-
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack GalleryNew IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
Exploitation, IOC's, Linux Malware, malicious cyber actors, Malware, Mobile Security, Security Advisory, Security Update, Targeted Attacks
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
A new IoT botnet malware dubbed RapperBot has been noticed promptly evolving its capabilities because it was 1st discovered in mid-June 2022. RapperBot Malware RapperBot has limited DDoS capabilities, it [...]
New GwisinLocker ransomware encrypts Windows and Linux ESXi servers
A new ransomware family called ‘GwisinLocker’ targets South Korean industrial and pharmaceutical companies. GwisinLocker ransomware ReversingLabs researchers discovered a new ransomware family targeting Linux-based systems. The malware, dubbed GwisinLocker was [...]
Critical RCE vulnerability impacts 29 models of DrayTek routers
Researchers at Trellix have discovered a critical unauthenticated remote code execution (RCE) vulnerability impacting 29 models of the DrayTek Vigor series of business routers. The vulnerability is tracked as CVE-2022-32548 [...]
Russian organizations attacked with new Woody RAT malware
On Wednesday, Hackers attacks Russian organizations with the newly discovered malware, allowing them to take control and steal information from compromised devices remotely. According to Malwarebytes, one of the Russian [...]
VMware Releases Patches for Several New Flaws Affecting Multiple Products
VMware on Tuesday released updates to address 10 security flaws affecting several products that could be used by unauthenticated attackers to perform malicious activities. CVE-2022-31656 to CVE-2022-31665 Issues tracked from [...]
VirusTotal Reveals Most Impersonated Software in Malware Attacks
Threat actors are increasingly mimicking legitimate applications like Skype, Adobe Reader, and VLC Player as a means to abuse trust relationships and increase the likelihood of a successful social engineering [...]
Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers
The operators of the Gootkit access-as-a-service (AaaS) malware have resurfaced with updated techniques to compromise unsuspecting victims. All about GootKit : The Gootkit Access-as-a-Service (AaaS) malware's operators have reemerged with [...]
North Korean Hackers Using Malicious Browser Extension to Spy on Email Accounts
A group of North Korean hackers is using a rogue Microsoft Edge or Chrome plugin to track or access user email accounts. Cybersecurity firm Volexity attributed the malware to an activity cluster it calls SharpTongue, [...]
Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network
The decentralized file system solution known as IPFS is becoming the new "hotbed" for hosting phishing sites, researchers have warned. What’s with IPFS and why do attackers use it? IPFS [...]
LibreOffice Releases Software Update to Patch 3 New Vulnerabilities
The team behind LibreOffice has released security updates to fix three security flaws in the productivity software, one of which could be exploited to achieve arbitrary code execution on affected [...]
-
Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access GalleryMalicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access
Compromised, Internet Security, malicious cyber actors, Malicious extension, Malware, Security Advisory, Security Update, Tips
Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access
Risk actors are significantly abusing Internet Details Services (IIS) extensions to backdoor servers as a means of establishing a “long lasting persistence mechanism.” Microsoft 365 Defender Research Team released a [...]
Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware
Cybersecurity researchers have reiterated similarities involving the hottest iteration of the LockBit ransomware and BlackMatter, a rebranded variant of the DarkSide ransomware strain that closed store in November 2021. The [...]
Windows 11 now blocks RDP brute-force attacks by default
Recent Windows 11 builds come with the Account Lockout Policy policy enabled by default which will automatically lock user accounts (including Administrator accounts) after 10 failed sign-in attempts for 10 [...]
Candiru Spyware Caught Exploiting Google Chrome Zero-Day to Target Journalists
An Israeli spyware outfit turned the actively exploited, but now patched, Google Chrome zero-day issue into a weapon that it deployed to assault Middle Eastern journalists. Candiru Spyware The exploitation [...]
Microsoft Resumes Blocking Office VBA Macros by Default After ‘Temporary Pause’
Microsoft announced today that it resumed the rollout of VBA macro auto-blocking in downloaded Office documents after temporarily rolling it back earlier this month following user feedback. Earlier this February, Microsoft [...]
New Linux Malware Framework Lets Attackers Install Rootkit on Targeted Systems
A never ever-in advance of-observed Linux malware has been dubbed a “Swiss Military Knife” for its modular architecture and its functionality to set up rootkits. Lightning Framework This previously undetected [...]
Atlassian fixes critical Confluence hardcoded credentials flaw
Atlassian has patched a crucial hardcoded credentials vulnerability in Confluence Server and Information Heart that would let distant, unauthenticated attackers log into weak, unpatched servers. One of the flaws – CVE-2022-26136 – [...]
Experts Uncover New CloudMensis Spyware Targeting Apple macOS Users
Cybersecurity researchers have taken the wraps off a earlier undocumented spyware focusing on the Apple macOS working technique. The malware, codename CloudMensis by Slovakian cybersecurity company ESET, is said to exclusively use [...]
Russian Hackers Using DropBox and Google Drive to Drop Malicious Payloads
State-backed hackers part of Russia's Federation Foreign Intelligence Service (SVR) have started using Google Drive legitimate cloud storage service to evade detection. APT29, also tracked beneath the monikers Cozy Bear, [...]
New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals
Researchers , have published a paper that demonstrates how a hacker could extract data from an otherwise secure system via its SATA cable. The attack uses the SATA cable itself [...]
7 Phases of Incident Response
Incident Response :Sensitive data and confidential information are the new gold in the digital age, and cyber criminals are naturally always in pursuit of this goldmine. To streamline the process [...]
Netwrix Auditor Bug Could Lead to Active Directory Domain Compromise
Netwrix IT asset tracker and compliance auditor, used across more than 11,500 organizations, contains a critical Insecure Object Deserialization vulnerability that could lead to Active Directory domain compromise. Netwrix The firm [...]
Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking
Juniper Networks this week announced the release of patches for more than 30 vulnerabilities across its portfolio, including severe flaws in Contrail Networking and Junos OS. Two advisories describing a total of [...]
New UEFI firmware flaws impact over 70 Lenovo laptop models
The UEFI firmware used in several laptops made by Lenovo is vulnerable to three buffer overflow vulnerabilities that could enable attackers to hijack the startup routine of Windows installations. Lenovo [...]
Amazon squashes years-old authentication bugs in AWS Kubernetes service
AWS fixed three authentication bugs present in one line of code in its IAM Authenticator for Kubernetes, used by the cloud giant's popular managed Kubernetes service Amazon EKS, that could [...]
ChromeLoader: New Stubborn Malware Campaign
A new browser hijacker/adware campaign named ChromeLoader also known as Choziosi Loader and ChromeBack was discovered. Despite using simple malicious advertisements, the malware became widespread, potentially leaking data from thousands [...]
Microsoft: Windows Autopatch is now generally available
Microsoft on Monday announced the general availability of a feature called Autopatch that automatically keeps Windows and Office software up-to-date on enrolled endpoints. Microsoft Auto Patch Microsoft's new auto patch service It [...]
Checkmate Ransomware Targets QNAP SMB Services
New Checkmate ransomware has been discovered targeting QNAP NAS devices. Although the attacks are still being investigated, it is known that these new ransomware attacks through SMB services are accessible via the internet. QNAP [...]
TrickBot Gang Shifted its Focus on “Systematically” Targeting Ukraine
The operators of the TrickBot malware have resorted to systematically targeting Ukraine since the onset of the war. The group is believed to have orchestrated at minimum 6 phishing strategies [...]
Hive Ransomware Upgraded to Rust to Deliver More Sophisticated Encryption
Researchers from Microsoft Security have spotted an upgraded version of the ransomware-as-a-service (RaaS) dubbed Hive. Hive Ransomware Hive was first detected in June 2021, with the data-encrypting software being offered [...]
Researchers Warn of New OrBit Linux Malware That Hijacks Execution Flow
A new and entirely undetected Linux threat dubbed Orbit, signally a growing trend of malware attacks towards operating system. Orbit Malware The malware gets its name from one of the [...]
