Attackers are leveraging Follina. What can you do?
As the world is waiting for Microsoft to push out a patch for CVE-2022-30190, aka “Follina”, attackers around the world are exploiting the vulnerability in a variety of campaigns. A complex vulnerability Microsoft has described CVE-2022-3.....»»
Navigating the gray zone of ransomware payment practices
Ransomware remains a lucrative tool for cybercriminals as attackers continue to target a wide array of businesses. In response to this growing threat, an increasing number of organizations are compelled to meet ransom demands, perceiving it as their.....»»
Ransomware attackers are targeting US healthcare and education services
The USA is now seeing more ransomware attacks than the next 22 most-affected countries combined, according to a new report that expects the number of incidents to rise sharply.Security research firm Malwarebytes has previously reported on the differe.....»»
Top 12 vulnerabilities routinely exploited in 2022
Cybersecurity agencies from member countries of the Five Eyes intelligence alliance have released a list of the top 12 vulnerabilities routinely exploited in 2022, plus 30 additional ones also “popular” with attackers. The top 12 “I.....»»
Attackers can turn AWS SSM agents into remote access trojans
Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual servers), as well as to non-EC2 machines (e.g., on-premises enterprise serve.....»»
Hidden VNC tool gives attackers full access to Macs; comes with $100K guarantee
Cybersecurity firm Guardz has found Russian hackers offering for sale a Hidden VNC tool specifically designed to give attackers full access to Macs. It follows a similar tool for accessing Windows PCs, and is geared to stealing personal data and logi.....»»
1 in 100 emails is malicious
BEC and phishing attacks soar by 20% and 41% respectively in H1 2023, according to Perception Point. Cyber attackers have continued to refine their methods, adopting more sophisticated techniques to exploit vulnerabilities across various sectors. Wit.....»»
Stremio vulnerability exposes millions to attack
CyFox researchers have discovered a DLL planting/hijacking vulnerability in popular media center application Stremio, which could be exploited by attackers to execute code on the victim’s system, steal information, and more. About the vulnerabi.....»»
New persistent backdoor used in attacks on Barracuda ESG appliances
The Cybersecurity and Infrastructure Agency (CISA) has published an analysis report on the backdoors dropped by attackers exploiting CVE-2023-2868, a remote command injection vulnerability in Barracuda Email Security Gateway (ESG) appliances. Barracu.....»»
Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)
Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted Last week, we reported on a remote unauthenticated API access vulnerability (.....»»
MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)
A privilege escalation vulnerability (CVE-2023-30799) could allow attackers to commandeer up to 900,000 MikroTik routers, says VulnCheck researcher Jacob Baines. While exploting it does require authentication, acquiring credentials to access the rout.....»»
Introducing GOBI: A breakthrough computational package for inferring causal interactions in complex systems
In the quest to unravel the underlying mechanisms of natural systems, accurately identifying causal interactions is of paramount importance. Leveraging the advancements in time-series data collection through cutting-edge technologies, computational m.....»»
Data breaches: Corporations want to make us pay, not spend money on security
IBM’s latest report on data breaches reveals attackers are now more interested in stealing personal data for identity theft than they are simply taking credit card details. It also found that big companies would rather just pass on the costs to co.....»»
Attackers intensify DDoS attacks with new tactics
As we entered 2023, the cybersecurity landscape witnessed an increase in sophisticated, high-volume attacks, according to Gcore. The maximum attack power rose from 600 to 800 Gbps. UDP flood attacks were most common and amounted to 52% of total attac.....»»
A quantum radar that outperforms classical radar by 20%
Quantum technologies, a wide range of devices that operate by leveraging the principles of quantum mechanics, could significantly outperform classical devices on some tasks. Physicists and engineers worldwide have thus been working hard to achieve th.....»»
Attackers find new ways to deliver DDoSes with “alarming” sophistication
Once crude and unsophisticated, DDoSes are now on par with those by nation-states. Enlarge (credit: Aurich Lawson / Getty) The protracted arms race between criminals who wage distributed denial-of-service attacks and the.....»»
Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519)
Citrix has patched three vulnerabilities (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), one of which is a zero-day being exploited by attackers. A zero-day patched.....»»
Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203)
Attackers are exploiting two Adobe ColdFusion vulnerabilities (CVE-2023-29298, CVE-2023-38203) to breach servers and install web shells to enable persistent access and allow remote control of the system, according to Rapid7 researchers. Flaws with in.....»»
Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)
For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an Office and Windows HTML RCE vulnerability exploited in targeted attacks aime.....»»
Malware delivery to Microsoft Teams users made easy
A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the exploited vulnerability As noted by Jumpsec researchers Max Corbridge and.....»»
Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking
Most critical of the bugs allowed attackers to root federated instances. Enlarge The maintainers of the open-source software that powers the Mastodon social network published a security update on Thursday that patches a.....»»