Starting with April 2021, BazaCall has been brought to the public’s attention: the malicious campaign uses a malware named BazaLoader or BazarLoader. In short, the methods hackers use to trick victims is through a phishing mail that urges them to call …
Read More BazaCall Is Not Gone: the Malicious Campaign Goes on with Its ActivityAT&T Alien Labs has released a report detailing a new remote access trojan (RAT) that is circulating online. By its name FatalRAT, its goal is to distribute compromised links on Telegram channels. What Is a RAT? According to our glossary, a RAT is …
Read More FatalRAT in Full Play: the New Trojan that Targets TelegramThe video game company Electronic Arts (EA) suffered a data breach in June, hackers having access to the enterprise’s services and data. Now because threat actors failed to obtain money from the company, they performed an EA data leakage, where the who…
Read More EA Data Leakage Following Unsuccessful Extortion EndeavorIn July 2020, a joint advisory was published that revealed a Russian espionage campaign named APT29 or Cozy Bear, seen also as an extension of SVR (Russia’s Foreign Intelligence Services). Its target was the stealing of COVID-19 vaccine investiga…
Read More Russia’s SVR WellMess Malware Is Seemingly Still in the GameResearchers have continued their investigation on PrintNightmare by further looking for ways to exploit it. Benjamin Delpy has found a new way where anyone could get Windows system privileges if they install a remote print server. The remote print serv…
Read More Hackers Could Get Windows Admin Privileges Through a Remote Print ServerOne might think that threat actors target only big enterprises, so small businesses are left out of sight. This is unfortunately not true. Cybersecurity for small businesses should be a top priority for all organizations. Statistics show that businesse…
Read More Cybersecurity for Small Businesses. What Can You Do to Protect Your Business from Cyber Threats?A French security researcher discovered last week a security flaw through which cyber criminals could fully take over Windows domains: the PetitPotam vulnerability. This is basically an NTLM relay attack in the Windows system that permits hackers to ta…
Read More PetitPotam Vulnerability Lets Hackers Fully Take Over Windows DomainsA global DNS outage related to the Akamai company made quite a stir on Thursday. The outage took down many websites and online services among which we can list Salesforce, Google, Amazon, AWS, Newegg, and PlayStation Network. Who Is Akamai? Akamai stan…
Read More DNS Global Outage Affected Websites and Online ServicesA global DNS outage related to the Akamai company made quite a stir on Thursday. The outage took down many websites and online services among which we can list Salesforce, Google, Amazon, AWS, Newegg, and PlayStation Network. Who Is Akamai? Akamai stan…
Read More DNS Global Outage Affected Websites and Online ServicesResearchers from ReversingLabs have released a report detailing a threat referred to as NPM malware they found in NPM packages that targets credentials by means of the Google Chrome Recovery Tool. How Does the NPM Malware Operate? The NPM Malware file …
Read More NPM Malware Poses a Threat to Passwords in Google ChromeSentinelLabs has released a new report stating the discovery of CVE-2021-3438, a 16-years-old vulnerability present in printer drivers belonging to HP, Samsung, and Xerox. It has been on those drivers from 2005 and now the researchers have found that t…
Read More Hackers Might Gain Admin Rights Through a 16-years-old Vulnerability4 members belonging to APT40, a hacking group supported by the Chinese government, were indicted yesterday by the U.S. DOJ (Department of Justice). They were charged with several hacking crimes that unfolded between 2011 and 2018 where they targeted st…
Read More Four Members of APT40 Indicted by the U.S. Department of JusticeA new ransomware attack pointed to a U.S. law company. The Campbell data breach led to private information disclosure targeting the law firm Campbell Conroy & O’Neil, P.C. The enterprise is the one responsible to counsel Fortune 500 and Globa…
Read More Campbell Data Breach Leads to Private Information ExposureA fresh cyberattack targeted a medical clinic and led to a Forefront Dermatology data breach that compromised the credentials of 2.4 million patients and employees. Forefront Dermatology Data Breach Leads to Credentials’ Disclosure DataBreaches.net has…
Read More Forefront Dermatology Data Breach Affects 2.4 Million PatientsAfter PrintNightmare, a new Windows Spooler vulnerability has come to light. It takes advantage of malicious printer drivers to locally gain system privileges. Windows Spooler Vulnerability: Same as PrintNightmare? The new vulnerability is not the same…
