Steer clear of gift card balance scams
Rogue ads are a problem-causing menace which can strike in many ways. Malvertising often uses a combination of exploits to...
News
Campaigns abusing corporate trusted infrastructure hunt for corporate credentials on ICS networks
Main facts Kaspersky ICS CERT has uncovered a number of spyware campaigns targeting industrial enterprises. Operators of these campaigns hunt...
SolarWinds Serv-U bug exploited for Log4j attacks
SolarWinds has fixed a Serv-U vulnerability that threat actors actively exploited to carry out Log4j attacks to internal devices on...
New DDoS IRC Bot distributed through Korean webHard platforms
Researchers spotted an IRC bot written in GoLang that is being used to carry out DDoS attacks targeting users in Korea. Researchers...
UK NCSC shares guidance for organizations to secure their communications with customers
UK NCSC has published new guidance for organizations to secure their communications with customers via SMS or phone calls. UK’s...
CISA warns of potential critical threats following attacks against Ukraine
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned organizations about “potential critical threats” following the recent cyberattacks that hit...
Browsers on iOS, iPadOS and Mac leak your browsing activity and personal identifiers
Researchers at FingerprintJS, a Chicago-based firm that specializes in online fraud prevention, have published a software bug introduced in Safari...
Mac users, update now! “Powerdir” flaw could allow attackers to spy on you
If you have been forgoing updating your Mac, this article might make you think twice. The Microsoft 365 Defender Research...
Campaign launched to delay social media end-to-end encryption
The many issues surrounding end-to-end encryption (E2EE) are ever-present. They usually spring up when something that could potentially affect the...
Box flaw allowed to bypass MFA and takeover accounts
A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to take over accounts. A vulnerability...
Cybercriminals’ friend VPNLab.net shut down by law enforcement
Europol has announced that law enforcement has seized or disrupted the 15 servers that hosted VPNLab.net’s service, rendering it no...
Is White Rabbit ransomware linked to FIN8 financially motivated group?
A new ransomware gang named White Rabbit appeared in the threat landscape, experts believe it is linked to the FIN8...
New Ransomware Spotted: White Rabbit and Its Evasion Tactics
We analyze the ransomware White Rabbit and bring into focus the familiar evasion tactics employed by this newcomer. If you...
AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler
Luxury fashion giant Moncler confirmed a data breach after a ransomware attack carried out by the AlphV/BlackCat. Moncler confirmed a data...
Financially motivated Earth Lusca threat actors targets organizations worldwide
A sophisticated threat actor, tracked as Earth Lusca, is targeting government and private organizations worldwide as for financial purposes. Trend Micro...
Why we don’t patch, with Jess Dodson: Lock and Code S03E02
In 2017, the largest ransomware attack ever recorded hit the world, infecting more than 230,000 computers across more than 150...
Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs
Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An...
Nintendo warns of imitation websites and suspicious hardware
Brave indeed is the soul who decides to take on Nintendo with scam-filled behaviour online. The console legends have a...
Infamous dark net carding site UniCC to close
UniCC, the largest site on the dark web that sells credit card and debit card information, will close up shop...
Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues
Microsoft released Windows emergency out-of-band (OOB) updates to fix multiple issues caused by January 2021 Patch Tuesday updates. Microsoft has...
A small number of Crypto.com users reported suspicious activity on their wallet
Several Crypto.com users reported suspicious transactions that stole thousands of dollars in Ethereum (ETH) from their wallets. Several Crypto.com users...
Oracle Critical Patch Update for January 2022 will fix 483 new flaws
The pre-release announcement for Critical Patch Update (CPU) for January 2022 states that Oracle will fix 483 new flaws. This...
Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques
Our technical brief provides an in-depth look at Earth Lusca’s activities, the tools it employs in attacks, and the infrastructure...
US-CERT Bulletin (SB22-017):Vulnerability Summary for the Week of January 10, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
