Lenovo warns of flaws that can be used to bypass security features
Lenovo fixed two high-severity flaws impacting various laptop models that could allow an attacker to deactivate UEFI Secure Boot. Lenovo...
News
Cybersecurity threats: what awaits us in 2023?
Knowing what the future holds can help with being prepared for emerging threats better. Every year, Kaspersky experts prepare forecasts...
4 Types of Cyber Crime Groups
Discover the four main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, and...
Hack the Real Box: APT41’s New Subgroup Earth Longzhi
We looked into the campaigns deployed by a new subgroup of advanced persistent threat (APT) group APT41, Earth Longzhi. This...
Surveillance vendor exploited Samsung phone zero-days
Google Project Zero researchers reported that a surveillance vendor is using three Samsung phone zero-day exploits. Google Project Zero disclosed...
Experts observed Amadey malware deploying LockBit 3.0 Ransomware
Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems. Researchers from AhnLab Security Emergency...
Microsoft Patch Tuesday updates fix 6 actively exploited zero-days
Microsoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days. Microsoft Patch Tuesday updates for...
VMware fixes three critical flaws in Workspace ONE Assist
VMware address three critical bugs in the Workspace ONE Assist solution that allow remote attackers to bypass authentication and elevate...
DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework
This report provides defenders and security operations center teams with the technical details they need to know should they encounter...
Hybrid Cloud Management Security Tools
Explore hybrid cloud management security challenges, components, and tips to minimize your cyber risk. If you like the site, please...
Citrix ADC and Citrix Gateway are affected by a critical authentication bypass flaw
Citrix released security updates to address a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway. Citrix is urging...
SmokeLoader campaign distributes new Laplas Clipper malware
Researchers observed a SmokeLoader campaign that is distributing a new clipper malware dubbed Laplas Clipper that targets cryptocurrency users. Cyble...
Medibank confirms ransomware attack impacting 9.7M customers, but doesn’t pay the ransom
Australian health insurer Medibank confirmed that personal data belonging to around 9.7 million current and former customers were exposed as...
US DoJ seizes $3.36B Bitcoin from Silk Road hacker
The U.S. Department of Justice condemned James Zhong, a hacker who stole 50,000 bitcoins from the Silk Road dark net...
DDoS attacks in Q3 2022
News overview In Q3 2022, DDoS attacks were, more often than not, it seemed, politically motivated. As before, most news...
Are Containers Affected by OpenSSL Vulnerabilities?
Find out if your container-based applications are vulnerable to the new OpenSSL vulnerabilities and the recommendations to help ensure you...
US-CERT Bulletin (SB22-311):Vulnerability Summary for the Week of October 31, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
‘Justice Blade’ Hackers are Targeting Saudi Arabia
Threats actors calling themselves “Justice Blade” published leaked data from an outsourcing IT vendor. The group of threat actors calling...
Robin Banks phishing-as-a-service platform continues to evolve
The phishing-as-a-service (PhaaS) platform Robin Banks migrated its infrastructure to DDoS-Guard, a Russian bulletproof hosting service. The phishing-as-a-service (PhaaS) platform Robin...
Water sector in the US and Israel still unprepared to defeat cyber attacks
Expert warns that the US and Israel are still unprepared to defeat a cyber attack against organizations in the water...
UK NCSC govt agency is scanning the Internet for flawed devices in the UK
The UK National Cyber Security Centre (NCSC) announced that is scanning all Internet-exposed devices hosted in the UK for vulnerabilities....
Abusing Microsoft Dynamics 365 Customer Voice in phishing attacks
Researchers uncovered a campaign abusing Microsoft Dynamics 365 customer voice to steal credentials from the victims. Microsoft’s Dynamics 365 Customer...
LockBit 3.0 gang claims to have stolen data from Kearney & Company
The ransomware group LockBit claimed to have stolen data from consulting and IT services provider Kearney & Company. Kearney is...
A cyberattack blocked the trains in Denmark
At the end of October, a cyber attack caused the trains to stop in Denmark, the attack hit a third-party...
