Threat actors have started to exploit the interest in the Omicron COVID-19 variant and are using it as a lure in phishing campaigns. Crooks have already started exploiting the interest in the Omicron COVID-19 variant and are using it as a lure in phishing attacks. People are interested in the spreading of the new variant, […]
U.S. CISA urges to address vulnerabilities Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software. U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its catalog of actively exploited vulnerabilities recommending federal agencies to address the flaws in Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software within specific timeframes and deadlines. CISA also warns of […]
Russiaâs internet watchdog, âRoskomnadzorâ, has announced the ban of other VPN products, 15 VPN services are now illegal in Russia Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. The latest banned services are Betternet, Lantern, X-VPN, Cloudflare WARP, Tachyon VPN, PrivateTunnel. The total number of […]
Threat actors are targeting e-stores with remote access malware, dubbed NginRAT, that hides on Nginx servers bypassing security solutions. Researchers from security firm Sansec recently discovered a new Linux remote access trojan (RAT), tracked as CronRAT, that hides in the Linux task scheduling system (cron) on February 31st. CronRAT is employed in Magecart attacks against online stores […]
Europol identified 18,351 money mules and arrested 1,803 of them as part of an international anti-money-laundering operation codenamed EMMA 7. Europol has identified 18,351 money mules and arrested 1,803 of them as part of an international anti-money-laundering operation codenamed EMMA 7. The operation is the result of a joint effort of 27 countries, Eurojust, INTERPOL, […]
Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. Mozilla has addressed a heap-based buffer overflow vulnerability (CVE-2021-43527) in its cross-platform Network Security Services (NSS) set of cryptography libraries. Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and […]
VirusTotal announced VirusTotal Collections, a new service that allows security researchers to share sets of Indicators of Compromise (IoCs). VirusTotal announced VirusTotal Collections, a new service that allows threat researchers to share Indicators of Compromise (IoCs). A collection is a live report that includes IoCs associated with a specific threat and it is available for […]
Nation-state actors from China, India, and Russia, were spotted using a novel RTF template injection technique in recent attacks. APT groups from China, India, and Russia have used a new RTF (rich text format) template injection technique in recent phishing attacks. The technique was first reported by the security firm Proofpoint spotted which observed phishing […]
Which are the most secure encrypted messaging apps? An FBI document shows what data can be obtained from them. The Record shared an FBI training document that reveals the surveillance capabilities of the US law enforcement detailing which data can be extracted from encrypted messaging apps. The document analyzes lawful access to multiple encrypted messaging […]
Sabbath ransomware is a new threat that has been targeting critical infrastructure in the United States and Canada since June 2021. A new ransomware group called Sabbath (aka UNC2190) has been targeting critical infrastructure in the United States and Canada since June 2021. According to Mandiant researchers, the group is a rebrand of Arcane and […]