Nigerian Tesla: 419 scammer gone malware distributor unmasked
Agent Tesla is a well-known data stealer written in .NET that has been active since 2014 and is perhaps one...
News
Cisco addresses three bugs in Enterprise NFVIS Software
Cisco addresses three flaws impacting its Enterprise NFV Infrastructure Software (NFVIS) that could allow the compromise of the hosts. Cisco...
Google fixes two critical Pixel vulnerabilities: Get your updates when you can!
Google has made updates available for Android 10, 11, 12 and 12L. The May Android Security Bulletin contains details of...
A couple of 10-Year-Old flaws affect Avast and AVG antivirus
Researcher discovered a couple of high-severity security flaws that affect a driver used by Avast and AVG antivirus solutions. SentinelOne...
It’s business as usual for REvil ransomware
After the FBS arrested 14 of its members in January, and a subsequent lull in action, the REvil ransomware gang...
World Password Day: Brushing up on the basics
World Password Day is today, reminding us of the value of solid passwords, and good password practices generally. There are...
F5 warns its customers of tens of flaws in its products
Cybersecurity provider F5 released security patches to address tens of vulnerabilities affecting its products. Security and application delivery solutions provider...
A new secret stash for “fileless” malware
In February 2022 we observed the technique of putting the shellcode into Windows event logs for the first time “in...
China-linked Winnti APT steals intellectual property from companies worldwide
A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers...
Unfixed vulnerability in popular library puts IoT products at risk
Researchers have found a vulnerability in a popular C standard library in IoT products that could allow attackers to perform...
8 security tips for small businesses
Small businesses and startups are known to face some extra challenges when it comes to cybersecurity. Because they don’t have...
Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites
Pro-Ukraine hackers are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen Russian and Belarusian websites. Pro-Ukraine hackers, likely linked...
Experts linked multiple ransomware strains North Korea-backed APT38 group
Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on...
Fake Cyberpunk Ape Executives target artists with malware-laden job offer
The wacky world of ape jpegs are at the heart of yet another increasingly bizarre internet scam, which contains malware,...
An expert shows how to stop popular ransomware samples via DLL hijacking
A security researcher discovered that samples of Conti, REvil, LockBit ransomware were vulnerable to DLL hijacking. The security researcher John...
China-linked APT Curious Gorge targeted Russian govt agencies
China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG)...
US-CERT Bulletin (SB22-122):Vulnerability Summary for the Week of April 25, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
State-backed hacking group from China is targeting the Russian military
In an unexpected turn of events, research has surfaced about a Chinese APT (advanced persistent threat) group targeting the Russian...
A DNS flaw impacts a library used by millions of IoT devices
A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of...
Craft fair vendors targeted by fake event scammers on Facebook
A real world scam which sucks the fun out of craft fairs has caused nothing but stress for victims. It...
US healthcare billing services group hacked, affecting at least half a million individuals
According to the US Department of Health and Human Services, Adaptive Health Integrations (AHI), a healthcare software and billing services...
Airdrop phishing: what is it, and how is my cryptocurrency at risk?
Airdrop phishing is a really popular tactic at the moment. It emerged alongside the explosion of Web3/NFT/cryptocurrency popularity, and ensures...
Over 50 countries sign the “Declaration for the Future of the Internet”
Governments of the US, EU member states, and 32 other countries have announced the launch of the “Declaration for the...
China-linked Moshen Dragon abuses security software to sideload malware
A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A...
