Mozilla Firefox gets built-in Firefox Relay controls
Mozilla has announced the integration of Firefox Relay, an email protection system that helps users evade trackers and spammers, directly...
News
Winter Vivern APT hackers use fake antivirus scans to install malware
An advanced hacking group named 'Winter Vivern' targets European government organizations and telecommunication service providers to conduct espionage. The group's...
NordVPN open sources its Linux VPN client and libraries
Nord Security (Nord) has released the source code of its Linux NordVPN client and associated networking libraries in the hopes...
CISA warns of Adobe ColdFusion bug exploited as a zero-day
CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited...
Adobe Acrobat Sign abused to push Redline info-stealing malware
Cybercriminals are abusing Adobe Acrobat Sign, an online document signing service, to distribute info-stealing malware to unsuspecting users. The service...
Convincing Twitter ‘quote tweet’ phone scam targets bank customers
A convincing Twitter scam is targeting bank customers by abusing the quote-tweet feature, as observed by BleepingComputer. What makes this scam stand out is...
Conti-based ransomware ‘MeowCorp’ gets free decryptor
A decryption tool for a modified version of the Conti ransomware could help hundreds of victims recover their files for...
Microsoft support ‘cracks’ Windows for customer after activation fails
In an unexpected twist, a Microsoft support engineer resorted to running an unofficial 'crack' on a customer's Windows PC after a genuine...
Latitude cyberattack leads to data theft at two service providers
Latitude Financial Services (Latitude) has disclosed a data breach after suffering a cyberattack, causing the company to shut down internal...
Microsoft shares script to fix WinRE BitLocker bypass flaw
Microsoft has released a script to make it easier to patch a BitLocker bypass security vulnerability in the Windows Recovery...
Fortinet zero-day attacks linked to suspected Chinese hackers
A suspected Chinese hacking group has been linked to a series of attacks on government organizations exploiting a Fortinet zero-day...
Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets
Project Zero, Google's zero-day bug-hunting team, discovered and reported 18 zero-day vulnerabilities in Samsung’s Exynos chipsets used in mobile devices,...
BianLian ransomware gang shifts focus to pure data extortion
The BianLian ransomware group has shifted its focus from encrypting its victims' files to only exfiltrating data found on compromised...
FakeCalls Android malware returns with new ways to hide on phones
Android malware 'FakeCalls' is circulating again in South Korea, imitating phone calls for over 20 financial organizations and attempting to...
Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials
The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia,...
Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration
The cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware used to mine...
Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection
Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware...
Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips
Google is calling attention to a set of severe security flaws in Samsung's Exynos chips, some of which could be...
Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme
A coalition of law enforcement agencies across Europe and the U.S. announced the takedown of ChipMixer, an unlicensed cryptocurrency mixer...
Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency
Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an...
What’s Wrong with Manufacturing?
In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in...
CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on March 15 added a security vulnerability impacting Adobe ColdFusion to its...
Tick APT Targeted High-Value Customers of East Asian Data-Loss Prevention Company
A cyberespionage actor known as Tick has been attributed with high confidence to a compromise of an East Asian data-loss...
The Different Methods and Stages of Penetration Testing
The stakes could not be higher for cyber defenders. With the vast amounts of sensitive information, intellectual property, and financial...
