A critical RCE flaw in Horde Webmail has yet to be addressed
A remote code execution vulnerability in the open-source Horde Webmail client can allow to take over servers by sending a...
News
Ransomware attack turns 2022 into 1977 for Somerset County
1977 was quite the year. Led Zeppelin! Jimmy Carter! Saturday Night Fever! We can now add “a ransomware attack” to...
More than a quarter of Americans fell for robocall scam calls in past year
More and more Americans have been falling victim to phone scams since 2019. According to the latest report from Truecaller...
TrustPid is another worrying, imperfect attempt to replace tracking cookies
German ISPs are considering the introduction of TrustPid, a new type of “supercookie” that comprises of a unique identifier which...
New XLoader Botnet version uses new techniques to obscure its C2 servers
A new version of the XLoader botnet is implementing a new technique to obscure the Command and Control infrastructure. Researchers...
3 ways DNS filtering can save SMBs from cyberattacks
If you’re an SMB, chances are that you’re already well-aware of the fact that cyber threats can wreak havoc on...
Phishing mail claims a 3D Secure upgrade is required
Today we took a look at a phishing mail pinning its hopes on a QR code linking to a bogus...
FAQ: Mitigating Microsoft Office’s ‘Follina’ zero-day
On Monday May 30, 2022, Microsoft issued CVE-2022-30190, a new vulnerability ‘Follina’ already being exploited in the wild (zero-day) via malicious...
Experts uncovered over 3.6M accessible MySQL servers worldwide
Researchers uncovered 3.6M accessible MySQL servers worldwide that represent a potential attack surface for their owners. Researchers from Shadow Server scanned the...
WhatsApp accounts hijacked by call forwarding
In a short post on LinkedIn Rahul Sasi, founder and CEO of CloudSEK, explains how WhatsApp account takeovers are possible....
China-linked TA413 group actively exploits Microsoft Follina zero-day flaw
A China-linked APT group is actively exploiting the recently disclosed Follina zero-day flaw in Microsoft Office in attacks in the wild. China-linked...
Hive ransomware gang hit Costa Rica public health service
Costa Rican Social Security Fund, Costa Rica ‘s public health service, was hit by a Hive ransomware attack. Costa Rican...
Managing Cyber Risk: The People Element
Explore the latest findings from Trend Micro’s Cyber Risk Index (2H’2021) and how to better manage people to minimize cyber...
Patch Your WSO2: CVE-2022-29464 Exploited to Install Linux-Compatible Cobalt Strike Beacons, Other Malware
Users of WSO2 products are advised to update their respective products and platforms or to apply the temporary mitigation steps...
Threat profile: RansomHouse makes extortion work without ransomware
Cybersecurity is an industry known for many hats: white hats, black hats, and grey hats. White hats refer to “the...
Runescape phish claims your email has been changed
A Runescape-themed missive landed in our email inbox today, claiming action is required to secure our account. The malicious email...
FBI warns of education sector credentials on dark web forums
The FBI is warning academics to be on their guard, as an embattled education sector continues to experience attacks and...
SideWinder carried out over 1,000 attacks since April 2020
SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. Researchers...
Is quantum teleportation the future of secure communications?
“Beam me up Scotty” will always remain my first association with teleportation. And as it stands now, we are still...
Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina
Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. Microsoft has released workarounds for...
Experts warn of ransomware attacks against government organizations of small states
Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed...
US-CERT Bulletin (SB22-150):Vulnerability Summary for the Week of May 23, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Three Nigerian men arrested in INTERPOL Operation Killer Bee
Interpol arrested three Nigerian men in Lagos, who are suspected of using the Agent Tesla RAT to reroute financial transactions...
Microsoft Office zero-day “Follina”—it’s not a bug, it’s a feature! (It’s a bug)
Several researchers have come across a novel attack that circumvents Microsoft’s Protected View and anti-malware detection. The attack vector uses...
