Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks

Russian cyber espionage actors affiliated with the Federal Security Service FSB have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon's aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and...

New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems

Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer P2P worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. "P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than...

Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw

Apple has released another round of security updates to address multiple vulnerabilities in iOS and macOS, including a new zero-day flaw that has been used in attacks in the wild. The issue, assigned the identifier CVE-2022-32917, is rooted in the Kernel component and could enable a malicious app...

Build Your 2022 Cybersecurity Plan With This Free PPT Template

The end of the year is coming, and it's time for security decision-makers to make plans for 2022 and get management approval. Typically, this entails making a solid case regarding why current resources, while yielding significant value, need to be reallocated and enhanced. The Definitive 2022...

Clop Gang Partners Laundered $500 Million in Ransomware Payments

The cybercrime ring that was apprehended last week in connection with Clop aka Cl0p ransomware attacks against dozens of companies in the last few months helped launder money totaling $500 million for several malicious actors through a plethora of illegal activities. "The group — also known as...

Indian IT Company Was Hired to Hack Politicians, Investors, Journalists Worldwide

A team of cybersecurity researchers today outed a little-known Indian IT firm that has secretly been operating as a global hackers-for-hire service or hacking-as-a-service platform. Based in Delhi, BellTroX InfoTech allegedly targeted thousands of high-profile individuals and hundreds of...

Twitter Discloses Suspected State-Sponsored Attack After Minor Data Breach

Twitter has been hit with a minor data breach incident that the social networking site believes linked to a suspected state-sponsored attack. In a blog post published on Monday, Twitter revealed that while investigating a vulnerability affecting one of its support forms, the company discovered...

Google+ to Shut Down Early After New API Flaw Hits 52.5 Million Users

Google today revealed that Google+ has suffered another massive data breach, forcing the tech giant to shut down its struggling social network four months earlier than its actual scheduled date, i.e., in April 2019 instead of August 2019. Google said it discovered another critical security...

Google Announces 5 Major Security Updates for Chrome Extensions

Google has made several new announcements for its Chrome Web Store that aims at making Chrome extensions more secure and transparent to its users. Over a couple of years, we have seen a significant rise in malicious extensions that appear to offer useful functionalities, while running hidden...

Symfony Flaw Leaves Drupal Sites Vulnerable to Hackers—Patch Now

It's time to update your Drupal websites. Drupal, the popular open-source content management system, has released a new version of its software to patch a security bypass vulnerability that could allow a remote attacker to take control of the affected websites. The vulnerability, tracked as...

Microsoft Issues Emergency Patch For Critical RCE in Windows Malware Scanner

Microsoft's own antivirus software made Windows 7, 8.1, RT and 10 computers, as well as Windows Server 2016 more vulnerable. Microsoft has just released an out-of-band security update to patch the crazy bad bug discovered by a pair of Google Project Zero researchers over the weekend. Security...

High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server

Atlassian and the Internet Systems Consortium ISC have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service DoS and remote code execution. The Australian software services provider said that the four high-severity flaws were fixed in new...

New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers

A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in...

Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor

An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a hitherto undocumented PowerShell-based modular backdoor dubbed "CharmPower" for follow-on post-exploitation. "The actor's attack setup was...

Ukraine Identifies Russian FSB Officers Hacking As Gamaredon Group

Ukraine's premier law enforcement and counterintelligence agency on Thursday disclosed the real identities of five individuals allegedly involved in digital intrusions attributed to a cyber-espionage group named Gamaredon, linking the members to Russia's Federal Security Service FSB. Calling the...

Update Google Chrome ASAP to Patch 2 New Actively Exploited Zero-Day Flaws

Google on Thursday pushed urgent security fixes for its Chrome browser, including a pair of new security weaknesses that the company said are being exploited in the wild, making them the fourth and fifth actively zero-days plugged this month alone. The issues, designated as CVE-2021-37975 and...

Critical Flaws Affect Embedded TCP/IP Stack Widely Used in Industrial Control Devices

Cybersecurity researchers on Wednesday disclosed 14 vulnerabilities affecting a commonly-used TCP/IP stack used in millions of Operational Technology OT devices manufactured by no fewer than 200 vendors and deployed in manufacturing plants, power generation, water treatment, and critical...

