NIST published updated guidance for supply chain risks
The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply-chain attacks. The National Institute...
News
US agricultural machinery manufacturer AGCO suffered a ransomware attack
The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the...
Google, Apple, and Microsoft step hand in hand into a passwordless future
While we recently “celebrated” World Password Day, almost every security outlet keeps telling us that passwords alone are not enough....
Security Affairs newsletter Round 364 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
US DoS offers a reward of up to $15M for info on Conti ransomware gang
The US Government offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the...
Raspberry Robin spreads via removable USB devices
Researchers discovered a new Windows malware, dubbed Raspberry Robin, with worm-like capabilities that spreads via removable USB devices. Cybersecurity researchers...
Malware campaign hides a shellcode into Windows event logs
Experts spotted a malware campaign that is the first one using a technique of hiding a shellcode into Windows event...
US gov sanctions cryptocurrency mixer Blender also used by North Korea-linked Lazarus APT
The U.S. Department of Treasury sanctioned cryptocurrency mixer Blender.io used by North Korea-linked Lazarus APT. The U.S. Department of Treasury...
Mobile subscription Trojans and their little tricks
Billing fraud is one of the most common sources of income for cybercriminals. There are currently a number of known...
How the thriving fraud industry within Facebook attacks independent media
Experts investigate how stolen Facebook accounts are used as part of a well-established fraud industry inside Facebook. No eyebrows were raised...
QNAP fixes multiple flaws, including a QVR RCE vulnerability
QNAP addressed multiple vulnerabilities, including a critical remote execution flaw affecting the QVR video surveillance solution. QNAP has addressed multiple...
OpenSea warns of Discord channel compromise
OpenSea, the primary marketplace for buyers and sellers of non-fungible tokens (NFTs), has reported major problems with its Discord support...
Steer clear of these Instagram “Get rich with Bitcoin” scams
I don’t know about you, but I open Instagram to look at cool photos of pets, not to make a...
Anonymous and Ukraine IT Army continue to target Russian entities
The Anonymous collective and the volunteer group Ukraine IT Army continues to launch cyber attacks on Russian entities. The Anonymous...
NetDooka framework distributed via a pay-per-install (PPI) malware service
Researchers discovered a sophisticated malware framework, dubbed NetDooka, distributed via a pay-per-install (PPI) malware service known as PrivateLoader. Trend Micro...
Steer clear of fake premium mobile app unlockers
A site has been bouncing around YouTube comments for the past couple of weeks. The site sometimes changes, the messages...
How Instagram scammers talk users out of their accounts
If you’ve dealt with a scammer, you’ll know that making up stories is their bread and butter. Think about it:...
Vulnerable Docker Installations Are A Playhouse for Malware Attacks
Uptycs researchers identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API. The Uptycs Threat Research team has...
Ransomware: April 2022 review
The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of...
Ukraine IT Army hit EGAIS portal impacting Russia’s alcohol distribution
Ukraine IT Army launched massive DDoS attacks on the EGAIS portal that has a crucial role in Russia’s alcohol distribution....
NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
This report focuses on the components and infection chain of the NetDooka framework. Its scope ranges from the release of...
Workshop: Simplifying Network Security in the Cloud
In this workshop, you will learn how to leverage Trend Micro Cloud One™ - Network Security to provide a powerful...
Google addresses actively exploited Android flaw in the kernel
Google released the May security bulletin for Android, 2022-05-05 security patch level, which fixed an actively exploited Linux kernel flaw....
The $43 billion Business Email Compromise threat
The FBI has released a public service announcement regarding the ever-present threat of Business Email Compromise (BEC). This comes hot...
