Experts warn of attacks exploiting CVE-2021-40438 flaw in Apache HTTP Server
Threat actors are exploiting the recently patched CVE-2021-40438 flaw in Apache HTTP servers, warns German Cybersecurity Agency and Cisco. Threat...
News
Hackers all over the world are targeting Tasmania’s emergency services
Emergency services—under which the police, fire, and emergency medical services departments fall—is an infrastructure vital to any country or state....
CronRAT targets Linux servers with e-commerce attacks
There’s an interesting find over at the Sansec blog, wrapping time and date manipulation up with a very smart RAT...
Biopharmaceutical firm Supernus Pharmaceuticals hit by Hive ransomware during an ongoing acquisition
Biopharmaceutical company Supernus Pharmaceuticals discloses a ransomware attack, the Hive ransomware claims to have stolen company data. Biopharmaceutical company Supernus...
A week in security (Nov 22 – Nov 28)
Last week on Malwarebytes Labs How to defend your website against card skimmersSecurity researchers play peek-a-boo with Conti ransomware serverWindows...
Israel cut cyber export list, excluding totalitarian regimes
Israel’s Ministry of Defense bans the sale of surveillance software and offensive hacking tools to tens of countries. Israel’s Ministry...
French court indicted Nexa Technologies for complicity in acts of torture
Nexa Technologies was indicted for complicity in acts of torture, the French firm is accused of having sold surveillance equipment...
RATDispenser, a new stealthy JavaScript loader used to distribute RATs
RATDispenser is a new stealthy JavaScript loader that is being used to spread multiple remote access trojans (RATs) into the...
North Korea-linked Zinc group posed as Samsung recruiters to target security firms
North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms....
0patch releases unofficial patches for CVE-2021-24084 Windows 10 zero-day
0patch released free unofficial patches for Windows local privilege escalation zero-day (CVE-2021-24084) in Windows 10, version 1809 and later. 0patch...
Security Affairs newsletter Round 342
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Italy’s Antitrust Agency fines Apple and Google for aggressive practices of data acquisition
Italy’s antitrust regulator, Autorità Garante della Concorrenza e del Mercato (AGCM), has fined Apple and Google €10 million each their...
HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes
HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. Interpol has...
IKEA hit by a cyber attack that uses stolen internal reply-chain emails
Threat actors are targeting IKEA employees in an internal phishing campaign leveraging stolen reply-chain emails. According to BleepingComputer, threat actors...
IT threat evolution in Q3 2021. Mobile statistics
IT threat evolution Q3 2021 IT threat evolution in Q3 2021. PC statistics IT threat evolution in Q3 2021. Mobile...
IT threat evolution in Q3 2021. PC statistics
IT threat evolution Q3 2021 IT threat evolution in Q3 2021. PC statistics IT threat evolution in Q3 2021. Mobile...
IT threat evolution Q3 2021
IT threat evolution Q3 2021 IT threat evolution in Q3 2021. PC statistics IT threat evolution in Q3 2021. Mobile...
Marine services provider Swire Pacific Offshore (SPO) hit by Clop ransomware
Marine services provider Swire Pacific Offshore (SPO) has suffered a Clop ransomware attack that resulted in the theft of company...
ICO challenges adtech to step up privacy protection
The UK Information Commissioner’s Office (ICO) wants the advertising industry to come up with new initiatives that address the risks...
Threat actors target crypto and NFT communities with Babadeda crypter
Morphisec researchers spread cryptocurrency malware dubbed Babadeda in attacks aimed at crypto and NFT communities. Morphisec researchers spotted a new...
Exclusive: Resecurity discovered 0-day vulnerability in TP-Link Wi-Fi 6 devices
Resecurity researchers found a zero-day vulnerability in the TP-Link enterprise device with model number TL-XVR1800L. Resecurity, a Los Angeles-based cybersecurity...
APT C-23 group targets Middle East with an enhanced Android spyware variant
A threat actor, tracked as APT C-23, is using new powerful Android spyware in attacks aimed at targets in the...
New Linux CronRAT hides in cron jobs to evade detection in Magecart attacks
Security researchers discovered a new Linux RAT, tracked as CronRAT, that hides in scheduled cron jobs to avoid detection. Security...
Google’s Threat Horizons report: Will the straightforward approach get results?
Google’s Cybersecurity Action Team has released a Threat Horizons report focusing on cloud security. It’s taken some criticism for being...
