US Accuses Venezuelan Doctor of Creating and Selling Ransomware
A citizen of France and Venezuela has been charged in the United States for allegedly creating, using, and selling ransomware.
read more
Author: Ionut Arghire
US Accuses Venezuelan Doctor of Creating and Selling Ransomware
A citizen of France and Venezuela has been charged in the United States for allegedly creating, using, and selling ransomware.
read more
Researchers Devise New Type of Bluetooth LE Relay Attacks
Security researchers at NCC Group have created a new tool capable of launching a new type of Bluetooth Low Energy (BLE) relay attack that bypasses existing protections and mitigations.
read more
Researchers Devise New Type of Bluetooth LE Relay Attacks
Security researchers at NCC Group have created a new tool capable of launching a new type of Bluetooth Low Energy (BLE) relay attack that bypasses existing protections and mitigations.
read more
‘Sysrv’ Botnet Targeting Recent Spring Cloud Gateway Vulnerability
A new variant of the Sysrv botnet has added a recent Spring Cloud Gateway vulnerability to its exploit portfolio, Microsoft warns.
The Sysrv botnet has been active since at least late 2020, looking to exploit known security bugs in access interfaces in…
SonicWall Patches Unauthorized Access Vulnerability in SMA Appliances
SonicWall has released patches for multiple vulnerabilities in its Secure Mobile Access (SMA) series appliances, including a high-severity issue that could lead to unauthorized access.
read more
Iran-Linked OilRig APT Caught Using New Backdoor
The Iran-linked hacking group OilRig was observed using a new backdoor in an attack against a government official within Jordan’s foreign ministry, according to new research published this week.
read more
devOcean Emerges From Stealth With Cloud-Native Security Operations Platform
devOcean has emerged from stealth mode with a cloud-native security operations platform and $6 million in funding. The company’s seed round was led by Glilot Capital Partners, with participation from angel investors.
read more
‘IceApple’ Post-Exploitation Framework Created for Long-Running Operations
CrowdStrike has detailed a new post-exploitation framework that could be the work of a state-sponsored threat actor, one likely linked to China.
read more
Ukrainian Sentenced to US Prison for Selling Hacked Credentials
A Ukrainian national has been sentenced to four years in a US prison for decrypting stolen usernames and passwords and selling them on a dark web marketplace.
read more
Organizations in Europe Targeted With New ‘Nerbian’ RAT
Proofpoint’s security researchers have documented a new remote access trojan (RAT) being used in a series of recent attacks targeting various industries in multiple European countries.
read more
Application Security Firm StackHawk Bags $20.7 Million in Series B Funding
Application security startup StackHawk today announced that it has raised $20.7 million in Series B funding, which brings the total investment in the company to $35.3 million.
The funding round was co-led by Sapphire Ventures and Costanoa Ventures, wit…
Iranian Cyberspy Group Launching Ransomware Attacks Against US
Over the past several months, Iran-linked cyberespionage group Charming Kitten has been engaging in financially-motivated activities, the Secureworks Counter Threat Unit (CTU) reports.
read more
HP Patches UEFI Vulnerabilities Affecting Over 200 Computers
HP on Wednesday announced the release of patches for two high-severity vulnerabilities that impact the UEFI firmware of more than 200 laptops, workstations, and other products.
read more
Intel Patches High-Severity Vulnerabilities in BIOS, Boot Guard
Intel on Tuesday announced the release of patches for multiple vulnerabilities across its product portfolio, including a series of high-severity vulnerabilities in the BIOS firmware of several processor models.
read more
Chrome 101 Update Patches High-Severity Vulnerabilities
Google this week announced the release of a Chrome browser update that resolves a total of 13 vulnerabilities, including nine that were reported by external researchers.
