Sophos addressed several vulnerabilities affecting its Sophos Firewall version 19.5, including arbitrary code execution issues. Sophos has released security patches to address seven vulnerabilities in Sophos Firewall version 19.5, including some arbitrary code execution bugs. The most severe issue addressed by the security vendor is a critical code injection vulnerability tracked as CVE-2022-3236. “A code […]
Russia’s second-largest bank VTB Bank reveals it is facing the largest DDoS (distributed denial of service) attack in its history. State-owned VTB Bank, the second-largest financial institution in Russia, says it is facing the largest DDoS (distributed denial of service) attack in its history. The pro-Ukraine collective IT Army of Ukraine has claimed responsibility for […]
Researchers spotted a version of the open-source ransomware toolkit Cryptonite that doesn’t support decryption capabilities. Fortinet researchers discovered a sample of malware generated with the publicly available open-source ransomware toolkit Cryptonite that never offers the decryption window, turning it as a wiper. The experts also reported an increase in ransomware intentionally turned into wiper malware, these […]
Nicholas Truglia, from Florida, US, was sentenced to 18 months in prison for stealing more than $20 million in a SIM swapping scheme. DoJ announced that Nicholas Truglia (25) was sentenced to 18 months in prison for the theft of over $20 million worth of cryptocurrency through SIM swapping attacks. The man was ordered to […]
A French hospital near Paris canceled operations and transfer some patients due to a cyber attack suffered over the weekend. France’s health ministry announced that the Hospital Centre of Versailles was hit by a cyber attack over the weekend. Hospital Centre of Versailles, which includes Andre-Mignot Hospital, Richaud Hospital and the Despagne Retirement Home, canceled […]
Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. “In the Box” dark web marketplace is leveraged by cybercriminals to attack over 300 financial institutions (FIs), payment systems, social media and online-retailers in 43 countries Resecurity, the California-based cybersecurity company protecting major Fortune 500 companies, has identified a new underground marketplace in […]
A critical stack-based buffer overflow bug, tracked as CVE-2022-23093, in the ping service can allow to take over FreeBSD systems. The maintainers of the FreeBSD operating system released updates to address a critical flaw, tracked as CVE-2022-23093, in the ping module that could be potentially exploited to gain remote code execution. The ping utility allows testing the […]
The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity researchers warn of a new malware campaign conducted by the North Korea-linked Lazarus APT against cryptocurrency users. The threat actors were observed spreading fake cryptocurrency apps under the fake brand BloxHolder to deliver the AppleJeus […]
Law enforcement agencies can extract data from the infotainment systems of thousands of different car models. Data managed by infotainment systems in modern vehicles are a valuable source of information for the investigation of law enforcement agencies. Modern vehicles come with sophisticated infotainment systems that are connected online and that could represent an entry point […]
US DHS Cyber Safety Review Board will review attacks linked to the Lapsus$ extortion gang that hit multiple high-profile companies. The Department of Homeland Security (DHS) Cyber Safety Review Board announced that it will review cyberattacks linked to the extortion gang Lapsus$, the gang breached multiple high-profile companies in recent years. “Today, the U.S. Department […]