June 5, 2019 New Zero-Day Vulnerability Identified in Microsoft Remote Desktop Services A zero-day vulnerability has been identified in Microsoft Remote Desktop Services which could allow an attacker to hijack an existing session that has been locked. ... Read more
June 4, 2019 MacOS Zero-Day Vulnerability Allows Synthetic Mouse Clicks to Run Malicious Code A zero-day vulnerability has been discovered in Apple’s Mojave operating system which could be exploited to run malicious code on vulnerable devices without being detected. ... Read more
May 31, 2019 Emotet was the Biggest Email Threat in Q1 A new report from Proofpoint has confirmed Emotet was the biggest email-based threat in the first quarter of 2019. The popularity of the malware is ... Read more
May 30, 2019 BlueKeep RDP Vulnerability Still Not Patched on Almost 1 Million Devices The critical, wormable BlueKeep RDP vulnerability (CVE-2019-0708) that was patched by Microsoft on May 14 has still not been addressed on almost 1 million devices, ... Read more
May 23, 2019 Exploit for Zero Day Flaw in Windows Task Scheduler Released Online Security researcher ‘SandboxEscaper’ has released a PoC exploit for yet another vulnerability in Windows Task Scheduler, just a few days after the latest round of ... Read more
May 22, 2019 More Than 1 Million Machines Still Vulnerable to EternalBlue Exploit In March 2017, Microsoft released the MS17-010 patch to correct a flaw in Windows Server Message Block (SMB) v1 that was exploited by WannaCry ransomware ... Read more
May 21, 2019 TrickBot Trojan Now Using URL Redirects to Fool End Users and Cybersecurity Solutions The Trickbot banking Trojan is one of the biggest cyber threats faced by businesses. Trickbot is primarily a banking Trojan that is used to obtain ... Read more
May 17, 2019 International Law Enforcement Operation Shuts Down Goznym Malware Gang The international criminal gang behind the infamous Goznym malware has been disbanded following a complex law enforcement investigation in Bulgaria, Germany, Georgia, Moldova, Ukraine, and ... Read more
May 14, 2019 WhatsApp Zero Day Vulnerability Actively Exploited to Spy on Users A WhatsApp zero day vulnerability has been identified which is being exploited to install spyware on users’ devices. The flaw is a buffer overflow vulnerability ... Read more
May 13, 2019 Microsoft SharePoint Server Flaw Actively Exploited in the Wild A remote code execution vulnerability in Microsoft SharePoint (CVE-2019-0604) is being actively exploited in the wild by multiple threat actors who are leveraging the flaw ... Read more
May 13, 2019 Warning Issued over Electricfish Malware used by North Korea-Backed Threat Group Hidden Cobra US-CERT has issued a warning about a new malware variant dubbed Electricfish, which is reportedly being used by the North Korea-backed threat group Hidden Cobra, ... Read more
April 30, 2019 Biggest Malware Threats in Healthcare Revealed A recent report from Malwarebytes has revealed Trojans are the biggest malware threat. Trojans account for 79% of all malware detected on healthcare systems by ... Read more
April 25, 2019 Exploitable Flaws Discovered in New WPA3 Wi-Fi Security Standard The next generation of Wi-Fi security – WPA3 – was launched in the summer of 2018, which promised to be the most secure form of ... Read more
April 19, 2019 New Malvertising Campaign Detected Using Highly Sophisticated Aftershock-3PC Malware A new form of malware named Aftershock-3PC is being used in a major malvertising campaign. The malware uses a range of advanced techniques to avoid ... Read more
April 16, 2019 DHS and FBI Issue Warning About New North Korean Hoplight Trojan The U.S Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have both issued advisories about a new Trojan called Hoplight which ... Read more
April 12, 2019 A Quarter of Phishing Emails Bypass Office 365 Anti-Phishing Defenses Microsoft Office 365 default anti-phishing defenses are bypassed by a quarter of all phishing emails, according to new research from cybersecurity firm Avanan. Avanan conducted ... Read more
April 11, 2019 Cryptocurrency Mining Malware Still Dominates the Malware Threat Landscape The latest Global Threat Index report from Check Point shows cryptocurrency mining malware continues to be the biggest malware threat, even with the demise of ... Read more
April 11, 2019 The Baldr Information Stealer: A Dangerous New Malware Threat A new information stealer has been detected which could become a long-term threat. The Baldr information stealer is not especially sophisticated and lacks persistence, but ... Read more
April 4, 2019 Beware of Tax Season Phishing Scams Cybercriminals have stepped up their efforts to scam U.S. taxpayers into divulging their sensitive information and installing malware. Many elaborate tax season phishing scams have ... Read more
April 1, 2019 Europol Meets with Industry Leaders to Discuss Ways to Combat Phishing Europol has hosted a meeting with 70 industry experts to discuss ways to tackle the growing problem of phishing and business email compromise attacks. According ... Read more
March 13, 2019 March 2019 Patch Tuesday: 2 Actively Exploited Bugs Patched by Microsoft March 2019 Patch Tuesday has seen Microsoft issue fixes for 64 vulnerabilities, two of which are being actively exploited in the wild. The two ... Read more
March 8, 2019 Google Chrome and Windows 7 Flaws Being Actively Exploited in the Wild All Chrome users have been advised to update to the latest version of the browser – 72.0.3626.121 – as soon as possible to prevent a ... Read more
March 5, 2019 IRS Launches 2019 Campaign to Raise Awareness of Tax Scams with Phishing Warning The IRS has launched its annual campaign to raise awareness of tax scams that are highly prevalent during tax season. The Dirty Dozen campaign details ... Read more
March 4, 2019 Actively Exploited Zero-Day ColdFusion Vulnerability Patched by Adobe Adobe has issued an out-of-band update to correct the actively exploited ColdFusion vulnerability CVE-2019-7816. The zero-day flaw in its web application development platform is a ... Read more
February 27, 2019 WinRAR Vulnerability Actively Exploited in the Wild to Install Backdoor The 19-year old WinRAR vulnerability that was recently identified by Check Point is being exploited in the wild to install a backdoor that allows remote ... Read more
February 21, 2019 Businesses Targeted in Ongoing Credential-Stealing Separ Malware Phishing Attack An ongoing phishing campaign is targeting businesses and distributing the information-stealing Separ malware. The campaign has mostly concentrated on businesses in South East Asia and ... Read more
February 21, 2019 Drupal Updates Released to Correct Critical RCE Vulnerability An update for the Drupal CMS has been released that corrects a critical vulnerability – CVE-2019-6340 – which, if exploited, could allow the execution of ... Read more
February 19, 2019 Trickbot Trojan Updated to Obtain VNC, PuTTY, and RDP Credentials The Trickbot banking Trojan has been updated with a new module which is capable of obtaining VNC, PuTTY, and remote desktop credentials. The latest variant ... Read more
February 19, 2019 FINRA Issues Phishing Warning to Brokerage Firms The Financial Industry Regulatory Authority (FINRA) has issued a warning to brokerage firms about a new phishing campaign. The scam involves spam emails which appear ... Read more
February 15, 2019 Emotet Threat Actors Now Distributing Trojan via XML Files Masked as Word Documents At least one cybercriminal group distributing the Emotet Trojan has started using a new tactic to infect end users with the malware. The malware is ... Read more