP Reference Implementation
The maintainers of the NGINX web server project addressed a zero-day vulnerability in the Lightweight Directory Access Protocol (LDAP) Reference...
Conti ransomware offshoot targets Russian organizations
Thanks to the Threat Intelligence team for their help with this article. Conti, the infamous ransomware created by a group of Russian...
How to password protect a folder
There are times when you would like a folder to be accessible by you alone. Financial information, personal documents, or...
Apps removed from Google Play for harvesting user data
Dozens of apps were removed from the Google Play Store after they were found to be harvesting the data of...
USPS “Your package could not be delivered” text is a smishing scam
A scam is doing the rounds which begins with a text from what claims to be the US Postal Service....
Why identity management matters
Today is Identity Management Day, which aims to inform the public about the dangers of casually or improperly managing and...
CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog
The U.S. CISA added the CVE-2022-23176 flaw in WatchGuard Firebox and XTM appliances to its Known Exploited Vulnerabilities Catalog. The U.S....
Anonymous hacked Russia’s Ministry of Culture and leaked 446 GB
The Anonymous collective has hacked Russia’s Ministry of Culture and leaked 446 GB of data through the DDoSecrets platform. Data...
