Newly Discovered ‘Tomiris’ Backdoor Linked to SolarWinds Attack Malware
Kaspersky security researchers have unearthed a new backdoor likely designed by the Nobelium advanced persistent threat (APT) behind last year's...
News
Neiman Marcus discloses data breach, payment card data exposed
Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer...
Ransomware Attack On Major European Bookseller
Recently a ransomware attack targeted a leading book supplier software, the attack interrupted regular functions of thousands of bookstores in...
RansomEXX Comes into Action Encrypting Files Using AES-CBC
In the latest Profero report - Senior Incident Responder Brenton Morris states that RansomeXX decryptors have failed to encrypt different...
Google fixes 2 new actively exploited zero-day flaws in Chrome
Google rolled out urgent security updates to address two new actively exploited zero-day vulnerabilities in its Chrome browser. Google this...
Turkish National Charged for DDoS Attack on U.S. Company
Authorities in the United States charged a Turkish national for launching distributed denial-of-service (DDoS) assaults against a Chicago-based multinational hospitality...
GriftHorse Malware has Infected More than 10 Million Android Devices
A new malware named GriftHorse is said to have infected over 10 million Android cell phones. According to the research...
Weaponizing Apple AirTag to lure users to malicious sites
Threat actors could exploit a stored cross-site scripting (XSS) vulnerability in Apple AirTag product to lure users to malicious websites....
GhostEmperor: From ProxyLogon to kernel mode
Download GhostEmperor’s technical details (PDF) While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster...
Experts show how to make fraudulent payments using Apple Pay with VISA on locked iPhones
Security researchers devised a new attack method against iPhone owners using Apple Pay and Visa payment cards. Boffins from the...
Popular Android apps with 142.5 million collective installs leak user data
14 top Android apps with 142.5 million installs are misconfigured, leaving their data exposed to unauthorized parties Original post @...
Android Trojan GriftHorse, the gift horse you definitely should look in the mouth
Researchers at Zimperium have discovered an aggressive mobile premium services campaign with over 10 million victims all over the world....
Telegram-powered bots circumvent 2FA
Two-factor authentication is a great way to protect your online accounts, and we always recommend you turn it on. But...
Cybersecurity experts have discovered a new hacker group
Cybersecurity experts have discovered a new hacker group ChamelGang, which attacks institutions in ten countries around the world, including Russia....
Scammers are Using Twitter Bots for PayPal and Venmo Scams
Internet scammers are using Twitter bots to trick users into making PayPal and Venmo payments to accounts under their possession....
Bandwidth Suffers Outages Caused by DDoS Attack
Within the last couple of days, Bandwidth.com has been the latest target of distributed denial of service attacks targeting VoIP...
Nobelium APT Group Uses Custom Backdoor to Target Windows Domains
Researchers from Microsoft Threat Intelligence Center (MSTIC) identified FoggyWeb, a new custom malware utilized by the Nobelium APT group to...
Threat Actors from China Infiltrated a Major Afghan Telecom Provider
Just as the US was completing its withdrawal from Afghanistan, several China-linked cyberespionage groups were seen intensifying attacks on a...
Threat actors use recently discovered CVE-2021-26084 Atlassian Confluence
Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. Trend Micro researchers have spotted...
CISA releases Insider Risk Mitigation Self-Assessment Tool
The US CISA has released a new tool that allows to assess the level of exposure of organizations to insider...
Facebook released Mariana Trench tool to find flaws in Android and Java apps
Facebook released Mariana Trench, an internal open-source tool that can be used to identify vulnerabilities in Android and Java applications....
Expert discloses new iPhone lock screen vulnerability in iOS 15
The security researcher Jose Rodriguez discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet...
Vaccine passport app leaks users’ personal data
Security and privacy advocates may have cause to worry after all: Portpass, a vaccine passport app in Canada, has been...
Microsoft, CISA and NSA offer security tools and advice, but will you take it?
Microsoft offers to help you with patching Exchange servers, CISA offers an insider threat tool, and together with the NSA...