AsyncRAT being distributed to vulnerable MYSQL servers
The ShadowServer foundation has recently released a report showing that there are about 3.6 million MySQL servers exposed to outside. Along with MS-SQL server, MySQL server is one of the [...]
Researchers Uncover Malicious NPM Packages Stealing Data from Apps and Web Forms
Researchers have uncovered a software supply-chain attack involving packages hosted on the Node Package Manager (npm), which is the package manager for the Node.js JavaScript platform. The campaign leveraged malicious [...]
Gitlab patches critical RCE bug in latest security release
Gitlab has patched a critical vulnerability that could allow an attacker to execute code remotely. The security issue, which has been rated as critical, has been discovered in all versions of GitLab, [...]
Microsoft: Raspberry Robin worm already infected hundreds of networks
Raspberry Robin is a Windows worm discovered by cybersecurity researchers from Red Canary, the malware propagates through removable USB devices. The malicious code uses Windows Installer to reach out to QNAP-associated [...]
Jenkins discloses dozens of zero-day bugs in multiple plugins
The Jenkins security team announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open-source automation server. 29 of these bugs are zero-days still waiting to be patched. It is a [...]
AstraLocker 2.0 infects users directly from Word attachments
AstraLocker 2.0 is a ransomware variant belonging to the Babuk family. It recently released its second major release, and according to threat analysts, its operators are involved in rapid attacks that drop [...]
evilnum hackers return in new operation targeting migration orgs
The Evilnum hacking group have been targeting European organisations that are involved in international migration, showing renewed signs of malicious activity within the group. Campaign Details Zscaler’s analysts have discovered [...]
New ZuoRAT malware targets SOHO routers in North America, Europe
A multistage remote access trojan (RAT) named ZuoRAT has been targeting remote workers with the help of small office/ home office (SOHO) routers across North America and Europe since 2020. [...]
Android Malware Called ‘Revive’ Poses as 2FA App For Spain’s BBVA Bank
The 2FA application necessary to access BBVA bank accounts in Spain is impersonated by a new Android banking malware called Revive. Instead of aiming to infect consumers of various financial [...]
Microsoft Exchange bug abused to hack building automation systems
A Chinese-speaking threat actor has hacked into the building automation systems (used to control HVAC, fire, and security functions) of several Asian organizations to backdoor their networks and gain access [...]
Critical Security Flaws Identified in CODESYS ICS Automation Software
CODESYS has launched patches to handle as many as 11 safety flaws that, if efficiently exploited, may end in info disclosure and a denial-of-service (DoS) situation, amongst others. The vulnerability [...]
Attackers exploited a zero-day in Mitel VOIP devices to compromise a network
CrowdStrike researchers recently investigated the compromise of a Mitel VOIP appliance as an entry point in a ransomware attack against the network of an organization. Mitel VOIP Mitel VOIP devices [...]
Dark Web Profile: Netwalker Ransomware
Many ransomware gangs have attempted and failed to quake the cybersecurity landscape. But some have broken through and even rearranged it with their obfuscatory cyberattack methods. Netwalker ransomware is an example of such a [...]
Malicious Windows ‘LNK’ attacks made easy with new Quantum builder
Malware researchers have noticed a new tool that helps cybercriminals build malicious. LNK files to deliver payloads for the initial stages of an attack. Some of the prevalent malware families [...]
Chinese language hackers use ransomware as decoy for cyber espionage
Two Chinese language hacking teams conducting cyber espionage and stealing mental property from Japanese and western firms are deploying ransomware as a decoy. The use of ransomware in espionage operations [...]
Google patched 14 vulnerabilities with release of chrome 103
Google announced the release of Chrome 103 to the stable channel with patches for a total of 14 vulnerabilities, including nine reported by external researchers. CVE-2022-2156, which is described as [...]
Chinese hackers target script kiddies with info-stealer trojan
Cybersecurity researchers have discovered a new campaign attributed to the chinese "Tropic Trooper" hacking group. Tropic Trooper was previously observed targeting Philippines, Hong Kong and Taiwan; while the two latest [...]
Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware
The Ukrainian CERT is warning that russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons. This [...]
VMware Spring Cloud Function Dos Vulnerability
In Vmware Spring Cloud Function versions 3.2.5 and older unsupported versions, it is possible for a user who directly interacts with framework provided lookup functionality to cause denial of service [...]
New ToddyCat APT group targets Exchange servers in Asia, Europe
A complicated persistent menace (APT) group dubbed ToddyCat has been focusing on Microsoft Trade servers all through Asia and Europe for greater than a year. Whereas monitoring the group’s exercise, [...]
BRATA Malware Becomes an Advanced Threat
The malicious attacker driving the BRATA banking trojan has upgraded its techniques and added information-stealing features to the malware. Cleafy, an Italian mobile security firm, has followed BRATA activity and [...]
730K WordPress Sites Force-Updated To Patch Critical Plugin Bug
WordPress sites using Ninja Forms, a forms builder plugin with more than 1 million installations, have been force-updated this week to a new build that addresses a critical security vulnerability. The [...]
High-Severity RCE Vulnerability Reported in Popular Fastjson Library
Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution. Tracked as CVE-2022-25845 -The package com.alibaba:fastjson before [...]
Ransomware Gang Creates Site for Victims to Search for Their Stolen Data
The ALPHV ransomware gang, also known as BlackCat has created a dedicated website that allows the customers and employees of their victims to check if their data was stolen in [...]
Hackers exploit three-year-old Telerik flaws to deploy cobalt strike
The "Blue Mockingbird" group has targeted Telerik UI vulnerabilities to compromise servers. The threat actor installed the Cobalt Strike beacon and mined Monero. The flaw leveraged by the attacker is CVE-2019-18935, a critical severity that [...]
New Hertzbleed side-channel attack affects Intel,AMD CPUs
A new side-channel attack known as Hertzbleed allows remote attackers to steal full cryptographic keys by observing variations in CPU frequency enabled by dynamic voltage and frequency scaling(DVFS). This is [...]
Citrix Releases Security Updates for Application Delivery Management
Citrix has released security updates to address vulnerabilities in application delivery management. An attacker could exploit these vulnerabilities to take control of an affected system. Corruption of the system by [...]
New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials
Zimbra is an enterprise-level email solution, similar to Microsoft Exchange. It comes with mail servers, load balancing features, a powerful web interface, and more. Tracked as CVE-2022-27924 (CVSS score: 7.5), [...]
Hello XD ransomware now drops a backdoor while encrypting
Cybersecurity researchers report increased activity of the Hello XD ransomware, whose operators are now deploying an stronger encryption .Instead, it prefers to direct the impacted victim to negotiations through TOX [...]
Emotet Malware is Now Harvesting Credit Card Information from Google Chrome Browser
Google Chrome has been infected with a new type of malware known as Emotet, which steal users' confidential credit card information. Proofpoint security researchers have found that the botnet is now [...]
New Vytal Chrome extension hides location info that your VPN can’t
A new Google Chrome browser extension called Vytal prevents webpages from using programming APIs to find your geographic location leaked, even when using a VPN. Many people use VPNs to [...]
Newest Symbiote Malware Affects All Running Processes on Linux Systems
A newly discovered Linux malware known as Symbiote infects all running processes on compromised systems, steals account credentials, and gives its operators backdoor access. The main objective of this malware [...]
10 ways attackers gain access to networks
A joint multi-national cybersecurity advisory has revealed the top ten attackers vectors most exploited by cybercriminals in order to gain access to organisation networks, as well as the techniques they use to [...]
Cuba ransomware returns to extorting victims with updated encryptor
A new binary sampled by Trend Micro included minor additions and changes that make the malware more dangerous. More importantly, though, it shows that the operation is still alive and [...]
