The US offers a $10M rewards for info on the Conti ransomware gang’s members
The U.S. State Department announced a $10 million reward for information related to five individuals associated with the Conti ransomware gang. The...
News
Experts warn of mass exploitation of an RCE flaw in Zimbra Collaboration Suite
Threat actors are exploiting an authentication bypass Zimbra flaw, tracked as CVE-2022-27925, to hack Zimbra Collaboration Suite email servers worldwide. An authentication bypass...
BazarCall attacks have revolutionized ransomware operations
The Conti ransomware gang is using BazarCall phishing attacks as an initial attack vector to access targeted networks. BazarCall attack,...
OpenTIP, command line edition
For more than a year, we have been providing free intelligence services via the OpenTIP portal. Using the web interface,...
CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies
We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via...
Cyber Insurance Coverage Checklist: 5 Security Items
Explore 5 security considerations in-line with cyber insurance requirements to renew or obtain a policy while reducing your cyber risk....
Palo Alto Networks warns of Reflected Amplification DoS issue in PAN-OS
Palo Alto Networks devices running the PAN-OS are abused to launch reflected amplification denial-of-service (DoS) attacks. Threat actors are exploiting...
Ex Twitter employee found guilty of spying for Saudi Arabian government
A former Twitter employee was found guilty of spying on certain Twitter users for Saudi Arabia. A former Twitter employee,...
Cisco fixed a flaw in ASA, FTD devices that can give access to RSA private key
Cisco addressed a high severity flaw, tracked as CVE-2022-20866, affecting Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software....
VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges
In late August 2020, we published an overview of DeathStalker’s profile and malicious activities, including their Janicab, Evilnum and PowerSing...
Cisco was hacked by the Yanluowang ransomware gang
Cisco discloses a security breach, the Yanluowang ransomware group breached its corporate network in late May and stole internal data....
Improve Threat Detection & Response with OCSF
New open source initiative helping organizations to detect and respond to cyber-attacks faster and easier If you like the site,...
US-CERT Bulletin (SB22-220):Vulnerability Summary for the Week of August 1, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Risky Business: Enterprises Can’t Shake Log4j flaw
70% of Large enterprises that previously addressed the Log4j flaw are still struggling to patch Log4j-vulnerable assets. INTRODUCTION In December...
Experts found 10 malicious packages on PyPI used to steal developers’ data
10 packages have been removed from the Python Package Index (PyPI) because they were found harvesting data. Check Point researchers...
Hackers behind Twilio data breach also targeted Cloudflare employees
Cloudflare revealed that at least 76 employees and their family members were targeted by smishing attacks similar to the one...
CISA adds UnRAR and Windows flaws to Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds vulnerabilities in the UnRAR utility to its Known Exploited Vulnerabilities Catalog. The Cybersecurity...
VMware warns of public PoC code for critical auth bypass bug CVE-2022-31656
VMware warns of the availability of a proof-of-concept exploit code for a critical authentication bypass flaw in multiple products. VMware...
Andariel deploys DTrack and Maui ransomware
On July 7, 2022, the CISA published an alert, entitled, “North Korean State-Sponsored Cyber Actors Use Maui Ransomware To Target...
Microsoft Patch Tuesday for August 2022 fixed actively exploited zero-day
Microsoft Patch Tuesday security updates for August 2022 addressed a zero-day attack remote code execution vulnerability in Windows. Microsoft Patch...
Forecasting Metaverse Threats: Will it Become Metaworse?
This report shares threat predictions concerning a rapidly evolving area of the physical and digital word – the metaverse. We...
A Secure Access Service Edge (SASE ) Guide for Leaders
Discover the benefits of SASE in adopting modern security architectures to reduce cyber risk across the attack surface. If you...
Oil and Gas Cybersecurity: Industry Overview Part 1
With geopolitical tensions running high, oil and gas companies may be more susceptible to cyberattacks. If you like the site,...
Facebook’s Metaverse is Expanding the Attack Surface
Understand the cybersecurity risks in the Metaverse If you like the site, please consider joining the telegram channel or supporting...