Of the externally reported security holes, seven are use-after-free bugs – these t…
Healthcare Technology Provider Omnicell Discloses Ransomware Attack
Healthcare technology company Omnicell revealed in a filing with the United States Securities and Exchange Commission (SEC) that it recently fell victim to a ransomware attack.
read more
SAP Patches Spring4Shell Vulnerability in More Products
As part of its May 2022 Security Patch Day, SAP announced on Tuesday the release of eight new and four updated security notes, including three that address the recent Spring4Shell vulnerability in more products.
read more
Windows Print Spooler Vulnerabilities Increasingly Exploited in Attacks
The number of attacks targeting Windows Print Spooler vulnerabilities has been increasing, according to cybersecurity firm Kaspersky.
read more
Microsoft Azure Vulnerability Allowed Code Execution, Data Theft
Microsoft on Monday shared information on patches and mitigations for a vulnerability impacting Azure Data Factory and Azure Synapse Pipelines.
read more
Ransomware Attack Hits Production Facilities of Agricultural Equipment Giant AGCO
Agricultural equipment giant AGCO says its business operations have been impacted after falling victim to a ransomware attack last week.
AGCO designs, makes, and distributes agricultural machinery and precision technology, offering equipment under bran…
RubyGems Fixes Critical Gem Takeover Vulnerability
RubyGems has addressed a critical vulnerability that could have allowed any RubyGems.org user to remove and replace certain Ruby gems.
A package hosting service for the Ruby programming language, RubyGems.org hosts more than 170,000 gems. RubyGems also…
Zero Trust VPN Company Tailscale Raises $100 Million
Zero trust enterprise VPN provider Tailscale this week announced that it has closed a $100 million Series B funding round that brings the total raised by the company to $115 million.
The investment round was led by CRV and Insight Partners, with partic…
Heroku Shares Details on Recent GitHub Attack
Platform-as-a-service company Heroku this week shared additional details on an April cyberattack that resulted in unauthorized access to multiple customers’ GitHub repositories.
read more
Tech Giants Unite in Effort to Scrap Passwords
Apple, Google, and Microsoft announce support for passwordless sign-in via FIDO open authentication standard
read more
GitHub Announces Mandatory 2FA for Code Contributors
Code hosting platform GitHub on Wednesday said it would make it mandatory for software developers to use at least one form of two-factor authentication (2FA) by the end of 2023.
read more
Android’s May 2022 Security Updates Patch 36 Vulnerabilities
Google this week announced the release of patches for 36 vulnerabilities as part of its May 2022 security updates for Android, including one that appears to have been exploited.
read more
FBI: Losses From BEC Scams Surpass $43 Billion
The Federal Bureau of Investigation says business email compromise (BEC) and email account compromise (EAC) losses have surpassed $43 billion globally.
read more
Cisco Patches Critical VM Escape in NFV Infrastructure Software
Cisco on Wednesday announced patches to address severe vulnerabilities in Enterprise Network Function Virtualization Infrastructure Software (NFVIS), including a critical bug that allows attackers to escape from a guest virtual machine (VM).
read more
…
Kaspersky Warns of Fileless Malware Hidden in Windows Event Logs
Threat hunters at Kaspersky are publicly documenting a malicious campaign that abuses Windows event logs to store fileless last stage Trojans and keep them hidden in the file system.
read more
Google Sees More APTs Using Ukraine War-Related Themes
Researchers at Google’s Threat Analysis Group (TAG) say the number of advanced threat actors using Ukraine war-related themes in cyberattacks went up in April with a surge in malware attacks targeting critical infrastructure.
read more
Application Security Firm ShiftLeft Raises $29 Million
Application security firm ShiftLeft on Tuesday announced that it has received $29 million in expansion capital funding, which brings the total raised by the company to over $58 million.
The new funding round was led by Blackstone Innovations Investment…
Chinese Hackers Abuse Cybersecurity Products for Malware Execution
Researchers at cybersecurity firm SentinelOne have observed a Chinese hacking group taking a trial-and-error approach to abusing antivirus applications for the sideloading of malicious DLLs.
read more
Cyberespionage Group Targeting M&A, Corporate Transactions Personnel
Security researchers at Mandiant are documenting the discovery of a new hacking group focused on cyberespionage targeting employees responsible for corporate development, large corporate transactions, and mergers and acquisitions.
read more
DoD Announces Results of Vulnerability Disclosure Program for Defense Contractors
The US Department of Defense (DoD) on Monday announced the conclusion of a 12-month pilot Defense Industrial Base-Vulnerability Disclosure Program (DIB-VDP) aimed at finding flaws in contractor networks.
