News

News

• December 03, 2021 03 Dec'21

  Hundreds of new vulnerabilities found in SOHO routers

  Researchers credited vendors for their swift response to reports of widespread security vulnerabilities but warned users to make sure firmware is updated to avoid attacks.

• December 02, 2021 02 Dec'21

  Former Ubiquiti engineer arrested for inside threat attack

  Nickolas Sharp is accused of attacking his former employer, stealing confidential data and attempting to extort the company into paying him approximately $2 million.

• December 01, 2021 01 Dec'21

  New Yanluowang ransomware mounting targeted attacks in US

  Symantec threat analysts observed the new ransomware operation abusing legitimate tools such as ConnectWise's remote access product to move laterally inside networks.

• December 01, 2021 01 Dec'21

  CISA taps CrowdStrike for endpoint security

  The U.S. government's cybersecurity authority will be watched over by security vendor CrowdStrike as part of the larger government IT security overhaul.

• December 01, 2021 01 Dec'21

  BlackByte ransomware attacks exploiting ProxyShell flaws

  Red Canary said BlackByte's campaign is using wormable ransomware against organizations vulnerable to ProxyShell flaws in Microsoft Exchange.

• Sponsored News

  • Riding the Wave to Enterprise AI at Scale: The Transformation of Client Solutions

    Sponsored by Dell Technologies - While it’s true that AI is moving rapidly toward universal adoption, it is in the enterprise where AI is having its greatest impact. Enterprise AI certainly is an area of massive resource investment: Research pegs the size of the 2025 global enterprise AI market at $97 billion, growing to an astonishing $229 billion by 2030. All forms of AI—agentic AI, generative AI, machine learning, and predictive AI, to name a few—are transforming how, when, where, and why work is done. See More

  • The “Personal Touch” of AI is Undeniable, Thanks for Impressive Advances in Client Solutions

    Sponsored by Dell Technologies - The trend toward personal—and personalized—artificial intelligence (AI) has swiftly moved from interesting idea to undeniable market transformational catalyst. Research points out that 61% of U.S. adults have used AI in the past six months, with a growing number of those using it daily. This not only is an expected byproduct of widespread AI use in businesses and other enterprises, but the rapidly accelerating number of consumer-oriented use cases. See More

  • The Deepening Impact of “AI Everywhere” is Revolutionizing Client Solutions

    Sponsored by Dell Technologies - Artificial intelligence (AI) has rapidly become the technical development with the most profound impact on how we work, play, live, and interact. Although AI has been around for decades, earlier generations of expert systems, knowledge systems, and decision-support systems pale in comparison to the capabilities of the AI of today…and tomorrow. See More

  View All Sponsored News
• November 30, 2021 30 Nov'21

  Windows Installer zero-day under active exploitation

  McAfee said the Windows Installer vulnerability is being exploited in 23 countries around the world, including the United States, China, India and others.

• November 29, 2021 29 Nov'21

  Hack 'Sabbath': Elusive new ransomware detected

  A newly uncovered ransomware operation, dubbed UNC2190 or "Sabbath," has roots in a previous ransomware group but has so far been able to operate mostly undetected.

• November 23, 2021 23 Nov'21

  Apple files lawsuit against spyware vendor NSO Group

  Apple sued the Israeli technology vendor, whose Pegasus spyware has been implicated in several malicious attacks on journalists, activists and government officials.

• November 23, 2021 23 Nov'21

  Researcher drops instant admin Windows zero-day bug

  A newly-disclosed zero-day vulnerability in Windows could potentially allow local users to elevate their permissions to administrator status, and Microsoft has yet to post a fix.

• November 22, 2021 22 Nov'21

  GoDaddy discloses breach of 1.2M customer account details

  Web hosting provider GoDaddy said an attacker broke into its Managed WordPress service and accessed the account details and SSL keys of 1.2 million customers.

• November 22, 2021 22 Nov'21

  Cryptocurrency exchange BTC-Alpha confirms ransomware attack

  While it is common for threat actors to use cryptocurrency platforms to move and obfuscate ransom payments, this time an exchange platform was the victim of such an attack.

• November 19, 2021 19 Nov'21

  Cybercriminals discuss new business model for zero-day exploits

  Digital Shadows observed increased chatter on dark web forums about the possible emergence of a new business model that would rent out zero-day exploits as a service.