This WhatsApp Call Forwarding Trick Allows Hackers To Hijack Your Account
As we all know each WhatsApp account is tied to a phone number, and hackers are calling these phone numbers directly and employing social engineering techniques to trick victims into [...]
Qbot malware now uses windows MSDT Zer0-Day in phishing attacks
In phishing assaults, the Qbot malware now uses the Windows MSDT zero-day. A serious Windows zero-day vulnerability known as Follina is currently being actively exploited in continuing phishing campaigns to [...]
DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme
The number of DeadBolt-infected devices is considerably high for a ransomware family that is exclusively targeting NAS devices.The goal of DeadBolt actors is to infect as many victims as possible [...]
LuoYu APT delivers WinDealer malware via man-on-the-side attacks
LuoYu, a Chinese-speaking hacking group, is infecting victims with the WinDealer information stealer that installs backdoors to maintain persistence. The stealer performs man-on-the-side attacks. WinDealer A malicious Windows tool named [...]
Unpatched Atlassian Confluence vulnerability is actively exploited
Researchers found a vulnerability in Atlassian Confluence by conducting an incident response investigation. Atlassian rates the severity level of this vulnerability as critical. Atlassian has issued a security advisory and is working on [...]
Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control
The CISA is releasing this CSA to warn organizations that malicious cyber actors, likely APT actors, are exploiting VMware vulnerabilities CVE-2022-22954 and CVE-2022-22960 separately. These vulnerabilities affect certain VMware versions [...]
Analysis of the Massive NDSW/NDSX Malware Campaign
The "Parrot TDS" campaign involving more than 16,500 infected websites. such massive infections don't go unnoticed by Sucuri and immediately recognized that the infection in their writeup belonged to the [...]
-
Microsoft Security: Exposing POLONIUM activity and infrastructure targeting Israeli organizations GalleryMicrosoft Security: Exposing POLONIUM activity and infrastructure targeting Israeli organizations
Internet Security, Microsoft, POLONIUM activity, Security Advisory, Security Update, Targeted Attacks
Microsoft Security: Exposing POLONIUM activity and infrastructure targeting Israeli organizations
Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM . The associated indicators and tactics [...]
Conti ransomware targeted Intel firmware for stealthy attacks
Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group were actively developing firmware hacks. The ME is an embedded [...]
VMware and F5 BIG-IP flaws are being exploited by EnemyBot
EnemyBot, a botnet derived from many pieces of malware codes, extends its overall reach by rapidly incorporating exploits for previously detected severe vulnerabilities in web servers, content management systems, IoT, [...]
XLoader botnet now uses probability theory to hide its servers
Threat analysts have spotted a new version of the XLoader botnet malware that uses probability theory to hide its command and control servers, making it difficult to disrupt the malware’s [...]
New Microsoft Office Zero-Day Exploit in the Wild
Security researchers recently discovered a new Microsoft Office zero-day flaw(Follina) exploited in PowerShell remote code execution attacks. The new vulnerability, tracked as CVE-2022-30190, would let hackers execute malicious PowerShell commands through [...]
Windows malware uses PowerShell to inject malicious extension into Chrome
The malware is designed to install malicious extension(s) onto browsers. Currently, two distinct variants of ChromeLoader have been detected - one targeting Windows Operating Systems and another - Mac Operating [...]
Austria hit by BlackCat Ransomware, which demands $5 Million
The Austrian Federal State, Carinthia was attacked on Tuesday and Government services were severely disrupted as more workstations were apparently locked by the attacker. BlackCat, also called as ALPHV, a [...]
Critical Vulnerabilities Identified in OAS Platform
Open Automation Software (OAS) has been identified with vulnerabilities by researchers. These vulnerabilities are getting exploited by the threat actors. OAS is a platform that allows data connection between Industrial [...]
Automobile Manufacturer – General Motors under Credential Stuffing Attack
The General Motors had released a report last week about a data breach in the company that occurred between 11th - 29th of April month. However, the cause of this [...]
Further Analysis into BPFDoor reveals about Vulnerability Exploitation
BPFDoor is a traditional backdoor that had been exploited against the Government, telecommunication, Education and Logistics organizations for at least a several years. This was possible because it has been [...]
SpiceJet hit by Ransomware, Flights services are slowed down.
SpiceJet, an airline service providing air transport services since a long time. It offers various destination flights for its customers. According to its website, the airline has a fleet of [...]
Cobalt Strike loaded with Malicious Python Packages
A malicious python package named “pymafka” was found in the PyPI registry by Sonatype’s automated malware detection bots. The name “pymafka” is similar to “pykafka”, a popular and legitimate programmer-friendly [...]
NIKKEI Hit by Ransomware Attack – Not the First Time
Nikkei announced on this Thursday that their server at Asian headquarters located in Singapore was hit by a ransomware attack. This attack has been reported to the Japanese and the [...]
PDF Documents Carrying Snake KeyLogger – Info Stealer
Microsoft Office Files are exploited for social engineering lures (especially Excel and Word), as these file formats are highly preferred by the public. The users are comfortable because the applications [...]
Lazarus targeting on VMware – Log4J Vulnerability Still Active
VMware servers are targeted again by the North Korean Hackers called Lazarus. The CVE-2021-44228 is exploited again to bring impact to a variety of products including the VMware Horizon Servers. [...]
Phishing attacks targeting Microsoft Windows Users with three Malwares
A sophisticated phishing campaign has started targeting Windows User. But, this campaign differs from other phishing attacks as it installs three malwares into the victim’s system. The phishing attack is [...]
Fake Mobile Apps to steal your Credentials and Private Keys
Recent observance by researchers in the Google Play Store showed that numbers of applications are malicious to the user. The malicious activities performed includes the stealing of credentials, private information [...]
Increasing Investors in NFT leads Hackers to Target NFT Sites
Due to the hiking interests towards the Pixelmon NFT Site, the threat actors have turned their attention towards them. Pixelmon is an Open World RPG NFT game. The player can [...]
BPFDoor with Firewall Security evasion, Linux Specific
Recently, BPFDoor - a malware was brought to light after years under the radar. It allows a threat actor to backdoor a system for remote code execution. It does not [...]
Ramping efforts of Russian Hackers against the Satellites of SpaceX
Starlink is Satellite Internet Company owned by Elon Musk and it was activated in Ukraine after Russia crippled the country's communication systems during the ongoing war Starlink Resistance Recently, Musk [...]
Microsoft Exchange Servers affected by Post-Exploitation Malware
A post-exploitation malware Framework set down within the Microsoft Exchange Servers of organizations in various sectors across multiple regions. This campaign seems to be gathering intelligence and is tethered to [...]
F5 Released Security Patches for the “CVE-2022-1388” – Act Immediately
Admins have been warned by the security researchers against a critical Remote-Control Execution (RCE) flaw in the F5 BIG-IP. Last week F5-Security and Application Delivery Solutions Provider, released its security [...]
“Fileless Malware” with a New Form of Cover-Up
Researchers have discovered a new malicious campaign using a never-before-seen technique for injecting Fileless malware on target systems. Fileless malware are far from traditional malware that exploits executive files to [...]
A Data Breach at IKEA, Canada – Company confirms
IKEA Canada has notified Canada’s Office of Privacy Commissioner (OPC) after the personal information of 95k Canadian customers appeared in a data breach. In a statement provided, the furniture retailer [...]
CISCO NFV Zero-day Vulnerability
Cisco has released software updates that address the Enterprise Network Function Virtualization Infrastructure Software (NFVIS) vulnerabilities. The security updates recently released contains three vulnerabilities that affect Cisco Enterprise NFVIS in [...]
Critical Vulnerability in Common Enterprise Switches and more…
TLStorm - a group of vulnerabilities found while implementing TLS(Transport Security Layer) in multiple models of network switches. This unofficially named, TLStorm 2.0 – a similar one with three vulnerabilities [...]