Read More Hackers Could Locally Exploit a New Windows Spooler VulnerabilityA new report by Microsoft and Citizen Lab has tracked DevilsTongue spyware, a threat that targets zero-day vulnerabilities in Windows systems. Threat actors seem to belong to an Israeli-based spyware company by its name Candiru or Sourgum. What Is a Sp…
Read More DevilsTongue Spyware Targets Windows Zero-Day VulnerabilitiesA new malware campaign is now in plain sight. Now the authors behind are represented by a Romanian cryptojacking gang that uses the “Diicot brute”, a SSH brute force without a precedent. As a Bitdefender report states, they target Linux machines relate…
Read More Romanian Cryptojacking Gang Targets Linux-machines with Weak PasswordsRansomware risk is at every corner. Now a new SonicWall security notification announced on the company’s website informs users about an imminent threat of ransomware risk. This targets the Secure Mobile Access (SMA) 100 series and Secure Remote Access …
Read More Ransomware Campaign Poses a Threat to EOL 8.x Firmware: SonicWall Security Notification ReleasedNew Ring doorbell encryption solution has been provided by Amazon for video and audio traffic security. So, from now on, if you have a Ring camera that records who enters your place or who’s near your home, this data is not so easily made availab…
Read More Ring Doorbell Encryption Now Provided by AmazonThe Cybersecurity and Infrastructure Security Agency requires U.S. federal agencies to immediately follow the CISA emergency directive intended to mitigate the PrintNightmare threat. What Has Determined the CISA Emergency Directive? PrinNightmare targe…
Read More CISA Emergency Directive Points Out to PrintNightmare: Federal Agencies Required to Take Immediate ActionWildPressure APT Group is a malicious threat actor that started its campaign in August 2019 in the Middle East. Back then, they used Milum, a Trojan with distinct characteristics. It targeted Middle East enterprises and was written in C++. Now the thre…
Read More WildPressure Campaign Goes On With One More Hit: Mac Malware Version Targets Mac OS SystemsCISA has recently raised awareness on some issues discovered in Philips Vue PACS health devices. 15 Philips Vue Vulnerabilities located in the Philips Clinical Collaboration Platform Portal represent dangerous tools in the hands of a hacker as they cou…
Read More 15 Philips Vue Vulnerabilities Might Lead to Full Takeover of the DevicesThe security updates aimed at PrintNightmare make Zebra printers crash after installed. PrintNightmare is a zero-day bug classified as CVE-2021-34527, which has made quite a stir in the cybersecurity world lately, being mistakenly made public. After th…
Read More Microsoft’s KB5004945 Security Update for PrintNigtmare Has Side Effects: Now Zebra Printers Crash4 New Square Chambers was hit by a cyberattack on the 12th of June where threat actors stole data and threatened to reveal it by blackmailing the company into paying the ransom. Now, the barristers’ chambers thought of a rather peculiar solution …
Read More Court Order Bars Threat Actors From Revealing Stolen DataMicrosoft has recently released the emergency security update KB5004945 to fix the PrintNightmare, the 0-day vulnerability that has made headlines in the world of cybersecurity lately by targeting the Windows Print Spooler. The flaw in Windows Spooler …
Read More PrintNightmare Still in the Game: Patches That Do Not Fix the Issue and Other UpdatesLast week, we reported a mass-wipe zero-day attack in My Book Live, products belonging to Western Digital. Users’ data has been totally wiped out from their devices overnight. Now, a new WD zero-day attack wrecks havoc and adds to the continuous growth…
Read More New WD Zero-Day Affects Western Digital Products That Support My Cloud OS 3Initial stage malware like malware droppers, malware downloaders, and also document-based installers are the new hidden threats in the cybersecurity world. New Proofpoint research has revealed some interesting aspects about malware dropper-based threat…
Read More The New Cyberthreats: Malware Dropper Wrecks Havoc in the Cybersecurity WorldPrintNightmare zero-day is an exploit that has made havoc among cyberattacks lately. Confused at the beginning to CVE-2021-1675, it has recently received its own classification as a zero-day bug: CVE-2021-34527 and targets the Windows Print Spooler. Mi…
Read More Microsoft Releases Security Updates to Fight Against PrintNightmare Zero-DayThe bitcoin price rise has been fluctuating lately. It was worth roughly $10,600 in October. An analysis from Baracuda Networks reveals that with the boost of the cryptocurrency popularity, threat actors thought it’s the proper time to launch some cybe…