• November 19, 2021 19 Nov'21

  How enterprises need to prepare for 'cyberwar' conflicts

  Infosec expert Tarah Wheeler said increasing international conflicts are posing new compliance and regulatory standards, but adapting the changes may be difficult for enterprises.

• November 18, 2021 18 Nov'21

  CISA, Microsoft warn of rise in cyber attacks from Iran

  CISA and Microsoft this week issued alerts about increased threat activity Iranian nation-state hacking groups, including ransomware attacks on enterprises.

• November 18, 2021 18 Nov'21

  New side channel attack resurrects DNS poisoning threat

  A new side channel attack would potentially allow attackers to poison DNS servers and reroute traffic to malicious sites.

• November 17, 2021 17 Nov'21

  Malwarebytes slams Apple for inconsistent patching

  At the center of the Apple criticism is an exploit chain that utilized two vulnerabilities -- one of which was only patched in macOS Big Sur for several months.

• November 17, 2021 17 Nov'21

  Risk & Repeat: Are ransomware busts having an effect?

  International law enforcement agencies this year have stepped up efforts to address the ransomware threat with arrests, indictments and multimillion-dollar rewards.

• November 15, 2021 15 Nov'21

  Microsoft releases out-of-band update for Windows Server

  Less than a week after November's Patch Tuesday, Microsoft released an unscheduled security update for Windows Server to address an authentication vulnerability.

• November 11, 2021 11 Nov'21

  Aruba Central breach exposed customer data

  HPE-owned Aruba Networks said one of its cloud databases was accessed by hackers who were able to make off with location and telemetry data for its customers' Wi-Fi gear.

• November 11, 2021 11 Nov'21

  Trend Micro reveals 'Void Balaur' cybermercenary group

  New Trend Micro research revealed a cybermercenary group that has been actively targeting high-profile organizations and individuals across the globe since 2015.

• November 11, 2021 11 Nov'21

  'King of Fraud' sentenced for Methbot botnet operation

  Aleksandr Zhukov was sentenced to 10 years in prison for the theft of $7 million in a massive digital advertising fraud operation using his 'Methbot' botnet.

• November 09, 2021 09 Nov'21

  Medical devices at risk from Siemens Nucleus vulnerabilities

  Thirteen bugs, including a critical security flaw, have been patched in the Siemens Nucleus TCP/IP stack, a vital component for millions of connected medical devices.

• November 08, 2021 08 Nov'21

  DOJ charges REvil ransomware members, seizes $6.1M

  One of the accused cybercriminals, who was directly involved in the ransomware attack on Kaseya earlier this year, was arrested and faces extradition from Poland.

• November 04, 2021 04 Nov'21

  DDoS botnet exploiting known GitLab vulnerability

  A botnet is using a critical GitLab vulnerability, which was disclosed and patched in April, to launch powerful DDoS attacks that have surpassed 1 Tbps.

• November 03, 2021 03 Nov'21

  CISA requires agencies to patch nearly 300 vulnerabilities

  The Cybersecurity and Infrastructure Security Agency issued a directive for government agencies that requires patching for hundreds of known software security vulnerabilities.

• November 02, 2021 02 Nov'21

  Trojan Source bugs enable 'invisible' source code poisoning

  A pair of flaws in nearly every popular programming language enables attackers to hide malicious code in plain sight without the ability to be detected prior to compiling.

• October 29, 2021 29 Oct'21

  Europol 'targets' 12 suspects in ransomware bust

  Europol has not said whether the suspected ransomware actors were arrested or detained, but the 12 were allegedly involved in attacks that affected 1,800 victims in 71 countries.

• October 28, 2021 28 Oct'21

  Hackers upping SSL usage for encrypted attacks, communications

  A report from cloud security vendor Zscaler found that cybercriminals are using secure connections to evade detection while carrying out network attacks.

• October 22, 2021 22 Oct'21

  Risk & Repeat: Apple bug bounty frustrations boil over

  Security researchers criticized the Apple Security Bounty program and claimed the company ignored bug reports, denied bounty payments and silently patched vulnerabilities.