Beware Corporate, Mergers & Acquisitions are being targeted !
A recently uncovered espionage threat actors are targeting the employees majoring in the mergers and acquisitions to facilitate a mass email collection from the victim’s environments. Also focusing on the [...]
CERT-In advisory for Indian Organization – All You Need to Know !!
Past Week we could see a lot of Indian Organizations were under targeted attack and they were compromised. Now we can see CERT-In became active and provided guidelines for Organizations. [...]
Is Black Basta Ransomware a Beast? Sounds like it is.
Black Basta, a new ransomware has started its play during the month of April, with a start of approximately ten to fifteen companies. The first KNOWN attack of this group [...]
Why Indian Companies are not taking the Cyber Attack Seriously ?
Are they not understanding the aftermath of hacking? The article released by us on Monday about "Stormous Ransomware" Group is targeting the Indian companies, contained the list of websites targeted [...]
Indian Companies are under Targeted Attack – Financially motivated
Security Researchers Identified "Stormous ransomware campaigns" targeting multiple organization, especially Indian organization for financial motivation This group especially connect with attackers through Telegram Channel and Onion websites. Recently they have [...]
The Duck has Started Mining Again – As per CrowdStrike Researchers
OUTLINE The Emerging growth of the Digital Currencies also develops the need of protection from unforeseen hazards. The “LemonDuck” botnet, already in existence, is now targeting the Docker APIs for [...]
Windows 11 Upgrade – Fake Campaign is back Again & Again to steal the rest of what you have.
OVERVIEW Attack was active on Feb-08-2022 through RedLine Malware, now it’s more effective and researchers named that as “Inno Stealer”. According to CloudSEK, the threat actors have fabricated a website [...]
Digital Currency Exchanges and Users are under Targeted Attack by North Korean – TraderTraitor
TraderTraitor – North Korean Group targeting the Blockchain companies and NFT trading platforms to heist your NFT’s and Digital Crypto Coins. FBI, CISA and US Treasury Department released Joint Cyber [...]
Security Update — BIG-IP APM AD Authentication Vulnerability
Security Advisory Description BIG-IP APM AD (Active Directory) authentication can be bypassed using a spoofed AS-REP (Kerberos Authentication Service Response) response sent over a hijacked KDC (Kerberos Key Distribution Center) [...]
Threat Actors Abusing Excel Against Malicious XLM Macros
Attackers using Excel documents to distribute various malware — placing backdoor to compromise machines. Macros Malware Recent days attackers use Macro malware — hides in Microsoft Office files and is delivered [...]
Security Vulnerability Update — Siemens Mendix Applications
Siemens released security update for Siemens Mendix Applications — prone to an elevation of privilege vulnerability.prone to an elevation of privilege vulnerability. Privilege Escalation — CVE-2021-27394 Security researchers discovered elevation [...]
Security Vulnerability Update — Adobe RoboHelp Privilege Elevation
Adobe released vulnerability update for RoboHelp — prone to an elevation of privilege vulnerability. Elevation of Privilege Adobe RoboHelp is a Help Authoring Tool (HAT) that allows you to create help systems, [...]
Passwordstate Password Manager Installs Backdoor — Supply Chain Attack
Passwordstate app's update hijacked to install malware in a supply-chain attack after breaching its networks. Supply Chain Attack — Passwordstate Passwordstate password management app notified users on a supply chain attack [...]
ToxicEye Remote Access Trojan Exploits Telegram For C&C
To steal data from victims and update itself to perform additional malicious activities — Telegram exploited by Remote Access Trojan ToxicEye Trojan Exploits Telegram Operators of a new Remote Access [...]
Twitter Suspicious Email Asking For Account Confirmation
Many users are receiving Email alike phishing from Twitter asking users to confirm their accounts. Phishing Twitter Mail Around 10 PM EST, Twitter caused quite panic by accidently sending emails [...]
Zero-Day Security Vulnerability — Pulse Connect Secure VPN
Attackers are exploiting zero-day in Pulse Secure VPNs to breach organisations — (CVE-2021-22893) 0-Day Vulnerability Security mitigations released for zero-day vulnerability to assist with determining if systems have been impacted. [...]
Critical Security Vulnerability Update — Adobe Bridge
Adobe has released a security update for Adobe Bridge for arbitrary code execution in the context of the current user. Vulnerability Description Adobe has released a security update for Adobe Bridge. This update [...]
Ryuk Ransomware Updates Its Hacking Functionality
This time the ransomware relied more on compromising exposed RDP connections to gain an initial foothold on a target network. Ransom.Ryuk Ransom.Ryuk is used in targeted attacks, where the threat [...]
Critical Remote Code Execution Vulnerability — Juniper OS
During external security research a CRITICAL remote code execution vulnerability discovered in overlayd service. CVE-2021-0254 — JUNOS Description A buffer size validation vulnerability in the overlayd service of Juniper Networks [...]
Apache Critical Security Vulnerability — CVE-2021-27850
Apache released security updates for bypass of older vulnerability — Arbitrary Code Execution Apache Tapestry — Arbitrary Code Execution Vulnerability A critical unauthenticated remote code execution vulnerability was found all [...]
Critical Security Vulnerability Update — Adobe Photoshop
Adobe has released updates for Windows and macOS for CRITICAL severity vulnerabilities in Photoshop. Photoshop Vulnerability Multiple vulnerabilities were found in Adobe Photoshop. Security updates were released for the below [...]
Update For UnPatched Browsers — RCE Exploit
An exploit aimed at the V8 JavaScript rendering engine to hack Google Chrome and Microsoft Edge (Chromium) browsers. Browser RCE Exploit Researcher discovered flaw impacting Google Chrome and other Chromium-based [...]
Huawei Users Alert — Infecting Joker Malware
Over 500,000 Huawei Android devices were found to be infected as malicious apps were downloaded from the company’s official Android store. Joker Malware Researchers found ten seemingly harmless apps in [...]
Pierre Fabre Group Hit By REvil Cyber Attack — $25 million Ransom
Leading pharmaceutical group Pierre Fabre confirmed a REvil ransomware attack — demanded a $25 million ransom. REvil Ransomware, also known as Sodinokibi, is another strain of ransomware that infects a system [...]
Gigaset Mobile Users Targeted Via Hacked Update Server
Android Device Malware Attack Malware infection detected in Gigaset Android devices as external update server got compromised. Gigaset is a German manufacturer of telecommunications devices, including a series of smartphones [...]
Multiple Security Vulnerabilities Affecting Cisco Products
Cisco has released security updates regarding multiple vulnerabilities — considered as CRITICAL severity. Vulnerability Advisory Cisco Small Business Routers — CVE-2021-1459 Description: A vulnerability in the web-based management interface of [...]
Android Malware Spreads Via WhatsApp Auto-Replies
Researchers discovered wormable android malware — capable of propagating via WhatsApp messages. FlixOnline Malicious App Researchers recently discovered malware on Google Play hidden in a fake application — capable of [...]
SAP Applications Are Critical Against Old Vulnerabilities
Threat actors targeting widely deployed, mission-critical SAP applications — exposing the networks of commercial and government organizations to attacks. High Severity Attack Critical vulnerabilities in unpatched SAP applications are being [...]
Critical Vulnerability Update — VMware Carbon Black Cloud Workload Appliance
Security update is available to remediate the critical vulnerability addressing VMware Carbon Black Cloud Workload appliance. CVE-2021-21982 — Bypass Authentication Description A URL on the administrative interface of the VMware [...]
LinkedIn Phishing Job Offers Targeting Professionals
Fake job offer — phishing campaigns delivering backdoor, targeting job professionals in LinkedIn. LinkedIn Spear-Phishing eSentire’s research team, the Threat Response Unit (TRU), discovered that hackers are spear-phishing victims with [...]