read more
California Man Convicted for Stealing Millions From DoD via Phishing Scheme
A California man was convicted last week for his role in a multi-million dollar phishing scheme targeting the US Department of Defense (DoD).
read more
Russian Cyberspies Target Diplomats With New Malware
Russian cyberespionage group APT29 has been observed using new malware and techniques in phishing campaigns targeting diplomatic organizations in Europe, the Americas, and Asia, Mandiant reports.
read more
Google Rolls Out Developer Preview of Android Privacy Sandbox
Google has taken another step toward enabling new privacy-focused advertising solutions on Android, with the release of Privacy Sandbox in developer preview.
read more
GitHub Says Recent Attack Was Highly Targeted
Microsoft-owned code hosting platform GitHub says the recent cyberattack that resulted in the cloning of private repositories was highly targeted in nature.
read more
Smallstep Raises $26 Million for Automated Certificate Management Platform
Certificate management startup Smallstep Labs announced that it has raised $26 million in funding from several venture capital firms.
read more
Google Offering Up to $1.5 Million for Android 13 Beta Exploits
In an effort to improve the security of its mobile operating system, Google has temporarily increased the bug bounty payouts for vulnerabilities identified in Android 13 beta.
read more
New ‘Bumblebee’ Malware Loader Used by Several Cybercrime Groups
Cybersecurity companies have analyzed “Bumblebee,” a relatively new custom malware downloader that appears to have been used by several cybercrime groups.
read more
New OpenSSF Project Hunts for Malicious Packages in Open Source Repositories
The Open Source Security Foundation (OpenSSF) has announced a new project whose goal is to help identify malicious packages in open source repositories.
read more
Many Internet-Exposed Servers Affected by Exploited Redis Vulnerability
Rapid7 security researchers have identified 2,000 internet-exposed Linux servers that appear to be impacted by a Redis vulnerability that has been exploited in attacks.
read more
Data Security Firm Veza Emerges From Stealth With $110 Million in Funding
Data security company Veza has emerged from stealth mode after raising more than $110 million in funding.
The investment came from venture firms such as Accel, Ballistic Ventures, Bain Capital, Norwest Venture Partners, GV, and True Ventures, as well a…
Cisco Patches 11 High-Severity Vulnerabilities in Security Products
Cisco this week announced the release of its April 2022 bundle of security advisories for Cisco Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC).
read more
Cloudflare Customer Targeted in Record HTTPS DDoS Attack
Security and web performance services provider Cloudflare recently mitigated the largest HTTPS distributed denial-of-service (DDoS) attack it has seen to date.
read more
Over 300,000 Internet-Exposed Databases Identified in 2021
Cybersecurity firm Group-IB identified more than 91,000 publicly-exposed databases in the first quarter of 2022, significantly more than in the previous year.
read more
Risk Intelligence Company Strider Raises $45 Million
Risk intelligence startup Strider Technologies today announced that it has raised $45 million in Series B funding, which brings the total investment in the company to $57 million.
The new funding round was led by Valor Equity Partners, with additional …
Chinese Cyberspies Targeting Russian Military
A China-linked state-sponsored cyberespionage group has started targeting the Russian military in recent attacks, which aligns with China’s interests in the Russia-Ukraine war, Secureworks reports.
read more
Chrome 101 Patches 30 Vulnerabilities
Google this week announced that Chrome 101 was released to the stable channel with 30 security fixes inside, including 25 for vulnerabilities identified by external security researchers.
read more
German Wind Turbine Firm Hit by ‘Targeted, Professional Cyberattack’
German wind turbine giant Deutsche Windtechnik has issued a notification to warn that some of its IT systems were impacted in a targeted professional cyberattack earlier this month.
read more
Web Application Security Firm Source Defense Raises $27 Million
Source Defense, a provider of web application client-side protection, says it pocketed $27 million in Series B funding, bringing the total investment raised by the company to $47 million.
