Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

Firewall Bug Under Active Attack Triggers CISA Warning

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.

iPhone Users Urged to Update to Patch 2 Zero-Days

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.

Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

Xiaomi Phone Bug Allowed Payment Forgery

Mobile transactions could’ve been disabled, created and signed by attackers.

Black Hat and DEF CON Roundup

‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.

Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics

The CISA has seen a resurgence of the malware targeting a range of verticals and critical infrastructure organizations by exploiting RDP, firewall vulnerabilities.

Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws

August Patch Tuesday tackles 121 CVEs, 17 critical bugs and one zero-day bug exploited in the wild.

Open Redirect Flaw Snags Amex, Snapchat User Data

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.

VMWare Urges Users to Patch Critical Authentication Bypass Bug

Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.

Universities Put Email Users at Cyber Risk

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails.

Malicious Npm Packages Tapped Again to Target Discord Users

Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.

IoT Botnets Fuels DDoS Attacks – Are You Prepared?

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies DDoS attacks today. This is a dangerous warning that the possibility of a sophisticated DDoS attack and a prolonged service outage will prevent businesses from growing.

CISA Urges Patch of Exploited Windows 11 Bug by Aug. 2

Feds urge U.S. agencies to patch a Microsoft July Patch Tuesday 2022 bug that is being exploited in the wild by August 2.

Hack Allows Drone Takeover Via ‘ExpressLRS’ Protocol

A radio control system for drones is vulnerable to remote takeover, thanks to a weakness in the mechanism that binds transmitter and receiver.

Google Patches Actively Exploited Chrome Bug

The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitrary code.

ZuoRAT Can Take Over Widely Used SOHO Routers

Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor.

Patchable and Preventable Security Issues Lead Causes of Q1 Attacks

Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks.

Mitel VoIP Bug Exploited in Ransomware Attacks

Researchers warn threat actors are using a novel remote code execution exploit to gain initial access to victim’s environments.

Log4Shell Vulnerability Targeted in VMware Servers to Exfiltrate Data

CISA warns that threat actors are ramping up attacks against unpatched Log4Shell vulnerability in VMware servers.

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers.

Discovery of 56 OT Device Flaws Blamed on Lackluster Security Culture

Culture of ‘insecure-by-design’ security is cited in discovery of bug-riddled operational technology devices.

China-linked APT Flew Under Radar for Decade

Evidence suggests that a just-discovered APT has been active since 2013.

Follina Exploited by State-Sponsored Hackers

A government-aligned attacker tried using a Microsoft vulnerability to attack U.S. and E.U. government targets.

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario.

Scammers Target NFT Discord Channel

Hackers escalate phishing and scamming attacks to exploit popular Discord bot and persuade users to click on the malicious links.

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack

Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said.

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn.

Zero-Day ‘Follina’ Bug Lays Microsoft Office Open to Attack

Malware loads itself from remote servers and bypasses Microsoft's Defender AV scanner, according to reports.

Critical Flaws in Popular ICS Platform Can Trigger RCE

Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks.

Zoom Patches ‘Zero-Click’ RCE Bug

The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server.

Verizon Report: Ransomware, Human Error Among Top Security Risks

2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur.

Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover

Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites.

April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell

Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild.

Sysrv-K Botnet Targets Windows, Linux

Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins.

iPhones Vulnerable to Attack Even When Turned Off

Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware.

Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors

Microsoft's May Patch Tuesday update is triggering authentication errors.

You Can’t Eliminate Cyberattacks, So Focus on Reducing the Blast Radius

Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company's attack surface and the "blast radius" of a potential attack.

Intel Memory Bug Poses Risk for Hundreds of Products

Dell and HP were among the first to release patches and fixes for the bug.

Actively Exploited Zero-Day Bug Patched by Microsoft

Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.

Ransomware Deals Deathblow to 157-year-old College

Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much.

Hackers Actively Exploit F5 BIG-IP Bug

The bug has a severe rating of 9.8, public exploits are released.

FBI: Rise in Business Email-based Attacks is a $43B Headache

A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem.

F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems

The vulnerability is 'critical' with a CVSS severity rating of 9.8 out of 10.

Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk

A flaw in all versions of the popular C standard libraries uClibc and uClibc-ng can allow for DNS poisoning attacks against target devices.