Zero-Day Vulnerability Discovered — QNAP NAS Devices
Multiple vulnerabilities were found in QNAP NAS devices allowing access to user data and complete takeover. 0-Day Vulnerabilities — QNAP Devices QNAP's Network Attached Storage(NAS) are systems that consist of one [...]
Users Facebook Personal Data Leaked On Hacker Forum
Over 533 million worldwide Facebook users data leaked on a popular cyber-crime forum for free. Tech Giants Data Breach A threat actor has published details for an estimated 533 million [...]
Privilege Escalation Vulnerability In Umbraco
Researcher identified in Umbraco CMS — privilege escalation vulnerability allowing attackers to access resources which are normally accessible only by higher-privileged users. Umbraco CMS — CVE-2020-29454 Description: Editors/LogViewerController.cs in Umbraco [...]
Attackers Targeting Fortinet FortiOS Servers Using Multiple Exploits
The FBI and CISA warn — APT actors are scanning Fortinet FortiOS for vulnerabilities — to gain access for multiple high-level service networks. FortiOS Vulnerability In March 2021 the Federal [...]
Google Chrome Security Vulnerabilities — Stable Channel Update
Chrome - the Stable channel updated to 89.0.4389.114 for Windows, Mac and Linux. Vulnerability Update Chrome addressed with 8 security vulnerabilities. Importantly the update includes HIGH severity vulnerabilities. However, Below [...]
Over 3.5M MobiKwiK Users Data Leaked On Dark Web
Thousands of customers data using Indian Payments App account leaked and available on the dark web. MobiKwik — Data Breach Personal details of 3.5 million MobiKwik users data might leaked, according [...]
Android Malware Steals Data Poses As Security Update
Researchers uncovered malware posing as System Update — takes control of the device, steals almost all the data, and perform a variety of invasive actions. System Update Steals Data Latest [...]
Purple Fox Worm Targets Microsoft Windows Machines
Threat actors are hosting a new malware "Purple Fox" campaign — attacks have spiked by about 600% according to Guardicore researchers. Windows Spreading Malware Purple Fox malware with worm capabilities [...]
Phishing Campaigns Bypassing Email Gateways — Microsoft Warns
According to Microsoft, a phishing campaign active since December expanded with new feature, also now bypass Email Gateway. Phishing Attack Phishing — a type of social engineering attack often used to steal user [...]
Apache OFBiz Critical Vulnerability — Fix Now
RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI — Patch to the latest version. CVE-2021-26295 — Apache OFBiz Vulnerability Apache OFBiz is an open source enterprise [...]
Critical Vulnerability SQL Injection, XSS Attacks — MyBB Security Update
MyBB released security updates for multiple vulnerabilities including SQL injection, XSS attacks, bypassing issues. Security Vulnerability MyBB is the free and open source forum software powering thousands of engaging, vibrant, and unique [...]
Acer Hit By REvil Ransomware — Largest Known Ransom
PC giant Acer attacked by ransomware gangs — demanded $50 million to not leak on dark web — decrypt the company's computers. REvil Ransomware Acer, Taiwan's very own PC giant, [...]
Security Vulnerability Update — Intel Cell Modem
A security vulnerability update released by Intel to mitigate this potential vulnerability. CVE-2020-24482 — Intel 7360 Cell Modem Description: Improper buffer restrictions in firmware for Intel(R) 7360 Cell Modem before [...]
Compromised E-Commerce Platforms Credit Card Details Stored In .JPG File
An E-Commerce platform running open-source Magento v2 compromised by threat actors — hid the stolen details in a JPG image. Magecart Attack — Magento Platforms Hackers leverage sneaky techniques to [...]
Security Vulnerability Update — Adobe Framemaker
Adobe has released security updates for its products causing Boundary Condition problem. CVE-2021-21056 — Adobe Framemaker Adobe has released a security update for Adobe Framemaker. The specific flaw exists within the parsing of [...]
DearCry Ransomware Targets Exchange Servers Using ProxyLogon vulnerability
Threat actors are using the recently disclosed zero-day ProxyLogon vulnerabilities — installing a new strain of ransomware called DEARCRY in Exchange servers. Zero-Day Exchange Vulnerability Earlier this month, Microsoft revealed [...]
Another Zero-Day Bug Fix — Google Chrome Security Update
Google fixed another 0-day vulnerability in Chrome browser within a month. CVE-2021-21193 — Chrome Zero-Day A new zero-day vulnerability CVE-2021-21193 was addressed by Google. Earlier this month, Google released an update for [...]
FortiProxy SSL-VPN —Security Vulnerability Update
Fortinet released security fix for the vulnerability — Security ByPass CVE-2021-22128 — FortiProxy SSL VPN FortiProxy — a secure web proxy that protects employees against internet-borne attacks by incorporating multiple detection [...]
Apple Security Vulnerability Update For Critical Bug
Apple has released security updates for a severe vulnerability affected in Apple Safari, macOS Big Sur, iOS, iPadOS and watchOS. CVE-2021-1844 — Multiple Apple Products Multiple Apple products are vulnerable [...]
Security Vulnerability Update — Accellion FTA
Accellion released patches addressing vulnerabilities in its File Transfer Appliance. CVE-2021-27104 — Accellion File Transfer Appliance Recently, Accellion — secure file sharing empowers employees to work with third parties across a [...]
Critical Android Bugs — Samsung Fix Released
Samsung started rolling out Android's March 2021 security updates for critical security vulnerabilities. March 2021 — Samsung Update Though exploitation for many issues on Android is made more difficult by [...]
Exchange Server Attacks Against US Local Governments — Zero-Day Vulnerabilities
Zero-Day vulnerabilities are actively exploit — attacks against local US government agencies. Microsoft Exchange Server — Zero-Day Vulnerabilities Mandiant the information security industry acquired by FireEye observed multiple instances of abuse [...]
Chrome 89 Security Update — Active Zero-Day Vulnerability
Google warned users to update Chrome browser — zero-day vulnerability in the Chrome browser — actively exploited in the wild. Zero-Day Bug — Chrome A zero-day vulnerability is referred as the number [...]
iPhone Models Under Risk — New iOS Jailbreak Threat
Jailbreaking threat made possible to all iPhone models under risk as a vulnerability that Apple already been fixed. iOS Jailbreaking Threat actors has updated a jailbreaking tool which allows to [...]
Serious Windows 10 Drive Corruption Bug — Microsoft Fixed
A weird Windows 10 drive corruption bug fixed — available for Windows Insider program. Windows 10 Driver Bug An unpatched zero-day in Microsoft Windows 10 allows attackers to corrupt an [...]
Oxford University Lab System’s Hacked — Studying COVID-19
Research at Oxford University lab studying COVID-19 — attacked by threat actors. COVID-19 Research Researcher from Oxford University evidenced — a laboratory researching COVID-19 was hacked. Coronavirus disease, an infectious [...]
Critical Bug In All VMware ESXi and vSphere Client
Security updates are available to remediate multiple vulnerabilities affecting VMware products. vCenter Security Vulenerabilties: Multiple vulnerabilities in VMware ESXi and vSphere Client with the following CVE's were fixed by VMWare: The [...]
Security Update — PHP Race Condition Vulnerability
A security update released for PHP Denial of Service Vulnerability. CVE-2021-21702 — Denial Of Service In PHP versions 7.3.x below 7.3.27, 7.4.x below 7.4.15 and 8.0.x below 8.0.2, when using [...]
Security Update — Cisco AnyConnect DLL Hijacking
Cisco released security updates for Cisco AnyConnect secure mobility client for windows arbitrary code execution vulnerability. CVE-2021-1366 — Cisco AnyConnect Cisco AnyConnect Secure Mobility Client empowers remote workers with frictionless, [...]
Kia Motors Hit By Ransomware Attack — Denied As No Evidence Of Attack
Kia Motors America denied the ransomware attack after a day-long network outages. Ransomware Attack — KMA Kia Motors America (KMA) is headquartered in Irvine, CA with nearly 800 dealers in [...]