• October 15, 2021 15 Oct'21

  Accenture sheds more light on August data breach

  The IT services giant disclosed in an SEC filing that threat actors stole and leaked proprietary data during a LockBit ransomware attack earlier this year.

• October 14, 2021 14 Oct'21

  Google digs into Iran's APT35 hacking group

  Covert phishing tactics and cleverly disguised notifications are among the calling cards of the increasingly sophisticated operation aimed at Iran's opponents.

• October 14, 2021 14 Oct'21

  Enterprises ask Washington to step up cyber collaboration

  During CISA's National Cybersecurity Summit, critical infrastructure companies said they need better information on cyberthreats from the federal government.

• October 13, 2021 13 Oct'21

  How hackers exploited RCE vulnerabilities in Atlassian, Azure

  Barracuda researchers examined exploitation activity and attack patterns for two remote code execution vulnerabilities affecting Atlassian's Confluence and Microsoft's Azure.

• October 12, 2021 12 Oct'21

  Apple patches iOS vulnerability actively exploited in the wild

  Apple said in a security advisory that it had received a report that the iOS flaw, which impacts kernel extension IOMobileFrameBuffer, 'may have been actively exploited.'

• October 11, 2021 11 Oct'21

  Iranian password spraying campaign hits Office 365 accounts

  The Iran-backed DEV-0343 threat group has launched a password spraying offensive against Office 365 accounts in the defense, maritime and oil industries.

• October 11, 2021 11 Oct'21

  Cyber insurance premiums, costs skyrocket as attacks surge

  As cyber attacks and losses have increased, so has demand for cyber insurance. But now premiums are reflecting a harsh new reality.

• October 08, 2021 08 Oct'21

  Senators want FTC to enforce a federal data security standard

  U.S. Senators debated creating federal data privacy and security standards and providing the FTC with enough resources to enforce them.

• October 08, 2021 08 Oct'21

  Admins: Patch management is too complex and cumbersome

  A new survey from Ivanti shows a majority of administrators and infosec professionals feel the shift to decentralized workspaces has made patch management an even bigger headache.

• October 06, 2021 06 Oct'21

  Apache HTTP Server vulnerability under active attack

  Security experts are urging administrators to update their installations of Apache HTTP Server following the disclosure of a zero-day vulnerability that had been under attack.

• October 06, 2021 06 Oct'21

  Iranian hackers abusing Dropbox in cyberespionage campaign

  A group of hackers believed to be based in Iran is targeting organizations in the U.S. and elsewhere with a campaign that uses cloud storage service Dropbox.

• October 06, 2021 06 Oct'21

  Twitch confirms data breach following massive leak

  Leakers claim to have stolen almost 6,000 internal Git repositories, including 'the entirety of Twitch.tv' and content creator payouts.

• October 04, 2021 04 Oct'21

  2 suspected ransomware operators arrested in Ukraine

  A coordinated international law enforcement operation led to the arrest of two alleged ransomware operators, though the ransomware gang has not been identified.

• September 30, 2021 30 Sep'21

  FireEye and McAfee Enterprise announce product mashup

  Merger-happy investment firm STG has let slip that it will integrate the product lines of McAfee Enterprise and FireEye. Analysts say it will be a challenging road ahead.

• September 30, 2021 30 Sep'21

  Researchers hack Apple Pay, Visa 'Express Transit' mode

  Academic researchers discover an attack technique that enables them to make fraudulent transactions on locked iPhones when Apple Pay and Visa cards are set up for transit mode.

• September 29, 2021 29 Sep'21

  Telegram bots allowing hackers to steal OTP codes

  A simplified new attack tool based on Telegram scripts is allowing criminals to steal one-time password credentials and take over user accounts and drain bank funds.

• September 29, 2021 29 Sep'21

  Group-IB CEO Ilya Sachkov charged with treason in Russia

  Group-IB maintains the innocence of CEO and founder Ilya Sachkov and said that co-founder and CTO Dmitry Volkov will assume leadership of the company.

• September 28, 2021 28 Sep'21

  Microsoft releases emergency Exchange Server mitigation tool

  Microsoft turned its attention to organizations that are slower to patch by releasing an emergency mitigation tool as a temporary fix against current threats.

• September 28, 2021 28 Sep'21

  Ransomware: Has the U.S. reached a tipping point?

