Security Affairs newsletter Round 310
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
News
Is BazarLoader malware linked to Trickbot operators?
Experts warn of malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. Since January, researchers...
Google Project Zero updates vulnerability disclosure policy moving to a “90+30” model
Google Project Zero security team has updated its vulnerability disclosure policy, it gives users 30 days to patch flaws before...
Database containing e-mail addresses of Navalny’s supporters leaked onto the Internet
Navalny's team is now investigating and identifying the source of the leak. The team assured them that they did not...
The United States imposes sanctions against 25 Russian companies for cyber attacks and Crimea
On 15 April, the US Treasury Department put 25 Russian companies, six of which are IT companies, on its sanctions...
Online Learning of University of Hertfordshire Disrupted Due to a Major Cyber-Attack
By now it's a well-known fact that most of the students are relying on online learning and video-conferencing apps due...
IBM: Flags More Cyber Attacks on COVID-19 Vaccine Infrastructure
On Wednesday, IBM reported that its cyber-security unit has discovered more digital attacks targeting the global COVID-19 vaccine supply chain...
Crypto Lending Service, Celsius Suffers Third Party Data Breach
Cryptocurrency rewards portal, Celsius has witnessed a data breach, with the personal details of its clients disclosed by a third-party...
6 out of 11 EU agencies running Solarwinds Orion software were hacked
SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for...
Critical RCE can allow attackers to compromise Juniper Networks devices
Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable...
Shady scam bots trick Omegle users into nonconsensual video sex recordings
14-year old Michael (not his real name) from Scandinavia first visited Omegle, the video online chat that has become hugely...
Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have...
Deepfakes were going to change everything. And then they didn’t
For much of 2020, the most visible conversation about the US election and tech was related to deepfakes (images or...
U.S. Agencies Warns of Russian APT Operators Exploiting Five Publicly Known Vulnerabilities
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly...
ParkMobile Data Breach: 21Million User Data Exposed
Due to a data breach, the account details of 21 million customers of ParkMobile, a prominent mobile parking app in...
643GB of Customer Information Exposed in a Data Breach Suffered by Bizongo
The issue of data fraud has been on a rapid rise, as of late, and evidently so as data breaches...
University of Hertfordshire Hit by Cyberattack
The University of Hertfordshire has become the most recent victim of a spate of digital assaults against academic institutions after...
Russia-linked APT SVR actively targets these 5 flaws
The US government warned that Russian cyber espionage group SVR is exploiting five known vulnerabilities in enterprise infrastructure products. The...
Mirai code re-use in Gafgyt
Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code. ...
Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto
Group-IB observed the North Korea-linked Lazarus APT group stealing cryptocurrency using a never-before-seen tool. In the last five years, JavaScript...
US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack
The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence...
Chrome users, here’s how to opt out of the Google FLoC trial
Two weeks after Google launched a trial to replace run-of-the-mill online user tracking with new-fangled online user tracking, several companies...
“Huge upsurge” in DDoS attacks during pandemic
Researchers at Netscout have released a report analyzing the malicious internet traffic of 2020 and comparing it to the years...
Malwarebytes releases SMB Cybersecurity Trust & Confidence Report 2021
What can we say about 2020 that hasn’t already been said? Beliefs were shaken. Values were questioned. Truths were tested....
