The cybersecurity agencies of the U.S., U.K. and Australia are urging critical infrastructure organizations to patch vulnerabilities in Microsoft and Fortinet products that they say hackers associated with Iran use in ransomware attacks. “FBI and CISA have observed this Iranian government-sponsored [advanced persistent threat] group exploit Fortinet vulnerabilities since at least March 2021 and a […]
Tag: Cybersecurity
The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime. The Biden administration will work with 30 countries curb global cybercrimeSecurity Affairs
Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their files for free Bitdefender released free REvil ransomware decryptorSecurity Affairs
FireEye ha scoperto una vulnerabilità critica che da remoto può colpire milioni di dispositivi IoT che utilizzano la rete ThroughTek “Kalay” e i loro clienti. Questa vulnerabilità può consentire agli aggressori di compromettere da remoto i dispositivi IoT delle vittime. Permettendo loro di ascoltare audio dal vivo, guardare dati video in tempo reale e compromettere le credenziali del dispositivo. […]
Researchers discovered Linux and Windows implementations of the Cobalt Strike Beacon developed by attackers that were actively used in attacks in the wild Vermilion Strike, a Linux implementation of Cobalt Strike used in attacksSecurity Affairs
Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package ‘Pac-Resolver‘ that has millions of downloads every week Popular NPM package Pac-Resolver affected by a critical flawSecurity Affairs
Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in the wild Apple fixes actively exploited FORCEDENTRY zero-day flawsSecurity Affairs
Facebook announced it will allow WhatsApp users to encrypt their message history backups in the cloud Facebook announces WhatsApp end-to-end encrypted (E2EE) backupsSecurity Affairs
Spook.js is a new side-channel attack on modern processors that can allow bypassing Site Isolation protections implemented in Google Chrome Spook.Js attack allows to bypass Google Chrome Site Isolation protectionsSecurity Affairs
Technology giant Olympus announced it was the victim of a ransomware attack and is currently investigating the extent of the incident BlackMatter ransomware gang hit Technology giant OlympusSecurity Affairs
A new banking trojan dubbed maxtrilha (due to its encryption key) has been discovered in the last few days and targeting customers of European and South American banks New maxtrilha trojan is being disseminated and targeting several banksSecurity Affairs
The Department of Justice and Constitutional Development of South Africa was hit by a ransomware attack that crippled bail services Department of Justice and Constitutional Development of South Africa hit by a ransomware attackSecurity Affairs