Read More Bitcoin Price Rise Makes Way for New Cyberattacks: BEC Attacks and Phishing Impersonations on the CarpetThe bitcoin price rise has been fluctuating lately. It was worth roughly $10,600 in October. An analysis from Baracuda Networks reveals that with the boost of the cryptocurrency popularity, threat actors thought it’s the proper time to launch some cybe…
Read More Bitcoin Price Rise Makes Way for New Cyberattacks: BEC Attacks and Phishing Impersonations on the CarpetA new ransomware attack that hit one of L&I (Washington’s Department of Labor and Industries) contractors may have led to data leakage of about 16, 000 L&I employees. The threat actors targeted Pacific Market Research (PMR) on the 22nd of May a…
Read More Sensitive Data Might Have Been Subject to Public Exposure Following Ransomware AttackTrickBot Trojan, initially known as a banking trojan, but resuming its activity to distributing malware lately, is now improving the features of its old banking module to share its malicious contribution to the financial cybercrime market again. The Kr…
Read More TrickBot Trojan Strikes Again: It Updated Its Banking Trojan Module and Is Back in the GameFollowing the rumble PrintNightmare threat that targets Windows Spooler has recently caused all over the internet and the debate among researchers on whether this is the same as the vulnerability CVE-2021-1675 patched on the 8th of June or not, Microso…
Read More The PrintNightmare Threat Issue: Microsoft Shares Its InputA new cyberattack has come to light recently. A September 2020 AJG data breach has been reported by the company itself, affecting a number of the insurance company’s systems. Customer data stored on the compromised systems might have been leaked or sto…
Read More AJG Data Breach Led to Private Information Exposure: the U.S. Insurance Company Affected by a CyberattackA new cyberattack has come to light recently. A September 2020 AJG data breach has been reported by the company itself, affecting a number of the insurance company’s systems. Customer data stored on the compromised systems might have been leaked or sto…
Read More AJG Data Breach Led to Private Information Exposure: the U.S. Insurance Company Affected by a CyberattackMirai Botnet Threat appeared for the first time in 2016 and has continually posed a threat to IoT devices. McAfee has recently released a report that analyses the impact of this network. Mirai Botnet Threat and its various alternatives derived from it …
Read More Watch Out! Mirai Botnet Threat Is Closer Than You Think!Twitter announced in March that they will change the way users login into their Twitter account, by simplifying the 2FA Method. Now, an update from this week says that you can authenticate using the security keys as the only 2FA method, as the phone nu…
Read More Two-Factor Authentication Simplified: Security Keys Are Now the Only Twitter 2FA MethodTwo members from the hacking community of Detectify, Ai Ho and Bao Bui discovered a vulnerability in the Adobe Experience Manager, Adobe’s content management tool used in websites, forms, and mobile apps building. The issue was serious and Adobe …
Read More Adobe Zero-Day Exploit: Further Details on the Zero-Day Bug Patched in May by AdobeThis news was updated clarifying that PrintNightmare Exploit is not a zero-day bug and it’s the same as CVE-2021-1675, because the latter was not fully patched by Microsoft. Windows Print Spooler, the Windows software program whose job is to man…
Read More PrintNightmare Exploit Mistakenly Brought to Public’s Attention: A Malware That Could Perform a System Takeover [UPDATED]We all use ATMs. They are compulsory. The question is: are they safe? One might think that yes, of course. A recent experiment has showed the contrary. ATMs can be insecure. This is because they contain NFC vulnerabilities in their system. So, with a w…
Read More NFC Vulnerabilities Expose ATMs to Threat: a New Experiment Shows System FlawsWD My Book Live NAS devices have been victims of cyberattacks lately. As we also reported last week, a My Book Live Exploit led to a mass-factory reset of the devices, all users’ data vanishing all of a sudden. At that time, the company thought h…
Read More Zero-Day Attack Generates My Book Live Exploit Leading to Devices Being Wiped OutVarious financial cyberattacks came to US Secret Service’s attention. The federal law enforcement agency has recently made public a list of the most wanted cybercriminals. 10 suspects can be found on the list, most of them from Russia or Ukraine. Besid…
Read More Most Wanted Cybercriminals: U.S. Secret Service Publishes the List of the MomentA Telegram message via Telegram App on the 20th of June revealed an AcadeME data leakage cyberattack. DragonForce, a pro-Palestinian Malaysian threat actor group, hacked the company’s systems and exposed confidential data of about 280,000 Israeli stude…