  The ransomware problem has grown more severe in recent years due to a growing number of attacks against large organizations and the standardization of double-extortion tactics.

• September 28, 2021 28 Sep'21

  SolarWinds hackers Nobelium spotted using a new backdoor

  Microsoft researchers believe Nobelium, the Russian-backed group that breached SolarWinds, has been using a backdoor tool called FoggyWeb since at least April.

• September 24, 2021 24 Sep'21

  Spurned researcher posts trio of iOS zero days

  An anonymous bug hunter critical of Apple's handling of reports to its bounty program has released details on three zero-day vulnerabilities in its iOS mobile platform.

• September 24, 2021 24 Sep'21

  Cybersecurity leaders back law for critical infrastructure

  In the wake of cyberattacks like Colonial Pipeline, U.S. senators want a national law requiring critical infrastructure companies to report cybersecurity incidents to CISA.

• September 23, 2021 23 Sep'21

  Autodiscover flaw in Microsoft Exchange leaking credentials

  Guardicore found that exploiting a design flaw in Autodiscover allowed it to capture more than 372,000 Windows domain credentials and nearly 97,000 unique application credentials.

• September 22, 2021 22 Sep'21

  Turla deploying 'secondary' backdoor in state-sponsored attacks

  Cisco Talos said hackers connected to the Russian APT Turla are using a new piece of malware to get persistent access on infected networks in the U.S., Germany and Afghanistan.

• September 22, 2021 22 Sep'21

  Marcus & Millichap hit with possible BlackMatter ransomware

  The real estate firm confirmed in a SEC filing this week that it had suffered a recent cyber attack but claimed there was no 'material disruption' to its business.

• September 22, 2021 22 Sep'21

  Symantec: Staging activity observed on Exchange servers

  Threat actors appear to be targeting Microsoft Exchange servers with pre-ransomware activity, including one attempt to exfiltrate data.

• September 21, 2021 21 Sep'21

  Treasury Department sanctions cryptocurrency exchange Suex

  In the ongoing battle against ransomware attacks, the Treasury Department sanctioned Suex, a cryptocurrency exchange accused of laundering ransom payments.

• September 20, 2021 20 Sep'21

  Italian Mafia implicated in massive cybercrime network

  A recent spate of phishing attacks and SMS fraud scams in Spain is being blamed on cybercriminals who were operating from the Canary Islands with backing from the Italian mob.

• September 20, 2021 20 Sep'21

  Microsoft details 'OMIGOD' Azure vulnerability fixes, threats

  Microsoft fixed the open source OMI software during last week's Patch Tuesday, but the tech giant has struggled to get the updated agents to Azure customers.

• September 16, 2021 16 Sep'21

  Bitdefender releases REvil universal ransomware decryptor

  The REvil decryptor key helps victims recover their encrypted files, as long as the attacks were made before July 13, which is when REvil went off the grid for two months.

• September 16, 2021 16 Sep'21

  ExpressVPN stands behind CIO named in UAE hacking scandal

  ExpressVPN said it will not cut ties with CIO Daniel Gericke, who was implicated by the DOJ in state-sponsored hacking on behalf of the United Arab Emirates government.

• September 15, 2021 15 Sep'21

  ‘OMIGOD’ vulnerabilities put Azure customers at risk

  OMI, the software agent at the center of a remote code execution flaw, is "just one example" of silent, pre-installed software in cloud environments, according to one researcher.

• September 15, 2021 15 Sep'21

  McAfee discovers Chinese APT campaign 'Operation Harvest'

  McAfee Enterprise found the threat actors had not only breached a company's network, but had spent 'multiple years' siphoning data from the victim before getting caught.

• September 14, 2021 14 Sep'21

  Google patches actively exploited Chrome zero-days

  Two more vulnerabilities in Google's web browser joined a growing list of Chrome zero-days that have been actively exploited in the wild this year.

• September 14, 2021 14 Sep'21

  SolarWinds CEO: Breach transparency 'painful' but necessary

  SolarWinds CEO Sudhakar Ramakrishna discusses his company's ongoing breach investigation, shares lessons learned from the attack and cautions IT pros on zero trust.

