MEGA claims it can’t decrypt your files. But someone’s managed to…
MEGA, the cloud storage provider and file hosting service, is very proud of its end-to-end encryption. It says it couldn’t...
News
Researchers found flaws in MEGA that allowed to decrypt of user data
Researchers at ETH Zurich discovered several critical flaws in the MEGA cloud storage service that could have allowed the decryption...
Azure vs. AWS Developer Tools
Both AWS and Azure developer tools provide key efficiencies in your DevOps environment, learn the comparison between tools, any overlap,...
Exclusive: Lithuania under cyber-attack after the ban on Russian railway goods
Cyber Spetsnaz is targeting government resources and critical infrastructure in Lithuania after the ban of Russian railway goods Cyber Spetsnaz...
Magecart attacks are still around but are more difficult to detect
Researchers from Malwarebytes warns that the Magecart skimming campaign is active, but the attacks are more covert. Magecart threat actors...
Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer
Threat actors are using the Rig Exploit Kit to spread the Dridex banking trojan instead of the Raccoon Stealer malware....
Flagstar Bank discloses a data breach that impacted 1.5 Million individuals
US Flagstar Bank disclosed a data breach that exposed files containing the personal information of 1.5 million individuals. US-based Flagstar...
APT ToddyCat
ToddyCat is a relatively new APT actor that we have not been able to relate to other known actors, responsible...
US-CERT Bulletin (SB22-171):Vulnerability Summary for the Week of June 13, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New ToddyCat APT targets high-profile entities in Europe and Asia
Researchers linked a new APT group, tracked as ToddyCat, to a series of attacks targeting entities in Europe and Asia...
New DFSCoerce NTLM relay attack allows taking control over Windows domains
Experts discovered a new kind of Windows NTLM relay attack dubbed DFSCoerce that allows taking control over a Windows domain. Researchers warn...
You can be tracked online using your Chrome browser extensions
A researcher has found a way to generate a fingerprint of your device from your installed Google Chrome extensions, and...
Cybercriminals Use Azure Front Door in Phishing Attacks
Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft....
DDoS-for-hire service provider jailed
Matthew Gatrel, a 33-year-old man from St. Charles, Illinois, has been sentenced to two years in prison for running websites...
Cloudflare Outage
Major CDN provider Cloudflare has had a terrible time today with a major outage! Many major websites, including some huge...
‘Unpacking’ technical attribution and challenges for ensuring stability in cyberspace
Introduction When reports of a cyberattack appear in the headlines, questions abound regarding who launched it and why. Even if...
Russian APT28 hacker accused of the NATO think tank hack in Germany
The Attorney General has issued an arrest warrant for a hacker who targeted a NATO think tank in Germany for...
Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild
Google Project Zero experts disclosed details of a 5-Year-Old Apple Safari flaw actively exploited in the wild. Researchers from the...
Security Affairs newsletter Round 370 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Cisco will not address critical RCE in end-of-life Small Business RV routers
Cisco announced that it will not release updates to fix the CVE-2022-20825 flaw in end-of-life Small Business RV routers. Cisco...
BRATA Android Malware evolves and targets the UK, Spain, and Italy
The developers behind the BRATA Android malware have implemented additional features to avoid detection. The operators behind the BRATA Android malware have implemented...
Critical flaw in Ninja Forms WordPress Plugin actively exploited in the wild
A critical vulnerability in Ninja Forms plugin potentially impacted more than one million WordPress websites In middle June, the Wordfence...
Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS
Experts warn of a new ech0raix ransomware campaign targeting QNAP Network Attached Storage (NAS) devices. Bleeping Computer and MalwareHunterTeam researchers,...
US DoJ announced to have shut down the Russian RSOCKS Botnet
The U.S. Department of Justice (DoJ) announced to have shut down the infrastructure associated with the Russian botnet RSOCKS. The...
