According to an alert released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), cybercriminals are currently exploiting the so-called ProxyShell Microsoft Exchange vulnerabilities: CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207. CISA Warns against ProxyShell Attacks The agency’s strong advice is for organizations…
There is a recently disclosed unpatched flaw in Fortinet’s web application firewall appliances. The vulnerability could be exploited by remotes authenticated attackers to execute malicious commands. Related: Top Exploited Vulnerabilities in 2020: Hackers Take Advantage of Remote Work In other…
AdLoad is a well-known adware and bundleware loaders family which has been targeting macOS users since 2017, or even earlier. The threat installs a backdoor on the system to drop adware and potentially unwanted applications (PUAs), and also collects information.…
Facebook is rolling out optional end-to-end encryption for video and voice calls on Messenger, along with updates controls for disappearing messages. The new features are coming to address users’ expectations and needs for security and privacy, allowing users to be…
Heimdal security researchers were just informed about a new ransomware strain, signed by a group called DeepBlueMagic. Apparently, the new strain is rather complex, displaying innovative approaches in terms of its file encryption. The compromised device the researchers analyzed was…
A new nefarious information stealer has been detected in the wild. Dubbed Ficker and detected by the BlackBerry Research & Intelligence Team, the infostealer is sold and distributed on Russian underground forums by a hacker known as @ficker. The malware…
FortBridge security researchers recently achieved remote code execution and privilege escalation on cPanel, the popular web hosting control panel software, and WHM using a stored cross-site scripting (XSS) flaw. cPanel Flaws Discovered During Black-Box Pentest The team discovered multiple vulnerabilities…
Accenture is the latest victim of the LockBit ransomware gang. LockBit Ransomware Hits Accenture The cybercriminals recently posted the name and logo of the company, which is a global business consulting firm. As such, Accenture’s clients include 91 names of…
Poly Network, a China-based cryptocurrency platform for exchanging tokens across multiple blockchains, was a victim of an attack due to a vulnerability in its system. As a result, the staggering amount of $611 million worth of cryptocurrency were siphoned from…
Microsoft’s August 2021 Patch Tuesday just rolled out, addressing 51 security vulnerabilities, including more Print Spooler issues, a zero-day, and seven critical flaws. Reports indicate that the zero-day, known under the CVE-2021-36948 advisory has been actively exploited in the wild.…
There’s a newly developed malware on the radar of security researchers who believe that it could be released into the wild soon. The malware, which is still under construction, is called Chaos and was spotted in underground ads where it…
A recently disclosed vulnerability in routers running Arcadyan firmware is currently being exploited in the wild by unknown threat actors. The vulnerability, which was disclosed by Tenable researchers on August 3, has been around for at least a decade. Affected…
Security researchers Dan Petro and Allan Cecil from Bishop Fox Labs recently shared their findings regarding an RNG vulnerability in the foundation of IoT (Internet of Things) security. The critical flaw resides in hardware number generators (RNGs) and affects 35…
Another large-scale ransomware attack took place a few days ago. The victim of a RansomExx attack is GIGABYTE, a Taiwanese vendor of computer hardware. Hackers are now threatening to release more than 112 GB of business data on the dark…
A security researcher recently discovered and reported to the public a vulnerability in Telegram for macOS that could expose users’ self-destruct messages. By design, Telegram secret chats rely on end-to-end encryption and should provide bullet-proof security and privacy of chat…
Cisco released patches to fix several critical security vulnerabilities in its Small Business VPN routers. The vulnerabilities could enable remote attackers to perform arbitrary code execution attacks and trigger denial-of-service (DoS). CVE-2021-1609 and CVE-2021-1610 in Cisco Small Busines Routers Tracked…
Security researchers from Sophos Labs recently tracked a new campaign distributing the well-known Raccoon inforstealer. The malware, which is run on as-a-service basis by its developers, has been updated with new tactics, techniques and procedures to steal critical information from…
How dangerous are software supply chain attacks? The European Union Agency for Cybersecurity, shortly known as ENISA recently analyzed 24 recent attacks, discovered between January 2020 and early July 2021, only to conclude that strong protection is not sufficient enough.…
Cybersecurity researchers recently detected new activities related to a highly modular backdoor and keylogger. Called Solarmarker, the threat has a multistage, heavily obfuscated PowerShell loader that executes the .NET backdoor. Solarmarker Backdoor Technical Details Solarmarker activities were observed independently by…
Microsoft’s security team investigated an ongoing malicious campaign using fraudulent call centers to trick users into downloading the BazaLoader (also known as the BazarLoader) malware. Called BazaCall, the campaign appears to be more dangerous than initially suspected. The reason for…