• September 14, 2021 14 Sep'21

  Apple patches zero-day, zero-click NSO Group exploit

  The Citizen Lab said that it found the Apple zero-day vulnerability when it was 'analyzing the phone of a Saudi activist infected with NSO Group's Pegasus spyware.'

• September 13, 2021 13 Sep'21

  Hackers port Cobalt Strike attack tool to Linux

  An unknown group of cybercriminals has created a version of the Windows-only Cobalt Strike Beacon tool that works against Linux machines, which has been used in recent attacks.

• September 13, 2021 13 Sep'21

  Tenable acquires cloud security startup Accurics for $160M

  The acquisition will be Tenable's first expansion into securing infrastructure as code, as it makes a push to identify and fix flaws in cloud-native software.

• September 09, 2021 09 Sep'21

  'Azurescape': New Azure vulnerability fixed by Microsoft

  The Azure Container Instances vulnerability would have allowed malicious actors to execute code on other customers' containers, but there have been no reports of exploitation.

• September 08, 2021 08 Sep'21

  Microsoft zero-day flaw exploited in the wild

  Microsoft and the Cybersecurity and Infrastructure Security Agency have issued advisories warning users to mitigate against a zero-day flaw, as no patch has been released.

• September 08, 2021 08 Sep'21

  CrowdStrike threat report: Breakout time decreased 67% in 2021

  CrowdStrike's latest research shows threat actors have reduced the time it takes for them to move laterally in victim environments, thanks in part to ransomware as a service.

• September 07, 2021 07 Sep'21

  ProxyShell attacks ramping up on unpatched Exchange Servers

  Security experts say active attacks on the series of Microsoft Exchange Server flaws, which can be chained to take control of servers, are already being launched in the wild.

• September 02, 2021 02 Sep'21

  FTC drops the hammer on SpyFone for privacy violations

  The FTC has decried SpyFone, a remote tracking app for mobile phones, as stalkerware and ordered it to notify all individuals who were tracked by the app.

• September 02, 2021 02 Sep'21

  Accellion-related breach disclosures continue to unfold

  Beaumont Health disclosed some patient data was exposed through an attack on Accellion's FTA product, nine months after the attack on the legacy file transfer software occurred.

• September 02, 2021 02 Sep'21

  Autodesk targeted in SolarWinds hack

  Autodesk said in its 10-Q filing released Wednesday that it believes 'no customer operations or Autodesk products were disrupted' in the SolarWinds supply chain attack.

• September 01, 2021 01 Sep'21

  Atlassian Confluence flaw under active attack

  Administrators are advised to patch immediately after security experts confirmed mass scanning and exploits against a critical remote code execution vulnerability.

• September 01, 2021 01 Sep'21

  Beware of proxyware: Connection-sharing services pose risks

  Cisco Talos warns that sharing internet connections with random people via third-party app like Honeygain and Peer2Profit could lead to malware installations and other threats.

• August 31, 2021 31 Aug'21

  SEC sanctions financial firms for cybersecurity failures

  Three financial services firms were charged with failing to implement proper cybersecurity policies after cyber attacks led to the exposure of customer data.

• August 31, 2021 31 Aug'21

  College students targeted by money mule phishing techniques

  Back to fool: University students with little security training are being targeted by Nigerian scammers to move fraudulent funds with the lure of quick bucks and flexible hours.

• August 30, 2021 30 Aug'21

  New 'ProxyToken' Exchange Server vulnerability disclosed

  The Exchange Server vulnerability could allow an attacker 'to copy all emails addressed to a target and account and forward them to an account controlled by the attacker.'

• August 27, 2021 27 Aug'21

  Researchers discover critical flaw in Azure Cosmos DB

  Wiz security researchers found a new attack vector in Microsoft Azure, which if exploited could allow an attacker to gain access to customers primary keys.

• August 27, 2021 27 Aug'21

  T-Mobile offers details of data breach that affected 40M

  According to T-Mobile, the hackers who stole its customer database had knowledge of the company's network and testing setup. The hack was a carefully planned network breach.

• August 26, 2021 26 Aug'21

  Private sectors pledge big for cyberdefense

  Tech giants have invested billions to address cybersecurity threats such as supply chain security and attacks on critical infrastructures.