UL — Global Safety Certification Giant Hit By Ransomware Attack
Underwriters Laboratories UL LLC, a global safety certification company has suffered a ransomware attack that encrypted its servers. Ransomware Attack On Certification Giant Underwriters Laboratories largest, oldest and the world’s leading [...]
Zero-Day Vulnerability IBM InfoSphere Information Server
Researchers discovered a zero-day vulnerability on IBM InfoSphere Information Server 8.5.0.0 Description: IBM InfoSphere Information Server is a leading data integration platform with offerings that help you understand, cleanse, monitor, and [...]
Botnet Targeting Windows, Linux Servers For Two Years
WatchDog botnet performs cryptojacking for almost 2 years to take over windows and linux servers. Daemon — WatchDog: A botnet is a number of Internet-connected devices, each of which is running one or [...]
Apple Patched Severe macOS Big Sur Data Loss Bug
Apple has released a new update that could cause serious data loss. Big Sur 11.2 to 11.2.1(20D75) macOS Big Sur has suffered a bug as installer not check whether Mac [...]
Telegram Sticker Could Expose Your Data To Threat Actors
A Sticker sent to Telegram account could expose data including Secret chats, Photos, etc Animated Sticker Bug — Telegram Telegram — a messaging app with a focus on speed and [...]
Caution — Valentine’s Day Cyber Attacks On the Rise
Security experts warn internet users on the rise of scam due to Valentine's day. Scam Of The Week Valentine's Day — a popular day for couples to spend together, exchange flowers, candy [...]
Security Advisory — SAP Commerce Critical Vulnerability
Patch released for a new critical vulnerability affecting SAP commerce platforms. SAP Commerce — CVE-2021-21477 SAP Commerce is prone to an arbitrary code execution vulnerability. A Cloud solutions enable you to [...]
User Details Sold By Yandex Employee For Personal Gain
The system administrator of Russian company sold thousands of user email accounts. Yandex Suffers Data Breach During routine screening, Yandex identified a data breach — an employee provided unauthorized access [...]
Hackers Modified Drinking Water Levels To Dangerous Parameters In Florida
Threat actors modified the concentration of LYE to dangerous parameters. LYE Level Modified: Anonymous actors accessed computer systems of the Water Treatment facility in the city of Oldsmar, Florida and [...]
Multiple Sri Lankan DNS Records Were Poisoned — Including Google.lk
Hackers group has poisoned multiple Sri Lankan domains on Saturday. Defaced .LK Domains: A mysterious group of hacktivists has poisoned the DNS records of several Sri Lankans (.lk) websites on [...]
SitePoint Discloses A Data Breach — Sold On Hacking Forum
SitePoint admitted a data breach after finding sale of one million SitePoint user details. SitePoint — User Data Breach A Melbourne-based website, and publisher of books, courses and articles for [...]
New Chrome 0-Day Bug — Update Immediately
Google’s browser released a vulnerability which is actively being exploited in the wild. Chromium CVE-2021-21148: Heap Buffer Overflow Google released a new chrome update advising users to update immediately which [...]
A Severe Bug Impacts Many Project — Libgcrypt
A severe vulnerability found in Libgcrypt and recommended not to use. Libgcrypt 1.9.0 Vulnerability Tavis Ormandy of Project Zero, discovered a flaw affects version 1.9.0 of libgcrypt. Libgcrypt 1.9.0, the [...]
Hezbollah Hackers Targeted Web Servers Using Unpatched Servers
Hackers group Lebanese Cedar attack unpatched Atlassian servers at telcoms, Hosting and ISPs providers. Lebanese Cedar A volatile hacker group “Lebanese Cedar” linked to Lebanese Hezbollah Cyber Unit, has more advanced [...]
Security Vulnerability For Cisco DNA Center
Cisco disclosed a high-severity vulnerability allows cross-site request forgery (CSRF) attacks and Information Disclosure Vulnerability. CVE-2021-1257 — Cross-Site Request Forgery Vulnerability Cisco DNA Center is prone to a cross-site request [...]
Linux — SUDO Flaw Let Local User Gain Root Privileges
Sudo vulnerability, local user can exploit this flaw for root privilege escalation. Linux — CVE-2021-3156 Sudo (su "do") allows a system administrator to give users the ability to run commands [...]
Apple iOS Fixes Zero-Day Vulnerabilities
Three new Zero-Day vulnerabilities patch released by Apple. Exploited in the wild: On Tuesday, Apple released updates for iOS 14.4, iPadOS 14.4, and tvOS for three Zero-Day vulnerabilities — exploited [...]
Alert! New Android Malware Spreading Through WhatsApp
Researchers found a new Adware campaign spreading through WhatsApp contacts. Adware Campaign — Android Adware, along with other types of malware, can infect Android phones. On clicking the pop-up/adware messages, they can [...]
A CCTV Techie Spied On Hundreds Of Customers Private Moments
A technician from ADT accessed more than hundreds of customers CCTV systems to spy on them, engaging in private moments CCTV Techie Pleaded Guilty: This week, A former ADT employee [...]
Critical Security Vulnerabilities In Cisco SD-WAN — Update Now
Cisco warns customers about critical security vulnerabilities affecting SD-WAN, DNA, and the Smart Software Manager Satellite. Security Vulnerabilities: Earlier this week, Cisco released a security advisory on multiple vulnerabilities including [...]
0-Day Bug In SonicWall’s Own VPN Product
SonicWall released an urgent notice to their clients to patch a series Zero-Day vulnerability. VPN Zero-Day Vulnerability: Internet security device maker — Firewall and VPN products, mentioned on Friday — [...]
Phishing Campaign: Thousands Of Stolen Passwords Exposed Online
A phishing scam through Google search left thousands of stolen passwords exposed. Phishing Campaign A phishing campaign exposed thousands of corporate employees credentials. In august, attackers initiated a phishing campaign [...]
Google Chrome’88 Update — Improve Password Security
Chrome 88 new update with a feature now checks for weak passwords, helps fix them. Chrome 88's Security Feature The tech giant announced a host of new security features - [...]
Adobe Photoshop Security Vulnerability Advisory
Adobe released security updates for arbitrary code execution vulnerability for Windows and macOS. Description: Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling [...]
Malwarebytes Hit By SolarWinds — Accessed Internal Emails
After Microsoft, FireEye and CrowdStrike, Malwarebytes hit by hacked SolarWinds. Malwarebytes — UNC2452 An Anti-Virus provider for Microsoft Windows, macOS, Android, and iOS, which finds and removes malwares. Yesterday, Marcin [...]
Hacker Gained Admin Access — Leads To Data Breach — OpenWRT
User data stolen from OpenWRT Forum leading to a database breach. OpenWRT The OpenWrt Project is a Linux operating system targeting embedded devices. In addition, it is an open-source project [...]
164 Bombarding Android App Caught For Out-Of-Context Ads
More than 10million users installed Android apps that showed out-of-context ads. Android Applications — Out-Of-Context Ads Google security researchers found 164 Android applications bombarding users with out-of-context ads last year. [...]
Windows 10 Serious Flaw Could Corrupt HardDrive — If You Open A Folder
Microsoft to fix Windows 10 bug that can corrupt a hard drive just by opening a folder or just by looking at an icon. NTFS Hard Drive Corrupt A bizarre [...]
Microsoft Released Windows Update — 83 Security Flaws
Patch Tuesday of 2021 addressed 83 flaws spanning as many as 11 products and services. Microsoft Patch Tuesday — 2021 Patch Tuesday is an unofficial term used to refer to [...]
4 Zero-Day Infect Windows And Android devices
Attackers infect booby-trapped websites — who visited them. Zero-Day Exploit: A computer-software vulnerability that is unknown to those who should be interested in mitigating the vulnerability. Researchers from Google’s Project [...]
