Linux version of Qilin ransomware focuses on VMware ESXi
A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the...
cybersecurity
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks
Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are...
US Health Dept urges hospitals to patch critical Citrix Bleed bug
The U.S. Department of Health and Human Services (HHS) warned hospitals this week to patch the critical 'Citrix Bleed' Netscaler...
LogoFAIL attack can install UEFI bootkits through bootup logos
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they...
VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks
VMware has fixed a critical authentication bypass vulnerability in Cloud Director appliance deployments, a bug that was left unpatched for over...
French government recommends against using foreign chat apps
Prime Minister of France Élisabeth Borne signed a circular last week requesting all government employees to uninstall foreign communication apps such...
The Week in Ransomware – December 1st 2023 – Police hits affiliates
An international law enforcement operation claims to have dismantled a ransomware affiliate operation in Ukraine, which was responsible for attacks...
Hackers use new Agent Raccoon malware to backdoor US targets
A novel malware named 'Agent Raccoon' (or Agent Racoon) is being used in cyberattacks against organizations in the United States,...
TrickBot malware dev pleads guilty, faces 35 years in prison
On Thursday, a Russian national pleaded guilty to charges related to his involvement in developing and deploying the Trickbot malware,...
Zyxel warns of multiple critical vulnerabilities in NAS devices
Zyxel has addressed multiple security issues, including three critical ones that could allow an unauthenticated attacker to execute operating system commands on...
Cactus ransomware exploiting Qlik Sense flaws to breach networks
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks....
Staples confirms cyberattack behind service outages, delivery issues
Image: Stan Zemanek (CC BY-SA 3.0) American office supply retailer Staples took down some of its systems earlier this week after...
FjordPhantom Android malware uses virtualization to evade detection
A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade...
WhatsApp’s new Secret Code feature hides your locked chats
WhatsApp has introduced a new Secret Code feature that allows users to hide their locked chats by setting a custom...
LogoFAIL bugs in UEFI code allow planting bootkits via images
Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they...
US govt sanctions North Korea’s Kimsuky hacking group
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence...
Get 20% off Emsisoft’s Enterprise Security EDR solution for the holidays
Emsisoft is having a holiday deal where you can get 20% off 1-year licenses of the Emsisoft Enterprise Security EDR solution through...
Capital Health Hospitals hit by cyberattack causing IT outages
Image: Famartin (CC BY-SA 4.0) Capital Health hospitals and physician offices across New Jersey are experiencing IT outages after a...
Manufacturing Top Targeted Industry in Record-Breaking Cyber Extortion Surge
The year 2023 has been a record-breaking year for cyber extortion, according to Orange Cyberdefense (OCD).The cybersecurity branch of the...
Dollar Tree hit by third-party data breach impacting 2 million people
Discount store chain Dollar Tree was impacted by a third-party data breach affecting 1,977,486 people after the hack of service...
DeleFriend Weakness Puts Google Workspace Security at Risk
Security researchers have uncovered a new design flaw in the Google Workspace Domain-Wide Delegation feature. Named “DeleFriend” by Hunters’ Team Axon, the vulnerability could...
How Continuous Pen Testing Protects Web Apps from Emerging Threats
As the demand for anytime, anywhere access to services and information increases, our dependency on web-based applications deepens. From business...
Okta: October data breach affects all customer support system users
Okta's investigation into the breach of its Help Center environment last month revealed that the hackers obtained data belonging to...
Black Basta ransomware made over $100 million from extortion
Russia-linked ransomware gang Black Basta has raked in at least $100 million in ransom payments from more than 90 victims...