Critical ThroughTek Flaw Opens Millions of Connected Cameras to Eavesdropping

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday issued an advisory regarding a critical software supply-chain flaw impacting ThroughTek's software development kit SDK that could be abused by an adversary to gain improper access to audio and video streams. "Successful...

Apple Warns of 3 iOS Zero-Day Security Vulnerabilities Exploited in the Wild

Apple on Tuesday released updates for iOS, iPadOS, and tvOS with fixes for three security vulnerabilities that it says may have been actively exploited in the wild. Reported by an anonymous researcher, the three zero-day flaws — CVE-2021-1782, CVE-2021-1870, and CVE-2021-1871 — could have allowed...

GandCrab Ransomware Decryption Tool [All Versions] — Recover Files for Free

Cybersecurity researchers have released an updated version of GandCrab ransomware decryption tool that could allow millions of affected users to unlock their encrypted files for free without paying a ransom to the cybercriminals. GandCrab is one of the most prolific families of ransomware to date...

20-Year-Old Man Arrested For Carrying Out Germany's Biggest Data Leak

German federal police have arrested a 20-year-old local student for stealing and publishing a massive trove of personal data of hundreds of politicians, journalists and other public figures last month. The young man, whose identity has not been revealed by the police, was arrested after police...

Adobe's Year-End Update Patches 87 Flaws in Acrobat Software

Adobe is closing out this year with its December Patch Tuesday update to address a massive number of security vulnerabilities for just its two PDF apps—more than double the number of what Microsoft patched this month for its several products. Adobe today released patches for 87 vulnerabilities...

Hackers Steal Customers' Credit Cards From Newegg Electronics Retailer

The notorious hacking group behind the Ticketmaster and British Airways data breaches has now victimized popular computer hardware and consumer electronics retailer Newegg. Magecart hacking group managed to infiltrate the Newegg website and steal the credit card details of all customers who enter...

New Linux Malware Exploits SambaCry Flaw to Silently Backdoor NAS Devices

Remember SambaCry? Almost two months ago, we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software, allowing a hacker to remotely take full control of a vulnerable Linux and Unix machines. We dubbed the vulnerability as SambaCry, because of its...

Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network

Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This computer network was used for unclassified research and development R&D," the Dutch Military Intelligence and Security Service MIVD said in a statement...

Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!

The maintainers of the open-source continuous integration/continuous delivery and deployment CI/CD automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result in remote code execution RCE. The issue, assigned the CVE...

CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added three security flaws to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows - CVE-2023-36584 CVSS score: 5.4 - Microsoft Windows...

Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers

Cybersecurity researchers have discovered a stealthy backdoor named Effluence that's deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is not remediated by applying...

Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers

Microsoft has disclosed that it's detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group known as Midnight Blizzard. The intrusions, which make use of residential proxy services to obfuscate the source IP address of the attacks, target governments, ...

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities

Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address dozens of flaws, including three new zero-days that it said are being actively exploited in the wild. The three security shortcomings are listed below - CVE-2023-32409 - A...

Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability

U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware Gang that attempt to exploit vulnerable PaperCut servers against the education facilities sector in the country. The attacks took place in early May 2023, the Federal...

CISA Adds Zimbra Email Vulnerability to its Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a recently disclosed high-severity vulnerability in the Zimbra email suite to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue in question is CVE-2022-27924 CVSS score:...

Researcher Releases PoC for Recent Java Cryptographic Vulnerability

A proof-of-concept PoC code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 CVSS score: 7.5, impacts the following versions of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE:...

Bug in Popular WinRAR Software Could Let Attackers Hack Your Computer

A new security weakness has been disclosed in the WinRAR trialware file archiver utility for Windows that could be abused by a remote attacker to execute arbitrary code on targeted systems, underscoring how vulnerabilities in such software could beсome a gateway for a roster of attacks. Tracked a...

Critical RCE Flaw in ForgeRock Access Manager Under Active Attack

Cybersecurity agencies in Australia and the U.S. are warning of an actively exploited vulnerability impacting ForgeRock's OpenAM access management solution that could be leveraged to execute arbitrary code on an affected system remotely. "The Australian Cyber Security Centre has observed actors...