Data Breach On Networking Giant Ubiquiti
Ubiquiti, the Networking giant alerts customers to change passwords after a security breach. Data Breach — Ubiquiti Ubiquiti manufactures and sells wireless data communication and wired products for enterprises and [...]
Security Advisory – Fortinet FortiWeb Vulnerability
FortiWeb is vulnerable to a blind SQL injection FortiWeb — CVE-2020-29015 Summary: A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute [...]
Signal Fixes Verification Delays Caused By WhatsApp Mass Exodus
Encrypted messaging service in Signal — verification process delay affecting its new user, recovered. Encrypted Messaging Service: A cross-platform encrypted messaging service developed by the Signal Foundation and Signal Messenger. [...]
Exact Location Of Users Are Exposed — Telegram App Feature
Nearby Share feature can be exploited by adversaries to spoof GPS and get access to users' exact location. Telegram App: A messaging app with a focus on speed and security, [...]
NVIDIA Release High-Severity Graphics Driver Flaws
In first update of 2021, NVIDIA patched 16 CVEs across its graphics drivers and vGPU software. NVIDIA Graphics Driver On Thursday Nvidia, which makes gaming-friendly graphics processing units (GPUs), fixed [...]
The U.S. Department of Justice Email Server Breached — SolarWinds
SolarWinds Hackers accessed Office 365 mailboxes of the U.S. Justice Department’s. SolarWinds Attack Over 100 to 280 organizations installed a trojanized version of the SolarWinds Orion platform that infects internal systems [...]
Critical Android Security Update — Addressed 43 Bugs
Google's Android Security Update addressed 43 bugs affecting Android Handsets, including Samsung phones. Android Security Update: The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. However, Security [...]
Apache Security Vulnerability Advisory — Code Execution
Apache released patches for some of its products. Apache Tapestry — CVE-2020-17531 Description: Apache Tapestry is prone to a code execution vulnerability. The vulnerability caused due to unsafe deserialization in [...]
Aware! COVID-19 Vaccine Scams Appearing
Scammers targeting users to get personal details — Federal officials. COVID-19 Pandemic: Coronavirus disease, an infectious disease is identified as SARS-CoV-2. COVID-19 affects different people in different ways. However, Cyberattacks [...]
PayPal Phishing Campaign — Steals Sensitive Data
A text message from PayPal found as phishing campaign leading to identity theft of the users. PayPal Campaign The faster, safer way to send money, make an online payment, receive [...]
Backdoor Found In Zyxel Firewalls, VPN Products
More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account. Zyxel Firewalls — Backdoor: A backdoor — typically covert method of bypassing normal [...]
Officially Dead Tomorrow — Adobe Flash Player
Adobe Flash Player will no longer be supporting Flash Player after 31 December 2020. Adobe Flash Player: Software used for content created on the Adobe Flash platform, including viewing multimedia [...]
Security Vulnerability —Apache TomEE
Apache TomEE Security Bypass Vulnerability. Description: Apache TomEE is prone to a security bypass vulnerability. The vulnerability is caused due to a misconfiguring issue when configured with the embedded ActiveMQ [...]
Security Vulnerability — Cisco Secure Web Appliance
Cisco Secure Web Appliance Elevation of Privilege Vulnerability. Description: A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an [...]
Japan’s Kawasaki Disclosed Data Breach
Japanese Aerospace Firm Kawasaki — their data have been stolen following a security breach. Kawasaki Heavy Industries, Ltd. A Japanese public multinational corporation — primarily known as a manufacturer of [...]
Google Docs Bug — Hackers Can Access Your Private Documents
A bug that Google patched, could allow hackers to see your private documents. Google Docs Bug: Google Docs is an online word processor that lets you create and format documents and [...]
Attack Against App Offered By Vietnam Government
A complex Supply-Chain attack hit Vietnam Government Certification Authority (VGCA). Supply Chain Attack: A cyber-attack that seeks to damage an organization by targeting less-secure elements in the supply chain. Earlier today, a [...]
iCloud Issue Causing Sign-in, Access To Data Problems
Apple users face trouble in accessing data, setting up and signing in on the device. Apple iCloud Outage: Starting yesterday at 3:15 PM IST, Apple experienced an outage with its [...]
Fake Amazon Gift Cards Delivers Dridex malware
Attackers target online shoppers using fake Amazon gift cards that deliver the Dridex banking Trojan. Holiday Gifts as Malware: Online shoppers from the U.S and Western Europe, targeted with fake [...]
Security Vulnerability – Apache Pulsar Manager Security Bypass Vulnerability
Summary: A security bypass vulnerability found in Apache Pulsar. Vulnerability Identifier: CVE-2020-17520 The vulnerability is caused due to a flaw in the permission verification mechanism and rated with Base Score: 9.4 In [...]
North Korea-Linked Threat Actor Attacks Vaccine Research
Cyber-attacks against two separate entities related to COVID-19 research. Lazarus group A threat group, active since at least 2009 — attributed to the North Korean government. Notably, the group responsible [...]
FBI & Interpol Taken Down Joker’s Stash Carding Site
US FBI and Interpol have seized a small number of servers used by Joker's Stash. Joker's Stash Joker’s Stash, the carding site where the internet's largest marketplace for buying & [...]
SUNBURST Malware & SolarWinds Supply Chain Attack
Threat actors compromised the IT monitoring and management software of organizations including SolarWinds’s Orion, Intel, Cisco, Nvidia. Trojanized version of SolarWinds SolarWinds is a software company that primarily deals in systems management [...]
Security Advisory — Dell Wyse ThinOS
Security researchers discovered vulnerabilities in Dell Wyse Thin client devices. Dell Wyse Thin Clients Wyse has been developing thin clients since the 90s and was acquired by Dell in 2012. [...]
Al Jazeera Journalists Hacked Using Israeli Firm’s Spyware
iPhones of at least 36 Al Jazeera employees using a no-user-interaction zero-day vulnerability in the iOS iMessage app. Attack with Medium Confidence: Employees of Al Jazeera iPhones hacked — including, journalists, [...]
NVIDIA — Security Vulnerabilities Update
Recently, NVD published a list of Common Vulnerabilities and Exposures(CVE) and their impact metrics Security Update NVD, the U.S. government repository of standards based vulnerability management data represented using the [...]
28 Malicious Extensions Installed On Chrome or Edge
Researchers identified malware hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions — affects 30 lakh users worldwide. Browser Malicious Extensions: 28 malicious extensions identified, 15 were [...]
Zero-Day Vulnerability Alert — HPE Systems
Hewlett Packard Enterprise Systems Insight Manager (SIM), AMF Deserialization of Untrusted Data, Remote Code Execution Vulnerability. Description: HPE Systems Insight Manager (SIM) software is prone to a remote code execution [...]
New Spyware Goontact Targeting Android, iPhone Users
A new malware strain with spying and surveillance capabilities currently available in both Android and iOS versions. Spyware Attack Spyware is a type of malicious software -- or malware -- installed [...]
Medical Details Exposed Online — As Stored Insecurely
45 million medical imaging files, personal data left discoverable on the open web, across 67 countries including the US, UK, France, and Germany. Unsecured Servers & Storage Devices: The analyst [...]
Google Services Restored After User’s Hit By Outage
Multiple Google services — Gmail, Docs, YouTube have gone down across the world. Services Restoring After an Outage: Many Google services, including Gmail, G Suite, and YouTube were unavailable across [...]
Weak PostgreSQL Databases Targeted By PgMiner
PgMiner botnet targets PostgreSQL databases to install a cryptocurrency miner. PgMiner Botnet: PostgreSQL, also known as Postgres, is one of the most-used open-source relational database management systems (RDBMS) for production [...]
Samsung December 2020 Update – Fixes Critical Bugs
Samsung's Android December security updates are rolling out to mobile devices to patch security vulnerabilities. High-Security Vulnerabilities — Android This week, Android had published their December 2020 Security Updates bulletin [...]
