Ransomware Attacks Increased Exponentially in 2021
The growing threat of ransomware has been highlighted by NCC Group's Research Intelligence and Fusion Team (RIFT) analysis. Between January-March...
News
This NPM Package with Millions of Weekly Downloads Patched a RCE Flaw
A critical remote code execution (RCE) flaw has been fixed in the popular NPM package "pac-resolver." Developer Tim Perry discovered the...
Hackers Exploit Camera Vulnerabilities To Spy On Parents
Various zero day vulnerabilities in home baby monitor could be compromised that lets threat actors hack into camera feed and...
Mozi Botnet Creators Arrested by Chinese Law Enforcement Authorities
Cybersecurity researchers from the Chinese information security firm Netlab Qihoo 360 reported that at the beginning of this year the...
More than 60,000 Parked Domains Were Vulnerable to AWS Hijacking
MarkMonitor, a domain registrar, had left over 60,000 parked domains susceptible to domain hijacking.MarkMonitor, now part of Clarivate, is a...
US-CERT Bulletin (SB21-249):Vulnerability Summary for the Week of August 30, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Netgear addresses severe security flaws in 20 of its products
Netgear has released security updates to address high-severity vulnerabilities affecting several of its smart switches used by businesses. Netgear has...
Malware found pre-installed in cheap push-button mobile phones sold in Russia
Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian...
FBI IC3 warns of a spike in sextortion attacks
The FBI Internet Crime Complaint Center (IC3) warns of a spike in sextortion attacks since the beginning of 2021 that...
Pacific City Bank hit by AVOS Locker Ransomware
Pacific City Bank was hit by AVOS Locker Ransomware operators, the gang claims to have stolen sensitive file from the...
Surge in Sextortion Attacks Cost Targeted Users $8 This Year
The FBI IC3 (Internet Crime Complaint Center) raised an alert about a great surge in sextortion complaints since January 2021,...
Microsoft Links SolarWinds Serv-U SSH 0-Day Attack to a Chinese Hacking Group
Microsoft Threat Intelligence Center has published technical facts regarding a now-patched, 0-day remote code execution exploit affecting SolarWinds Serv-U managed...
Babuk Ransomware Full Source Code Leaked On A Russia-Speaking Hacking Forum
The complete source code for the Babuk ransomware has been leaked by a threat actor on a Russian-speaking hacking forum,...
Cryptocurrency Exchange Bilaxy Under Attack, Hacker Stole ERC20 Wallet Tokens
On Sunday 29th of August, the Hong Kong-based cryptocurrency exchange Bilaxy was the subject of a breach that infiltrated a...
Beaumont Health: The Latest Victim of Accellion Breach
Beaumont Health, headquartered in Michigan, is the latest victim of the Accellion data breach, which began in December 2020 and...
WhatsApp fined €225M over GDPR issues
The Irish Data Protection Commission has fined WhatsApp €225 million over data sharing transparency for European Union users’ data with Facebook. The...
Security Affairs newsletter Round 330
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Major IPS in New Zealand hit by massive DDoS, Internet outages reported
A massive DDoS hit New Zealand ‘s third-largest internet operator isolating parts of the country from the Internet. A massive...
SEC warns of investment scams related to Hurricane Ida
The US Securities and Exchange Commission warns investors of potential investment scams that leverages Hurricane Ida as a bait. The US Securities and...
Critical Flaws in NPM Package Patched by Node.js Developers
Node.js maintainers have launched a major update to the npm package "tar" (aka node-tar) that resolves five critical safety flaws,...
Vulnerabilities Found In Moxa Railway Devices, Can Cause Disruption
Railway and other wireless communication devices developed by Moxa have been affected by 6p vulnerabilities. Moxa is a Taiwan based...
WordPress Sites Affected by Bugs in Gutenberg Template Library and Redux Framework
The Gutenberg Template Library & Redux Framework plugin for WordPress, which is deployed on over 1 million websites, has two...
QakBot (QBot) Campaign: A thorough Analysis
Trojan-Banker QakBot, also known by the names - QBot, QuackBot, and Pinkslipbot, is a modular information stealer that has been...
Autodesk Disclosed it was Targeted in SolarWinds Hack
Autodesk has disclosed that it was also targeted by the Russian state hackers behind the large-scale SolarWinds Orion supply-chain assault,...