• August 26, 2021 26 Aug'21

  Microsoft finally issues ProxyShell security advisory

  The ProxyShell advisory includes a call to patch, as well as details on which Exchange servers are vulnerable. In short: Those without the May security update are unprotected.

• August 26, 2021 26 Aug'21

  Risk & Repeat: ProxyShell problems mount

  CISA warned threat actors have begun exploiting the dangerous ProxyLogon flaws, but tens of thousands of vulnerable Microsoft Exchange servers remain online.

• August 25, 2021 25 Aug'21

  Bugs aplenty as VMware, Cisco and F5 drop security updates

  Two critical updates from Cisco, remote code execution flaws in F5's Big-IP, and a half-dozen VMware security holes are among the more pressing issues for admins to address.

• August 25, 2021 25 Aug'21

  HackerOne launches AWS certification paths, pen testing service

  A select group of penetration testers in HackerOne's community will be able to obtain three AWS certifications, including the Security - Specialty certification.

• August 24, 2021 24 Aug'21

  4 emerging ransomware groups take center stage

  Four ransomware operations -- AvosLocker, Hive, HelloKitty and LockBit 2.0 -- have popped up on the radar of researchers with Palo Alto Network's Unit 42 team.

• August 23, 2021 23 Aug'21

  CISA: ProxyShell flaws being actively exploited, patch now

  Security researchers weighed in with evidence of ProxyShell exploitation by threat actors using malicious web shells and a new ransomware variant called 'LockFile.'

• August 19, 2021 19 Aug'21

  CISA offers ransomware response guidelines to organizations

  In its new ransomware prevention and response guide, CISA 'strongly discourages paying a ransom,' citing the potential to embolden threat actors and fund illicit activity.

• August 18, 2021 18 Aug'21

  T-Mobile breach exposes data for more than 40M people

  The telecom giant confirmed reports that its network was breached by a threat actor who stole personal data on more than 40 million current, former and prospective customers.

• August 17, 2021 17 Aug'21

  Many Exchange servers still vulnerable to ProxyLogon, ProxyShell

  Tens of thousands of Exchange servers are still vulnerable to ProxyLogon and ProxyShell, and security researchers estimate honeypots represent only a small slice of those systems.

• August 17, 2021 17 Aug'21

  Palo Alto Networks: Personal VPNs pose risks to enterprises

  Researchers from Palo Alto Networks published a new report detailing the risks that personal VPNs pose to enterprise networks, including evasion tactics to bypass firewalls.

• August 16, 2021 16 Aug'21

  FBI watchlist exposed by misconfigured Elasticsearch cluster

  A terrorist watchlist was found in an exposed database, and security researcher Bob Diachenko says there is no way of knowing just how long it was open to the public.

• August 13, 2021 13 Aug'21

  New ransomware crew hammers on PrintNightmare bugs

  PrintNightmare, the Microsoft print spooler flaws patched in July, is the favorite target for a new ransomware group known as Vice Society, according to Cisco Talos.

• August 12, 2021 12 Aug'21

  Months after the Accellion breach, more victims emerge

  The Accellion breach occurred last December, but more victims have come to light in recent weeks as investigations, notifications and disclosures stretch on through the summer.

• August 12, 2021 12 Aug'21

  Microsoft discloses new print spooler flaw without patch

  The latest flaw in Windows print spooler software, which has yet to be patched, comes weeks after the PrintNightmare vulnerability and other related bugs.

• August 11, 2021 11 Aug'21

  Accenture responds to LockBit ransomware attack

  The LockBit ransomware crew claims to have stolen data from IT services and consulting giant Accenture, but the company said no customer systems were affected in the attack.

• August 11, 2021 11 Aug'21

  NortonLifeLock and Avast joining forces in $8 billion merger

  The combined company from NortonLifeLock and Avast will be dual-headquartered in Arizona and Prague, and will serve 500 million users, including 40 million direct customers.

• August 11, 2021 11 Aug'21

  Hackers selling access to breached networks for $10,000

  Network access is a closely-guarded commodity in underground hacker forums, with some sellers not even revealing the names of their victims until money has changed hands.

• August 09, 2021 09 Aug'21

  'ProxyShell' Exchange bugs resurface after presentation

  A critical vulnerability in Microsoft Exchange is once again making the rounds with attackers, following a Black Hat presentation from the researcher who found it.