16k Webex Accounts Deleted By Former Cisco Engineer
Former Cisco Engineer's action lost 16k Webex accounts, as he accessed Cisco's AWS accounts and deleted 456 virtual machines, Sentenced to Prison: Sudhish Kasaba Ramesh, a former Cisco engineer, sentenced [...]
Glassdoor Resolved A Critical CSRF Vulnerability
A critical flaw resolved in Glassdoor which could be exploited to take over accounts. Critical Flaw in Glassdoor: Glassdoor, a website where current and former employees anonymously review companies. The [...]
Cyber-Attack In EU Agency — Incharge of COVID-19 Vaccine Approval
EMA, the EU regulatory body in charge of approving COVID-19 vaccines, became the victim of a cyber-attack today. Cyber-Attack On EU Agency: The EMA - European Medicines Agency, in a post today [...]
Vulnerability Affects Generic Electric Healthcare Devices
MDhex-Ray is a vulnerability that affects a long list of CT, X-Ray, and MRI imaging systems manufactured by GE Healthcare. MDhex-Ray Vulnerability: Earlier this week, CyberMDX discovered a vulnerability in the [...]
Microsoft December 2020 Patch Tuesday — 58 Security Fix
Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020. Patch for the Holidays Microsoft has addressed 58 CVEs (nine of them critical) for its [...]
Web Skimmer — Attack Using Social Media Buttons
Hackers found new way to attack e-commerce stores, online shoppers and steal credit card details. Steganography, Web Skimmer Attack Steganography — hiding information inside another format (i.e., text inside images, images [...]
Data Leak From Embraer — Ransomware Attack
The Brazilian aerospace conglomerate became the victim of a ransomware attack last month. Embraer — Aerospace company An aerospace company Embraer, focused on produces commercial, military, executive, and agricultural aircraft [...]
Ransomware Attack On Swiss Helicopter Maker
Kopter's data has been published on the LockBit gang's blog, hosted on the dark web. Kopter — Helicopter Maker: Primarily based in Switzerland, Kopter has been operating since 2009. A ransomware attack has hits [...]
Johnson & Johnson Targeted By Hackers — COVID-19 vaccine
Johnson & Johnson, are seeing cyber-attacks from nation-state threat actors "every single minute of every single day." J&J — COVID-19 vaccine: The world is in the midst of a COVID-19 [...]
Critical Oracle WebLogic Bug – PATCH NOW
Multiple botnets exploit through remote code execution vulnerability in Oracle WebLogic Server. Oracle WebLogic Server: Oracle WebLogic is a platform for developing, deploying, and running enterprise Java applications in any cloud environment [...]
MacOS Users Targeted With Updated Malware
New malware attacks designed to install a backdoor onto compromised MacOS systems. Updated Malware - APT32: Recently in a campaign, researchers discovered a new malware OceanLotus – also known as APT32, designed [...]
CentOS 7 — Vulnerability Update
The remote CentOS Linux host is missing one or more security updates. Description: The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced [...]
Hacker Sells C-level Executives Email Accounts
Access for Hundreds of C-level (like CEO, CFO, etc) executives is sold for $100 to $1500 per account, depending on the company size and executive role. Data Sold On Underground [...]
Brazilian COVID-19 Patients Personal Data Exposed Online
Over 16 million Brazilian COVID-19 patient's personal data exposed online, including Brazil President Jair Bolsonaro, seven ministers, and 17 provincial governors. COVID-19 — Patient's Data The personal and health information [...]
Microsoft Fixes Xbox Website Bug That Would’ve Compromised Users’ Email Address
The Xbox flaw allows hackers to compromise the user's real-time identity, If attackers had access to the email address. XBOX Bug Bounty Microsoft announced an official bug bounty program for the Xbox [...]
43 Chinese Apps Banned In India
Indian government has banned another 43 Chinese mobile applications. The Ministry of Electronics and Information Technology banned the Chinese mobile apps, including AliExpress under Section 69A of the Information Technology [...]
Baidu’s Android Apps Caught Leaking Sensitive User Data
Two popular Android apps from Chinese tech giant Baidu caught collecting sensitive user details. Baidu Android Apps: In October, Two popular Android apps from Chinese tech giant Baidu, one of [...]
VMware Unpatched Critical Flaw Affects Multiple Products
VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system. VMware Security Advisory [...]
Google Disclosed High-Security Flaw In GitHub
Google Project Zero reported a high severity security flaw in GitHub. GitHub GitHub, Inc. is a subsidiary of Microsoft which provides hosting for software development and version control using Git. [...]
A Football Club Discloses Security Breach
A football club, Manchester United Plc can confirm that the club has experienced a cyber attack on its systems. Manchester United Football Club Manchester United Plc. operates as a professional [...]
Facebook Messenger Bug – Hackers Spy On Users Call
Facebook fixed a major security bug in Facebook messenger for Android application, which let hackers listen before you pick up the call. Facebook Messenger: Messenger application, A free all-in-one communication [...]
Cisco Webex Bug – Attackers Join Meetings As Ghost Users
IBM researchers discovered bugs that allow attackers to sneak in and join Webex meetings as ghost users, invisible to other participants. Cisco Webex Conferencing App: Besides Zoom, Cisco Webex is [...]
Cisco Security Manager – Vulnerability Update
Cisco has hurried out a patch after a day after proof-of-concept (PoC) exploit code was published for a critical flaw in Cisco Security Manager. Cisco Security Manager: CSM - Cisco [...]
Adult Sites Were Targeted Via Fake Java Update – Malsmoke
A fake Java update found on various porn sites actually downloads the well-known Zloader malware. Target On Adult Websites: The malsmoke operators ran successful exploit kit campaigns for several months [...]
Hackers Attacking COVID-19 Vaccine Makers – Microsoft Says
Microsoft says hackers from Russia and North Korea are attacking COVID-19 vaccine makers. However, the organizations in the target list are not specified. The COVID-19: Coronavirus disease, an infectious disease [...]
New Jupyter Malware Steals Browser Data, Opens Backdoor
A new malware, named Jupyter that steals information's from the user, and also the malware is used to create a backdoor on the infected device. Introduction to Jupyter Malware: An [...]
Intel November 2020 Update – Fixes 95 Vulnerability
Intel addressed 95 vulnerabilities on November 2020 Patch Tuesday, including critical ones affecting Intel Wireless Bluetooth products and Intel AMT. Vulnerability Update Highlights: A critical vulnerability was addressed by Intel on its recent security advisory [...]
Microsoft Teams ‘FakeUpdates’ – Users Under Attack
Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report. Ads On Microsoft Teams Update: Attackers are using fake Microsoft [...]
Windows 10, iOS, Chrome, Firefox, and Others Hacked – Tianfu Cup Hacking Competition
Multiple operating systems and browsers successfully exploited in minutes by Bug Bounty hunters at Tianfu Cup 2020, a Chinese Hacking competition Tianfu Cup 2020: The Tianfu Cup is China's biggest [...]
Android November Security Update Tracker
Android November security update/patch 2020 tracker for all major OEMs and carriers worldwide. Android OEM: OEM stands for “original equipment manufacturer”. In the smartphone industry, this term refers to companies [...]
VMware – Update On Critical Flaw CVE-2020-3992
An updated fix was issued by VMware for a critical-severity remote code execution flaw in its ESXi hypervisor products. ESXi Vulnerability: On Wednesday's VMware advisory, informed customers that it has [...]
GitHub’s Pristine Layout Vanished Off – They Missed To Renew The Certificate
GitHub site layout broken as the company failed to renew the SSL certificate. GitHub: Git and Hub is a website for developers and programmers to collaboratively work on code. The [...]
Google Chrome Multiple Vulnerabilities
Short Summary: Multiple vulnerabilities were found in Google Chrome with High severity. These vulnerabilities can be exploited by an attacker by persuading a victim to visit a specially crafted Web [...]