read more
4-Hour Time-to-Ransom Seen in Quantum Attack as Accelerated Ransomware Increasingly Common
As part of a recent cyberattack, threat actors deployed ransomware less than four hours after compromising the victim’s environment, according to researchers with The DFIR Report.
read more
Meta Offers Rewards for Flaws Allowing Attackers to Bypass Integrity Checks
Facebook parent company Meta today announced that its bug bounty program will cover vulnerabilities that can be exploited to bypass integrity safeguards.
read more
Access Bypass, Data Overwrite Vulnerabilities Patched in Drupal
Drupal on Wednesday announced the release of security updates to resolve a couple vulnerabilities that could lead to access bypass and data overwrite.
read more
Cisco Patches Virtual Conference Software Vulnerability Reported by NSA
Cisco on Wednesday announced the release of patches for several high-severity vulnerabilities in its products, including a bug reported by the National Security Agency (NSA).
read more
FBI Shares Information on BlackCat Ransomware Attacks
The Federal Bureau of Investigation (FBI) this week published indicators of compromise (IOCs) associated with the BlackCat Ransomware-as-a-Service (RaaS).
read more
New BotenaGo Variant Infects Lilin Security Cameras With Mirai
A newly identified variant of the BotenaGo malware is specifically targeting security cameras manufactured by Taiwan-based Lilin, warns OT and IoT security firm Nozomi Networks.
read more
ThreatLocker Raises $100 Million for Zero Trust Endpoint Security Solution
Zero Trust endpoint security provider ThreatLocker this week announced that it has raised $100 million in Series C funding, which brings the total investment in the company to $124.4 million.
The new funding round was led by General Atlantic, with addi…
Serious Vulnerabilities Found in AWS’s Log4Shell Hot Patches
Hot patches made available by Amazon Web Services (AWS) in response to the recent Log4j vulnerabilities could be exploited for privilege escalation or to escape containers, according to Palo Alto Networks.
read more
Oracle Releases 520 New Security Patches With April 2022 CPU
Oracle on Tuesday announced the release of 520 security fixes as part of its April 2022 Critical Patch Update (CPU), including nearly 300 for vulnerabilities that can be exploited remotely without authentication.
read more
Firmware Flaws Allow Disabling Secure Boot on Lenovo Laptops
Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.
read more
Over 30 Countries Take Part in NATO’s ‘Locked Shields 2022’ Cyber Exercise
NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) on Tuesday kicked off the thirteen installment of Locked Shields, its annual live-fire cyber defense exercise.
read more
Online Fraud Prevention Startup SEON Raises $94 Million
Online fraud prevention startup SEON today announced that it has closed a $94 million Series B funding round that brings the total investment in the company to $107 million.
The funding round was led by IVP, with additional investment from Creandum and…
US: Hackers Continue Aiding North Korea Generate Funds via Cryptocurrency Attacks
North Korean state-sponsored hacking group Lazarus continues to target blockchain and cryptocurrency organizations in recent campaigns, the United States government warns.
read more
Webex Monitors Microphone Even When Muted, Researchers Say
Cisco’s enterprise-facing Webex video conferencing and messaging utility monitors the microphone at all times, even when the user’s microphone is muted in the software, according to warning from a group of academic researchers.
read more
FBI Warns of ‘Reverse’ Instant Payments Phishing Schemes
The Federal Bureau of Investigation (FBI) has issued an alert on a new phishing scheme aimed at tricking victims into making money transfers to accounts controlled by cybercriminals.
read more
GitHub Warns of Private Repositories Downloaded Using Stolen OAuth Tokens
GitHub has sounded the alarm on a cyberattack that resulted in the private repositories of dozens of organizations being downloaded by an unauthorized party abusing stolen OAuth user tokens.
The incident was identified on April 12, when the code hostin…
Juniper Networks Patches Vulnerabilities in Contrail Networking, Junos OS
Juniper Networks this week announced the release of patches for more than 30 vulnerabilities across its portfolio, including severe flaws in Contrail Networking and Junos OS.
read more
Conti Ransomware Gang Claims Cyberattack on Wind Turbine Giant Nordex
The Conti ransomware gang has claimed responsibility for a cyberattack that forced wind turbine giant Nordex to shut down internal systems on March 31.
