Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite

Zimbra has released patches to contain an actively exploited security flaw in its enterprise collaboration suite that could be leveraged to upload arbitrary files to vulnerable instances. Tracked as CVE-2022-41352 CVSS score: 9.8, the issue affects a component of the Zimbra suite called Amavis, a...

UK government sounds alarm on tax scams

The UK government has issued a warning for people to be on their guard against fake tax rebate scams as they gearing up to fill out their 2021/22 tax returns. Ensuring your self-employed documents are correct and accurate can be a complicated business at the best of times. Having to worry about...

Winnti APT group docks in Sri Lanka for new campaign

In early August, the Malwarebytes Threat Intelligence team identified a new attack targeting government entities in Sri Lanka. The threat actors used multiple layers of protection and techniques to make analysis harder and hide their final payload. However, based on tactic, techniques and...

NSA Alert: Topmost CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

On October 6, 2022, the United States National Security Agency NSA released a cybersecurity advisory on the Chinese government—officially known as the People’s Republic of China PRC states-sponsored cyber actors activity to seek national interests. These malicious cyber activities attributed to t...

Biden’s Privacy Order Slaps a Band-Aid on the EU-US Data Crisis

A new executive order tries to reassure Europeans that their data is safe on US soil, despite government surveillance...

web2.gov.mb.ca Cross Site Scripting vulnerability OBB-2979043

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CISA Orders Federal Agencies to Regularly Track Network Assets and Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency CISA has issued a new Binding Operational Directive BOD that directs federal agencies in the country to keep track of assets and vulnerabilities on their networks six months from now. To that end, Federal Civilian Executive Branch FCEB...

Cyber Attacks Against Middle East Governments Hide Malware in Windows Logo

An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks against Middle Eastern governments. Broadcom's Symantec Threat Hunter Team attributed the updated tooling to a hacking group it tracks...

Hackers turn to Signal, Telegram and Dark Web to assist Iranian protestors

By Waqas Hackers are actively using encrypted chat apps like Signal and Telegram to share stolen data belonging to the Iranian government, tutorials on how to hack, and use VPNs and Tor to bypass censorship. This is a post from HackRead.com Read the original post: Hackers turn to Signal, Telegram...

Local government cybersecurity: 5 best practices

It seems like not a day goes by where we dont hear about a local government cyberattack. Indeed, from 911 call centers to public schools, cyberattacks on local governments are as common as they are devastating. Just how often do threat actors attack local governments? A survey of 14 mainly larger...

Swachh City Platform Suffers Data Breach Leaking 16 Million User Records

A threat actor by the name of LeakBase has shared a database containing personal information allegedly affecting 16 million users of Swachh City, an Indian complaint redressal platform. Leaked details include usernames, email addresses, password hashes, mobile numbers, one-time passwords, last...

Cyber Tools and Foreign Policy: A False Flag Chinese “APT” and Nancy Pelosi’s Visit to Taiwan

Cyber Tools and Foreign Policy: A False Flag Chinese “APT” and Nancy Pelosi’s Visit to Taiwan By Anne An · September 29, 2022 Preface U.S. House Speaker Nancy Pelosi’s visit to Taiwan led to an aftershock across the Taiwan Strait and through the Asia Pacific region. Immediately after Pelosi’s...

New campaign uses government, union-themed lures to deliver Cobalt Strike beacons

By Chetan Raghuprasad and Vanja Svajcer. Cisco Talos discovered a malicious campaign in August 2022 delivering Cobalt Strike beacons that could be used in later, follow-on attacks. Lure themes in the phishing documents in this campaign are related to the job details of a government organization i...

Hackers Using PowerPoint Mouseover Trick to Infect Systems with Malware

The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique "is designed to be triggered when the user starts the presentation mode and moves...

New Report on IoT Security

The Atlantic Council has published a report on securing the Internet of Things: "Security in the Billions: Toward a Multinational Strategy to Better Secure the IoT Ecosystem." The report examines the regulatory approaches taken by four countries--the US, the UK, Australia, and Singapore--to secur...

Iranian State Actors Conduct Cyber Operations Against the Government of Albania

Summary The Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA are releasing this joint Cybersecurity Advisory to provide information on recent cyber operations against the Government of Albania in July and September. This advisory provides a timelin...

OpIran – Anonymous Hits Iranian State Sites, Hacks Over 300 CCTV Cameras

By Waqas Here's everything you want to know about Anonymous and its cyber attacks against the Iranian government for OpIran. This is a post from HackRead.com Read the original post: OpIran - Anonymous Hits Iranian State Sites, Hacks Over 300 CCTV Cameras...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1504)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2015-1283)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Aviation, Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation,...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2017-1137)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...