Nobelium APT targets French orgs, French ANSSI agency warns
The French cyber-security agency ANSSI said that the Russia-linked Nobelium APT group has been targeting French organizations since February 2021....
News
US-CERT Bulletin (SB21-340):Vulnerability Summary for the Week of November 29, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
330 SPAR stores close or switch to cash-only payments after a cyberattack
A cyber attack hit the international supermarket franchise SPAR forcing 330 shops in North East England to shut down. A...
Why Macs are the best, according to Mac expert Thomas Reed: Lock and Code S02E23
In the year 2021, the war for computer superiority has a clear winner, and it is the Macintosh, by Apple....
DMEA Colorado electric utility hit by a disruptive cyberattack
A ransomware attack hit an electric utility in Colorado causing a significant disruption and damage. The Delta-Montrose Electric Association (DMEA)...
NSO Group spyware found on iPhones of US State Department employees
iPhones of at least nine US State Department employees are said to have been hacked using the Pegasus spyware developed...
Threat actors stole more than $150 million worth of cryptocurrency tokens from BitMart platform
Threat actors stole more than $150 million in various cryptocurrencies from the cryptocurrency trading platform BitMart. Cryptocurrency trading platform BitMart...
A week in security (Nov 29 – Dec 5)
Last week on Malwarebytes Labs: CronRAT targets Linux servers with e-commerce attacksHackers all over the world are targeting Tasmania’s emergency...
Hackers are sending receipts with anti-work messages to businesses’ printers
Hackers are targeting printers of businesses around the world to print ‘anti-work’ slogans pushing workers to demand better pay. Multiple...
Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers
Experts spotted a series of malvertising campaigns using fake installers of popular apps and games to deliver a backdoor and...
Security Affairs newsletter Round 343
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Hundreds of vulnerabilities in common Wi-Fi routers affect millions of users
Researchers discovered a total of 226 potential security vulnerabilities in nine Wi-Fi popular routers from known manufacturers. Security researchers and...
German BSI agency warns of ransomware attacks over Christmas holidays
German BSI warns of ransomware attacks over the Christmas and end-of-year holidays, fearing Emotet return and attacks on Microsoft Exchange...
Cuba ransomware gang hacked 49 US critical infrastructure organizations
The FBI has revealed that the Cuba ransomware gang breached the networks of at least 49 US critical infrastructure organizations....
CISA warns of vulnerabilities in Hitachi Energy products
CISA has released six advisories to warn organizations about security vulnerabilities affecting Hitachi Energy products The U.S. Cybersecurity and Infrastructure...
NSO Group spyware used to compromise iPhones of 9 US State Dept officials
Apple warns that the mobile devices of at least nine US Department of State employees were compromised with NSO Group ‘s...
Emotet’s back and it isn’t wasting any time
Emotet is one of the best known, and most dangerous, malware threats of the past several years. On several occasions...
Attacker unmasked by VPN flubs charged with Ubiquiti hack
A veritable barn-stormer of an insider threat story has recently come to light. A former employee of Ubiquiti Networks, Nickolas...
KAX17 threat actor is attempting to deanonymize Tor users running thousands of rogue relays
Since 2017, an unknown threat actor has run thousands of malicious Tor relay servers in the attempt to unmask Tor...
Threat actors stole $120 M in crypto from BadgerDAO DeFi platform
Threat actors stole $120 million in cryptocurrencies from multiple wallets connected to the decentralized finance platform BadgerDAO. Threat actors this...
Watch out for Omicron COVID-19-themed phishing messages!
Threat actors have started to exploit the interest in the Omicron COVID-19 variant and are using it as a lure...
CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues
U.S. CISA urges to address vulnerabilities Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software. U.S. Cybersecurity and Infrastructure Security...
Emotet being spread via malicious Windows App Installer packages
As reported by Cryptolaemus on Twitter, and demonstrated step by step by BleepingComputer, Emotet is now being distributed through malicious...
Russian internet watchdog Roskomnadzor bans six more VPN services
Russia’s internet watchdog, ‘Roskomnadzor’, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia...
