March 10, 2020 Microsoft Exchange RCE Vulnerability Being Actively Exploited in the Wild A post-auth remote code execution vulnerability affecting all supported versions of Microsoft Exchange Server is now being exploited in the wild by multiple advanced persistent ... Read more
March 6, 2020 Vulnerability in Walgreens Mobile App Secure Messaging Feature Made PHI Accessible Walgreens has started contacting customers to make them aware that a portion of their protected health information may have been accessed by unauthorized individual due ... Read more
March 6, 2020 TrickBot Trojan Gets Trickier with ActiveX Control to Automatically Run Malicious Macros The TrickBot Trojan is now even trickier now that a Windows 10 ActiveX control has been incorporated to automatically run malicious macros in email Office ... Read more
March 4, 2020 More Than 1 Billion Devices Affected by Kr00k Wi-Fi Encryption Vulnerability A vulnerability has been identified in Wi-Fi chips manufactured by Broadcom and Cypress which are used in more than a billion devices, according to a ... Read more
February 27, 2020 74% of Phishing Sites Now Use HTTPS The latest phishing activity trends report from the Anti-Phishing Working Group (APWG) shows a decline in the number of detected phishing sites after the 3-year ... Read more
February 26, 2020 Phishers’ Favorite Report Reveals Massive Increase in WhatsApp Phishing URLs The Q4, 2019 Phishers’ Favorite report from email security firm Vade Secure shows PayPal is the most impersonated brand in phishing attacks, making it two ... Read more
February 20, 2020 Q4 2019 Threat Report Reveals Emotet Dominates Threat Landscape The Q4, 2019 Threat Report from cybersecurity firm Proofpoint has confirmed Emotet was the biggest malware threat in 2019, accounting for 37% of all malicious ... Read more
February 18, 2020 Fresh Warnings Issued About Coronavirus Phishing Scams Fresh warnings have been issued about coronavirus phishing scams that are being conducted to steal sensitive data and spread malware. Multiple threat actors are taking ... Read more
February 11, 2020 Threat from Phishing Highlighted on Safer Internet Day Today is Safer Internet Day, a global event aimed at promoting safer use of online technology and the creation of a safe and stimulating online ... Read more
February 7, 2020 Malware Campaign Delivers Package of Seven Malware Variants via BitBucket Cybereason’s Nocturnus research team has identified a malware distribution campaign that aims to deliver multiple malware variants via the cloud storage platform BitBucket. The researchers ... Read more
February 3, 2020 30,000 Patients Affected After Malware Corrupts Medical Records On November 21, 2019, Fondren Orthopedic Group, an association of private orthopedic surgery practitioners located in Houston and the surrounding areas, were hit by a ... Read more
February 3, 2020 Evil Corp Resumes Operations Using New Phishing Tactic to Deliver RAT A hacking group known as Evil Corp, aka TA505, has resumed its malicious activities and has adopted a new phishing tactic for delivering malware. The ... Read more
February 3, 2020 Novel Coronavirus Outbreak Prompts HHS Covered Entity HIPAA Data Sharing Warning In response to the 2019 Novel Coronavirus outbreak, the Department of Health and Human Services has released a bulletin to make HIPAA-covered entities aware of ... Read more
January 31, 2020 Beware of Coronavirus Themed Phishing Attacks The novel coronavirus that originated in the province of Wuhan in China has now spread to other countries, with Japan and Thailand the worst affected ... Read more
January 27, 2020 Urgent Patching Required for Windows Server Flaws Now PoC Exploits Published On January 2020 Patch Tuesday (01.14.2020) Microsoft released patches to address two vulnerabilities in Remote Desktop Gateway (RD Gateway) that affected Windows Server 2012, 2016, ... Read more
January 24, 2020 CISA Warns of Increase in Emotet Malware Activity The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning over an increase in Emotet malware activity. The Emotet botnet sprung ... Read more
January 24, 2020 Cisco Patches Critical Vulnerability in Cisco Firepower Management Center Cisco has issued hotfix patches for a critical vulnerability in its network security tool, Cisco Firepower Management Center (FMC). The flaw, tracked as CVE-2019-16028, is ... Read more
January 22, 2020 The Emotet Botnet is Back in Action Sending Spam with New Lures to Fool the Unwary There was a welcome Christmas break from the Emotet botnet, but life has returned to normal and it is well and truly back in action. ... Read more
January 21, 2020 Critical Zero-Day Internet Explorer Vulnerability Exploited in the Wild Microsoft has announced it is developing a patch for a zero-day Internet Explorer vulnerability that is currently being exploited in the wild. In the meantime, ... Read more
January 16, 2020 DHS: Citrix Vulnerability Being Exploited Still The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has released an alert in relation to a recently discovered flaw in the Citrix ... Read more
January 10, 2020 Mozilla Patches Actively Exploited Zero Day Firefox Vulnerability Mozilla has patched a critical zero-day vulnerability in the Firefox browser which is being actively exploited in the wild. The flaw – tracked as CVE-2019-17026 ... Read more
January 7, 2020 Landry’s Restaurant Chain Discovers POS Malware Infection The popular U.S. restaurant chain Landry’s has discovered malware on the point of sale (POS) system used by 63 of the chain’s brands including Aquarium, ... Read more
January 2, 2020 Microsoft Takes Down 50 Phishing Domains Used by North Korea-Backed Threat Group Microsoft has sought help from the courts to take down domains used by the North Korea-backed hacking group, Thallium (APT37). After securing the court order ... Read more
December 26, 2019 Three Members of Goznym Banking Trojan Gang Sentenced Three individuals who were part of the criminal organization responsible for the Goznym malware attacks in Europe and North America between 2015 and 2016 have ... Read more
December 24, 2019 Campaign Identified Delivering Package of 6 Malware Variants A malware distribution campaign has been detected by researchers at Deep Instinct which is delivering a package of 6 malware variants in one hit. The ... Read more
December 6, 2019 New Highly Destructive Wiper Malware Variant Detected A new wiper malware has been detected by security researchers at IBM X-Force which is being used in attacks on energy companies and industrial firms ... Read more
December 4, 2019 StrandHogg Android Vulnerability Allows Malicious Apps to Pose as Legitimate Ones An Android vulnerability has been discovered that allows malicious apps to disguise themselves as legitimate apps and gain full permissions. The vulnerability is being actively ... Read more
November 27, 2019 Microsoft Reports on New Dexphot Malware That Has Infected 80,000 Devices This week, Microsoft has reported on a ‘new’ malware threat named Dexphot. It is not exactly new, as Microsoft first detected the threat in October ... Read more
November 21, 2019 Horrific Android Camera Vulnerability Left Millions of Users Vulnerable to Spying A vulnerability has been identified in the Google Camera and Samsung Camera apps that is easy to exploit and would allow an attacker to take ... Read more
November 19, 2019 New Phishing Campaign Detected Targeting Office 365 Administrators PhishLabs has identified an ongoing phishing campaign targeting Office 365 administrators. The aim of the campaign is to obtain Office 365 admin credentials. Phishers face ... Read more