July 27, 2020 Critical Vulnerability in F5 Networks BIG-IP Devices Exploited in Real-World Attacks On Friday, July 24, 2020, the DHS Cybersecurity and Infrastructure Security Agency (CISA) warned that hackers have started exploiting the CVE-2020-5902 vulnerability in F5 Networks BIG-IP ... Read more
July 20, 2020 Emotet Botnet Springs Back to Life with Massive Malspam Campaign The Emotet botnet has sprung back to life after a 5-month break and is being used to send large volumes of spam emails containing malicious ... Read more
July 10, 2020 95% of Brits Unable to Correctly Distinguish Phishing and Genuine Messages A recent phishing study conducted by the UK firm, Computer Disposals Limited, has revealed British workers struggle to identify phishing attacks, with only 5% of ... Read more
July 9, 2020 Microsoft Research Develops Undetectable Malware Scanner for Virtual Machines Many businesses have replaced traditional desktops with virtual machines located in the cloud. Each virtual machine is an exact replica of a standard desktop complete ... Read more
July 7, 2020 Purple Fox Trojan Developers Create Their Own Exploit Kit and Add Two New Microsoft Exploits The developers of the Purple Fox Trojan/rootkit have created their own exploit kit to distribute their malware and have recently added exploits for two recently ... Read more
July 1, 2020 Warning Issued Over Maximum Severity Vulnerability in Palo Alto Networks Products U.S. Cyber Command has issued a warning about a maximum severity vulnerability in the Palo Alto Networks’ operating system. While the flaw is not currently ... Read more
June 30, 2020 Philips Ultrasound Systems Vulnerability Discovered An authentication bypass vulnerability affecting Philips Ultrasound Systems that could targeted by a hacker to view or modify data has been discovered. The flaw is ... Read more
June 11, 2020 Fake COVID-19 Contact Tracing Apps Used to Install Malware Contact tracing and exposure notification apps are being developed in several countries to help control outbreaks of COVID-19. The apps have already been used in ... Read more
June 4, 2020 TrickBot Trojan Operators Delivering New BazarBackdoor Malware via Phishing Campaign The TrickBot Trojan operators are distributing a new backdoor named BazarBackdoor in targeted phishing attacks on businesses. BazarBackdoor is a stealthy backdoor that gives the ... Read more
May 27, 2020 Turla Hacking Group Tweaks ComRAT Malware to Steal Antivirus Logs and Communicate via Gmail One of the most advanced state-sponsored hacking groups in Russia – Turla – has tweaked its ComRAT malware to steal antivirus logs and communicate with ... Read more
May 21, 2020 Massive Phishing Campaign Distributing Legitimate Remote Admin Tool as RAT A phishing campaign has been detected that exploits the COVID-19 pandemic to spread a legitimate remote administration tool which is being used as a remote ... Read more
May 19, 2020 Another Malware Variant Identified that Targets Air-Gapped Networks In the past week, three cybersecurity firms have announced they have found malware variants that are being used to target air-gapped networks. First came the ... Read more
May 15, 2020 Ramsay Malware Designed to Steal Data from Air-Gapped Networks A new malware toolkit has been discovered that appears to have been developed to steal sensitive data from air-gapped networks. Researchers at ESET have named ... Read more
May 14, 2020 Prioritize Patching and Fix These Commonly Exploited Vulnerabilities A joint alert has been issued by the U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation ... Read more
May 1, 2020 Easily Exploitable RCE Salt Vulnerabilities Discovered that Require Urgent Attention Researchers at F-Secure have identified two high severity vulnerabilities in the SaltStack Python-based open source Salt project, which can allow remote code execution as root ... Read more
April 27, 2020 Sophos Discovers and Patches Actively Exploited Flaw in its XG Firewall Sophos has released a patch for a zero-day vulnerability in its XG Firewall which has been exploited in attacks to deliver malware. The flaw was ... Read more
April 23, 2020 Actively Exploited Zero-Day Flaws Identified in iOS Mail Application Two critical zero-day vulnerabilities have been identified in the iOS Mail application that have been exploited by threat actors in attacks on high profile targets ... Read more
April 21, 2020 Phishing Campaign Claims Tens of Millions of Euros of Government COVID-19 Payouts A phishing campaign has resulted in losses of tens of millions of Euros for the German North-Rhine-Westphalia (NRW) government. The NRW government’s Ministry of Economic ... Read more
April 15, 2020 Three Actively Exploited Flaws Patched by Microsoft On April 2020 Patch Tuesday, Microsoft made available updates to fix 113 flaws in its operating systems and software solutions, 19 of which have been ... Read more
April 14, 2020 FTC: Coronavirus and COVID-19 Scams Result in Losses of $12.78 Million in 2020 Figures released by the U.S. Federal Trade Commission (FTC) have revealed the extent of losses to coronavirus and COVID-19 scams in 2020. The FTC received ... Read more
April 8, 2020 Zoom Installers are Being Bundled with Malware The sheer number of people now working from home to maintain social distancing during the coronavirus lockdown has resulted in huge interest in teleconferencing platforms ... Read more
April 6, 2020 Lokibot Information Stealer Distributed in Spear Phishing ampaign Impersonating WHO Researchers at Fortinet’s FortiGuard Labs have identified a new spear phishing campaign that impersonates the World Health Organization (WHO) to distribute the LokiBot information stealer. ... Read more
April 3, 2020 Beware of New Coronavirus Wiper Malware A new wiper malware has been detected that uses a similar method to the 2017 NotPetya wiper malware to trash computers by overwriting the Master ... Read more
April 2, 2020 Phishing Campaigns Using Offer of Coronavirus Financial Relief as Lure Governments around the world are developing financial relief packages to help citizens that have been unable to work due to the coronavirus and are facing ... Read more
March 31, 2020 Micropatch Released for Actively Exploited Windows Font Processing Vulnerabilities Library were being actively exploited in the wild. The flaws concern how type 1 PostScript fonts are handled. The flaws can be exploited if a ... Read more
March 30, 2020 Cybercriminals are Changing DNS Settings on Routers to Deliver Malware Through Fake Coronavirus Apps A malware distribution campaign has been detected that uses malicious coronavirus apps to deliver the Oski information stealing Trojan. The campaign was detected by Bitdefender ... Read more
March 23, 2020 All Supported Windows Versions Affected by Two Actively Exploited Zero-Day RCE Flaws Microsoft has issued a security advisory about two actively exploited zero-day flaws in Windows Adobe Type Manager Library. The critical remote code execution vulnerabilities affect ... Read more
March 20, 2020 WHO Director-General Impersonated in Spam Campaign Delivering HawkEye Keylogger and Malware Downloader Another coronavirus-themed phishing campaign has been detected impersonating the World Health Organization (WHO), or more specifically, the Director-General of WHO, Dr. Tedros Adhanom Ghebreyesus. The ... Read more
March 19, 2020 Coronavirus Pandemic Guidance on Telehealth & HIPAA Released by OCR After the announcement made by the HHS’ Office for Civil Rights that enforcement of HIPAA compliance linked to the good faith provision of telehealth services ... Read more
March 11, 2020 Microsoft Announces Takedown of Necurs Botnet Microsoft has announced it has seized the U.S. command and control infrastructure of the Necurs botnet and has taken steps to prevent the infrastructure from ... Read more