Securitas breached, 3TB of airport employee records exposed
An unsecured AWS server, found open to the public Internet, is the root cause of a huge compromise of data...
News
A week in security (January 31 – February 6)
Last week on Malwarebytes Labs: Threat actor steals email with Zimbra zero-dayFBI warns of bogus job postings on recruitment sitesInvestment...
Russian Gamaredon APT is targeting Ukraine since October
Russia-linked APT group Gamaredon is behind spear-phishing attacks against Ukrainian entities and organizations since October 2021. Russia-linked cyberespionage group Gamaredon...
Israeli surveillance firm QuaDream emerges from the dark
One of the Apple iOS zero-day flaws exploited by the NSO group was also used by another surveillance firm named QuaDream....
Argo CD flaw could allow stealing sensitive data from Kubernetes Apps
A flaw in Argo CD tool for Kubernetes could be exploited by attackers to steal sensitive data from Kubernetes Apps....
Security Affairs newsletter Round 352
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
LockBit ransomware gang claims to have stolen data from PayBito crypto exchange
LockBit ransomware gang claims to have stolen customers’ data from the PayBito crypto exchange. PayBito is a bitcoin and cryptocurrency exchange for major...
FBI issued a flash alert on Lockbit ransomware operation
The FBI released a flash alert containing technical details associated with the LockBit ransomware operation. The Federal Bureau of Investigation...
CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw
US CISA ordered federal agencies to patch their systems against actively exploited CVE-2022-21882 Windows flaw. The Cybersecurity and Infrastructure Security...
Cryptojacking Attacks Target Alibaba ECS Instances
Discover how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero. If you like...
This Week in Security News – February 4, 2022
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened...
Over 500,000 people were impacted by a ransomware attack that hit Morley
Business services firm Morley was hit by a ransomware attack that may have exposed data of +500,000 individuals. Business services...
Ransomware attack hit Swissport International causing delays in flights
Aviation services company Swissport International was hit by a ransomware attack that impacted its operations. Swissport International Ltd. is an...
Threat actor steals email with Zimbra zero-day
Researchers have discovered a threat actor attempting to exploit a cross-site scripting (XSS) zero-day vulnerability in the Zimbra email platform....
A nation-state actor hacked media and publishing giant News Corp
American media and publishing giant News Corp revealed it was victim of a cyber attack from an advanced persistent threat...
Retail giant Target open sources Merry Maker e-skimmer detection tool
Retail giant Target is going to open-source an internal tool, dubbed Merry Maker, designed to detect e-skimming attacks. Retail giant Target...
FBI warns of bogus job postings on recruitment sites
Before Christmas was a busy time down at the fake job factory, with all manner of dubious antics out to...
Investment scams are on the rise
Preying on one of the most basic human flaws, investment scams and other get-rich-quick schemes are making up an ever...
Russia-linked Gamaredon APT targeted a western government entity in Ukraine
The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. Palo Alto Networks’ Unit 42...
Zimbra zero-day vulnerability actively exploited by an alleged Chinese threat actor
An alleged Chinese threat actor is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform. An...
Microsoft blocked tens of billions of brute-force and phishing attacks in 2021
Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last...
Exclusive interview with the Powerful Greek Army (PGA) hacker group
Six years ago the Powerful Greek Army (PGA) appeared in the threat landscape. After a long breach the hacker collective...
Codex Exposed: Helping Hackers in Training?
How useful is the Codex code generator as a potential training tool? If you like the site, please consider joining...
IaC: Azure Resource Manager Templates vs. Terraform
Dive into a hands-on comparison of Azure Resource Manager templates and Terraform. This article highlights the primary features of each...
