LockBit 2.0, the first ransomware that uses group policies to encrypt Windows domains
A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers...
OSINT
Critical flaw in Microsoft Hyper-V could allow RCE and DoS
Experts disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow executing arbitrary code on...
US, UK, and Australian agencies warn of top routinely exploited issues
A joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in...
Chinese cyberspies used a new PlugX variant, dubbed THOR, in attacks against MS Exchange Servers
A China-linked cyberespionage group, tracked as PKPLUG, employed a previously undocumented strain of a RAT dubbed THOR in recent attacks....
BlackMatter, a new ransomware group, claims link to DarkSide, REvil
There’s a new ransomware gang in town—and, frankly, we’re not at all surprised. After DarkSide disappeared—coincidentally, immediately after Colonial Pipeline...
The Olympics: a timeline of scams, hacks, and malware
The 2020 Olympics are, after a bit of a delayed start, officially in full swing. So too is the possibility...
UDP Technology IP Camera firmware vulnerabilities allow for attacker to achieve root
Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP...
Signal Patches Zero-Day Bug in its Android App
Signal has patched a critical flaw in its Android app that, in some circumstances, sent random unintended images to contacts...
Cyberattacks Zero in Tokyo Olympics as Games Begin
Malicious malware and websites have targeted both event organizers and regular spectators as the Tokyo Olympics' opening ceremony approaches. According to...
Hackers Applying HTML Smuggling To Distribute Malware
Another latest spam E-mail operation, which abused a technique named "HTML smuggling" to circumvent E-mail security measures and transmit malware...
Fake Windows 11 Installers are Being Used to Spread Malware
Although Windows 11 isn't expected to be released until later this year, hackers have already begun attempting to use it...
DDoS attacks in Q2 2021
News overview In terms of big news, Q2 2021 was relatively calm, but not completely eventless. For example, April saw the...
CredPhish – A PowerShell Script Designed To Invoke Legitimate Credential Prompts And Exfiltrate Passwords Over DNS
CredPhish is a PowerShell script designed to invoke credential prompts and exfiltrate passwords. It relies on CredentialPicker to collect user...
LoGiC.NET – A More Advanced Free And Open .NET Obfuscator Using Dnlib
LoGiC.NET is a free and open-source .NET obfuscator that uses dnlib for folks that want to see how obfuscation works...
IBM Cost of a Data Breach study: average Cost of Data Breach exceeds $4.2M
The ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded...
BlackMatter ransomware group claims to be Darkside and REvil succesor
BlackMatter ransomware gang, a new threat actor appears in the threat landscape and claims to combine TTPs of Darkside and...
Flaws in Zimbra could allow to takeover webmail server of a targeted organization
Researchers discovered flaws in Zimbra email collaboration software that could allow attackers to compromise email accounts by sending a malicious...
Kaseya Unitrends has unpatched vulnerabilities that could help attackers expand a breach
It must not be easy to work at Kaseya right now. While they are working as hard as they can...
The Clubhouse database “breach” is likely a non-breach. Here’s why.
Before the work week ended last week Friday, a security researcher found a leak of what is claimed to be...
Mobile County Officials Informs County Employees of Data Breach
The officials of Mobile County in southwest Alabama, have finally notified county employees of a computer system breach that compromised...
Q2 2021 Report by Digital Shadow, Abridged
Q2 2021 was among the most important ransomware periods, with several significant events taking place. Humans witnessed one of the...
WhatsApp CEO: US Allies’ National Security Officials Targeted with NSO Malware
According to WhatsApp CEO Will Cathcart, governments used NSO group malware to target high-ranking government officials all around the world. Cathcart...
3.8 Billion Phone Numbers of Clubhouse Users up for Sale on Dark Web
On a hacking forum, a threat actor has begun selling the confidential database of Clubhouse, which contains 3.8 billion phone...
Using MITRE D3FEND Framework (0.9.3-BETA-1)
The MITRE Corporation, one of the most respected organizations in the cybersecurity field, has released D3FEND, a complementary framework to...
