CVE-2021-38647 OMIGOD flaw impacts IBM QRadar Azure
Experts warn that CVE-2021-38647 OMIGOD flaws affect IBM QRadar Azure and can be exploited by remote attackers to execute arbitrary...
News
Security Affairs newsletter Round 334
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
The Biden administration will work with 30 countries to curb global cybercrime
The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime....
Threat actors exploit a flaw in Coinbase 2FA to steal user funds
Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw...
Flubot Android banking Trojan spreads via fake security updates
The Flubot Android malware is now leveraging fake security updates warning to trick users into installing the malicious code. Threat...
Tim’s RED Team Research reports 3 new CVEs, two of which in 4G/5G
Telecom Italia Red Team Research (RTR) laboratory led by Massimiliano Brolli reported three new flaws in Oracle GlassFish and Nokia...
Elastic Stack API Security Vulnerability Exposes Customer and System Data
The mis-implementation of Elastic Stack, a collection of open-source products that employ APIs for crucial data aggregation, search, and analytics...
Baby died at Alabama Springhill Medical Center due to cyber attack
A baby allegedly received inadequate childbirth health care, and later died, at an Alabama Springhill Medical Center due to a...
The expert assessed the prospects of cybersecurity company Group-IB after the arrest of its founder
Experts believe that the arrest of Ilya Sachkov, the founder and CEO of Group-IB, will not affect the company's work,...
The FCC moves to curb SIM swap attacks
The Federal Communications Commission (FCC) is going to set new rules to curb the rising threat of SIM swapping, also...
Analysts Warn of Telegram Powered Bots Stealing Bank OTPs
In the past few years, two-factor verification is one of the simplest ways for users to safeguard their accounts. It...
Hydra Android trojan campaign targets customers of European banks
Experts warn of a new Hydra banking trojan campaign targeting European e-banking platform users, including the customers of Commerzbank. ...
Apple Pay vulnerable to wireless pickpockets
Researchers have shown that it is possible for attackers to bypass an Apple iPhone’s lock screen to access payment services...
Newly Discovered ‘Tomiris’ Backdoor Linked to SolarWinds Attack Malware
Kaspersky security researchers have unearthed a new backdoor likely designed by the Nobelium advanced persistent threat (APT) behind last year's...
Neiman Marcus discloses data breach, payment card data exposed
Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer...
Ransomware Attack On Major European Bookseller
Recently a ransomware attack targeted a leading book supplier software, the attack interrupted regular functions of thousands of bookstores in...
RansomEXX Comes into Action Encrypting Files Using AES-CBC
In the latest Profero report - Senior Incident Responder Brenton Morris states that RansomeXX decryptors have failed to encrypt different...
Google fixes 2 new actively exploited zero-day flaws in Chrome
Google rolled out urgent security updates to address two new actively exploited zero-day vulnerabilities in its Chrome browser. Google this...
Turkish National Charged for DDoS Attack on U.S. Company
Authorities in the United States charged a Turkish national for launching distributed denial-of-service (DDoS) assaults against a Chicago-based multinational hospitality...
GriftHorse Malware has Infected More than 10 Million Android Devices
A new malware named GriftHorse is said to have infected over 10 million Android cell phones. According to the research...
Weaponizing Apple AirTag to lure users to malicious sites
Threat actors could exploit a stored cross-site scripting (XSS) vulnerability in Apple AirTag product to lure users to malicious websites....
GhostEmperor: From ProxyLogon to kernel mode
Download GhostEmperor’s technical details (PDF) While investigating a recent rise of attacks against Exchange servers, we noticed a recurring cluster...
Experts show how to make fraudulent payments using Apple Pay with VISA on locked iPhones
Security researchers devised a new attack method against iPhone owners using Apple Pay and Visa payment cards. Boffins from the...
Popular Android apps with 142.5 million collective installs leak user data
14 top Android apps with 142.5 million installs are misconfigured, leaving their data exposed to unauthorized parties Original post @...