Microsoft Issues Emergency Patch for Critical Windows PrintNightmare Vulnerability

Microsoft has shipped an emergency out-of-band security update to address a critical zero-day vulnerability — known as "PrintNightmare" — that affects the Windows Print Spooler service and can permit remote threat actors to run arbitrary code and take over vulnerable systems. Tracked as...

Critical Flaws Hit Cisco SD-WAN vManage and HyperFlex Software

Networking equipment major Cisco has rolled out software updates to address multiple critical vulnerabilities impacting HyperFlex HX and SD-WAN vManage Software that could allow an attacker to perform command injection attacks, execute arbitrary code, and gain access to sensitive information. In ...

Apple May Start Delivering Security Patches Separately From Other OS Updates

Apple may be changing the way it delivers security patches to its devices running iOS and iPadOS mobile operating systems. According to code spotted in iOS 14.5, the iPhone maker is reportedly working on a method for delivering security fixes independently of other OS updates. The changes were...

WARNING — Hugely Popular 'The Great Suspender' Chrome Extension Contains Malware

Google on Thursday removed The Great Suspender, a popular Chrome extension used by millions of users, from its Chrome Web Store for containing malware. It also took the unusual step of deactivating it from users' computers. "This extension contains malware," read a terse notification from Google,...

New Flaws in Qualcomm Chips Expose Millions of Android Devices to Hacking

A series of critical vulnerabilities have been discovered in Qualcomm chipsets that could allow hackers to compromise Android devices remotely just by sending malicious packets over-the-air with no user interaction. Discovered by security researchers from Tencent's Blade team, the vulnerabilities...

Magecart Hackers Infect 17,000 Sites Through Misconfigured Amazon S3 Buckets

Magecart strikes again! Cybersecurity researchers have identified yet another supply-chain attack carried out by payment card hackers against more than 17,000 web domains, which also include websites in the top 2,000 of Alexa rankings. Since Magecart is neither a single group nor a specific malwa...

Researchers Link 'Sharpshooter' Cyber Attacks to North Korean Hackers

Security researchers have finally, with "high confidence," linked a previously discovered global cyber espionage campaign targeting critical infrastructure around the world to a North Korean APT hacking group. Thanks to the new evidence collected by researchers after analyzing a command-and-contr...

Over 202 Million Chinese Job Seekers' Details Exposed On the Internet

Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week. The unprotected 854.8 gigabytes of the database was stored in an instance of...

Chinese Hackers Find Over a Dozen Vulnerabilities in BMW Cars

Chinese security researchers have discovered more than a dozen vulnerabilities in the onboard compute units of BMW cars, some of which can be exploited remotely to compromise a vehicle. The security flaws have been discovered during a year-long security audit conducted by researchers from Keen...

Microsoft Issues Patches For Severe Flaws, Including Office Zero-Day & DNS Attack

As part of its "October Patch Tuesday," Microsoft has today released a large batch of security updates to patch a total of 62 vulnerabilities in its products, including a severe MS office zero-day flaw that has been exploited in the wild. Security updates also include patches for Microsoft Window...

Apache Struts 2 Flaws Affect Multiple Cisco Products

After Equifax massive data breach that was believed to be caused due to a vulnerability in Apache Struts, Cisco has initiated an investigation into its products that incorporate a version of the popular Apache Struts2 web application framework. Apache Struts is a free, open-source MVC framework f...

ISIS Hacker who Passed U.S. Military Data to Terrorists Arrested in Malaysia

Malaysian authorities have arrested a Kosovo citizen in Kuala Lumpur on Computer hacking charges and allegedly providing personal data about United States military members to the Islamic State Terrorists group also known as ISIS or ISIL. According to the US Department of Justice DOJ and the FBI,...

RVTools Official Site Hacked to Deliver Bumblebee Malware via Trojanized Installer

The official site for RVTools has been hacked to serve a compromised installer for the popular VMware environment reporting utility. "Robware.net and RVTools.com are currently offline. We are working expeditiously to restore service and appreciate your patience," the company said in a statement...

Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws

Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service DoS and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 5...

Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days

Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and...