Read More AcadeME Data Leakage Affects Several Universities: DragonForce Behind ItThe cybersecurity world made way for a new cyberattack. Zyxel, a network devices manufacturer from Taiwan, alerted its clients by e-mail of the fact that its products were targeted by threat actors. Cybercriminals’ focus stays on the Zyxel firewalls an…
Read More Zyxel Firewalls and VPN Servers: Victims of a New CyberattackA new type of malware rends the air in the cybersecurity world. A security flaw in the Microsoft’s system allowed the distribution of a driver infected with Netfilter rootkit malware in the gaming environment. The matter was firstly reported last week …
Read More Netfilter Rootkit Malware Infiltrates Into Microsoft’ Security Systems: the Gaming Community TargetedThe financial cybercrime world is facing new threats. As hackers become more creative day by day, they are also cunning and determined to become pros. A 2017 IBM-X-Force Research pointed out a fresh new malware entering the final security domain: the I…
Read More Threat Actors Reinforce Spam Campaigns: New IcedID Banking Trojan Version DiscoveredThe Check Point Research Team (CPR) has recently conducted an investigation as they suspected some Atlassian domain flaws. In a communication from Thursday, they revealed precarious system features in the Atlassian project, because of their use of SSO …
Read More Atlassian Domain Flaws Could Have Led to Data Leakage and Account Control with Just One-click ExploitThreat actors are becoming more and more cunning. A new Twitter post from Microsoft made public their process on tracking a new BazaCall Malware Campaign. Users receive e-mails that trick them into calling a pseudo-call center. They are asked to downlo…
Read More New BazaCall Malware Campaign: the Path to Introducing Malware Came To Microsoft’s AttentionA ReverseRat backdoor attack has been recently reported. A supposedly Pakistan-linked hacker targeted government institutions and power companies from South and Central Asia. India was the most affected country, followed by Afghanistan. The threat acto…
Read More South and Central Asian Government Organizations and Power Companies Suffer a ReverseRat Backdoor AttackThreat actors strike again. This time through a network weakness. A KAERI VPN vulnerability served as a way to breach the internal system at the Korea Atomic Energy Research Institute. The agency confirmed on the 18th of June a cyberattack that happene…
Read More North Korean Hackers’ New Hit: KAERI VPN Vulnerability Puts in Danger Internal NetworkCyberattacks did not skip the food retail industry in 2020. An Eggfree Cake Box data breach has been recently reported by the UK-based bakery chain itself that is popular for their fresh cream anniversary cakes. The online payments turned out to be ins…
Read More Eggfree Cake Box Data Breach: Hackers Steal Payment InfoHealth applications are very popular nowadays. For example, most people have smartwatches to help them track their physical progress when it comes to improving health conditions. Thus, accessing users’ personal data is self-explanatory. But where is th…
Read More Macquarie Uni’s Experts Reveal New Statistics: Increased Health Apps Data OversharingNo one would ever think that fitness machines can be useful tools in the hands of a hacker. It is just a fitness machine, one might say. But threat actors can be creative. A Peloton Bike Plus system vulnerability has been recently detected by McAfee. T…
Read More Fitness Machines, Cyberattack Victims Too: Peloton Bike Plus System Vulnerability DetectedAvaddon ransomware group made its appearance in 2019 for the first time, serving as a ransomware-as-a-service model (Raas) where 65% of ransomware for affiliates were negotiable, as stated in a report from eSentire. Now the threat group sent to Bleepin…
Read More Business Closed and Decryption Keys Released: Avaddon Ransomware Group Is GoneCD Projekt data breach leads to confidential information disclosure A security breach that took place in February affected CD Projekt Group, a Polish video game developer. The cause is known. It was a ransomware attack, cybercriminals getting access to…
Read More CD Projekt Data Breach: Ransomware Attack Makes Internal Data PublicWork from home comes with a cost: Canadian cyberattacks could have been described as a trend in 2020, affecting 86% of the companies in the country, states the Global Security Insights Report on the VMware Carbonblack website. Canadian cyberattacks: a …
Read More Canadian Cyberattacks in 2020: Most Organizations in Canada AffectedTwo Skinners’ Kent Academy schools were closed after a Tunbridge Wells data breach took place, cybercriminals getting access to pupils ‘personal records. What happened? BBC has recently reported that a Tunbridge Wells data breach determined Skinn…
Read More Tunbridge Wells Data Breach: Skinners’ Kent Schools Closed Following Cyberattack