North Korea-linked TA406 cyberespionage group activity in 2021
North Korea-linked TA406 APT group has intensified its attacks in 2021, particularly credential harvesting campaigns. A report published by Proofpoint...
News
Conti ransomware operations made at least $25.5 million since July 2021
Researchers revealed that Conti ransomware operators earned at least $25.5 million from ransom payments since July 2021. A study conducted...
Android banking Trojan BrazKing is back with significant evasion improvements
The BrazKing Android banking trojan is back with significant improvements and dynamic banking overlays to avoid detection. Researchers from IBM...
Patch now! FatPipe VPN zero-day actively exploited
According to its marketing team, a FatPipe MPVPN can make your VPN “900% more secure.” Well, I don’t know about...
Microsoft addresses a high-severity vulnerability in Azure AD
Microsoft recently addressed an information disclosure vulnerability, tracked as CVE-2021-42306, affecting Azure AD. Microsoft has recently addressed an information disclosure...
Phishers target TikTok influencers with verification promises and copyright threats
Influencers on TikTok are feeling the pinch of scams and phishing thanks to targeted campaigns hungry for fresh logins. The...
Attackers deploy Linux backdoor on e-stores compromised with software skimmer
Researchers discovered threat actors installing a Linux backdoor on compromised e-commerce servers after deploying a credit card skimmer into e-stores....
Zero-Day flaw in FatPipe products actively exploited, FBI warns
The FBI is warning of a zero-day vulnerability in FatPipe products that has been under active exploitation since at least...
Update now! Netgear vulnerability patched
Netgear has released a fix for a vulnerability on several of their product models. The affected product models include extenders,...
Phishing campaign targets Tiktok influencer accounts
Threat actors have launched a phishing campaign targeting more than 125 TikTok ‘Influencer’ accounts in an attempt to hijack them....
US, UK and Australia warn of Iran-linked APTs exploiting Fortinet, Microsoft Exchange flaws
U.S., U.K. and Australia warn that Iran-linked APT groups exploiting Fortinet and Microsoft Exchange flaws to target critical infrastructure. A...
Advanced threat predictions for 2022
Over the past 12 months, the style and severity of APT threats has continued to evolve. Despite their constantly changing...
Netgear fixes code execution flaw in many SOHO devices
Netgear addressed a code execution vulnerability, tracked as CVE-2021-34991, in its small office/home office (SOHO) devices. Netgear addressed a pre-authentication...
CISA releases incident response plans for federal agencies
CISA released the Federal Government Cybersecurity Incident Response Playbooks for the federal civilian executive branch agencies. The Cybersecurity and Infrastructure Security...
Bogus JS libraries become sustained ransomware threat for Roblox gamers
If your kids play Roblox, you may wish to warn them of ransomware perils snapping at their heels. A very...
Fake ransomware warnings hit WordPress sites: How to stay safe
A ransomware warning has appeared out of nowhere and started taking over WordPress sites. The warning, with its black background...
The rise of millionaire zero-day exploit markets
Researchers detailed the multi-millionaire market of zero-day exploits, a parallel economy that is fueling the threat landscape. Zero-day exploits are...
Iran-linked APT groups continue to evolve
The researchers at Microsoft Threat Intelligence Center (MSTIC) are warning of increasingly sophisticated operations carried out by Iranian threat actors....
Mandiant links Ghostwriter operations to Belarus
Security researchers at the Mandiant Threat Intelligence team believe that Ghostwriter APT group is linked to the government of Belarus....
GitHub addressed two major vulnerabilities in the NPM package manager
Maintainers of the npm package manager for the JavaScript programming language disclosed multiple flaws that were recently addressed. GitHub disclosed two major vulnerabilities...
TrickBot helps Emotet come back from the dead
Probably one of the best known threats for the past several years, Emotet has always been under intense scrutiny from...
When renting a hitman online goes horribly wrong
You might think looking up an illegal act online, and then visiting a website claiming to be all about doing...
SoNot SoSafe: Android malware disguises itself as secure messaging app
If you haven’t heard of SoSafe Chat, you will now. This Android app, purported as a secure messaging application that...
SharkBot Android banking Trojan cleans users out
Researchers have discovered and analyzed a new Android banking Trojan that allows attackers to steal sensitive banking information such as...