The incident, the company revealed in early April, was identified at an early stage, but resulted in…
New ‘Enemybot’ DDoS Botnet Targets Routers, Web Servers
A recently identified DDoS botnet has targeted several router models and various types of web servers by exploiting known vulnerabilities, Fortinet warns.
read more
Google Patches Third Actively Exploited Chrome Zero-Day of 2022
A Chrome 100 update that Google announced on Thursday resolves two vulnerabilities in the popular browser, including one already exploited in the wild.
read more
Cloud Security Startup DoControl Raises $30 Million
Cloud data security startup DoControl has closed a $30 million Series B funding round that brings the total raised by the company to $43 million.
The financing round was led by Insight Partners, with additional investments from Cardumen Capital, CrowdS…
Critical Vulnerability in Elementor Plugin Impacts Millions of WordPress Sites
A critical vulnerability addressed in the Elementor WordPress plugin could allow authenticated users to upload arbitrary files to affected websites, potentially leading to code execution.
Elementor is a drag-and-drop website builder for WordPress that …
Cisco Patches Critical Vulnerability in Wireless LAN Controller
Cisco announced on Wednesday that updates released for its Wireless LAN Controller (WLC) software address a critical vulnerability that could allow an attacker to bypass authentication.
read more
Wind Turbine Giant Nordex Scrambling to Recover From Cyberattack
Nordex says cyber incident limited to internal IT infrastructure, wind turbine farms unaffected
read more
MDR Provider Critical Start Lands $215 Million Growth Investment
Managed detection and response (MDR) solutions provider Critical Start on Tuesday announced that it has received more than $215 million in strategic growth funding from private equity firm read more
Citrix Patches Vulnerabilities in Several Products
Citrix this week announced patches for multiple vulnerabilities across its product portfolio, including a high-severity issue in SD-WAN.
read more
SAP Releases Patches for Spring4Shell Vulnerability
German software maker SAP announced on Tuesday that more than 30 new and updated security notes were released on its April 2022 Security Patch Day, including notes that deal with the Spring4Shell vulnerability.
read more
Silverfort Banks $65 Million for Identity Threat Protection Platform
Identity security firm Silverfort on Tuesday announced closing a $65 million Series C funding round that brings the total raised by the company to just over $100 million.
read more
Amazon RDS Vulnerability Led to Exposure of Credentials
Amazon Web Services (AWS) on Monday announced that it recently addressed a vulnerability in Amazon Relational Database Service (RDS) that could lead to the exposure of internal credentials.
read more
500,000 Impacted by Email Breach at Illinois Healthcare Firm
Christie Business Holdings Company (Christie Clinic), a major medical practice in Illinois, is informing roughly 500,000 individuals that their personal information was potentially compromised in a data breach.
read more
Chrome 100 Update Patches High-Severity Vulnerabilities
The latest Chrome security update started rolling out on Monday with patches for 11 vulnerabilities.
Ten of the addressed vulnerabilities were reported by external researchers. Of these, eight are rated “high severity” and two “medium severity.”
read m…
Raspberry Pi Removes Default User to Improve Security
In an attempt to improve security, the latest Raspberry Pi OS release no longer creates a default “pi” account, requiring users to set up custom accounts instead.
read more
‘Octo’ Android Trojan Allows Cybercrooks to Conduct On-Device Fraud
Threat Fabric security researchers have analyzed an Android banking trojan that allows its operators to perform on-device fraud.
read more
Snap-on Tools Hit by Cyberattack Claimed by Conti Ransomware Gang
Conti ransomware gang claimed responsibility for cyberattack on Wisconsin-based tool maker
read more
Third Member of FIN7 Cybercrime Gang Sentenced to US Prison
A Ukrainian national was sentenced on Thursday to five years in prison in the United States for his role in the infamous FIN7 hacking group.
The man, Denys Iarmak, 32, was a high-level hacker within FIN7, also referred to as a “pen tester,” working wit…
Blockchain Security Firm CertiK Raises $88 Million at $2 Billion Valuation
Blockchain security startup CertiK on Thursday announced that it has raised $88 million in a Series B3 funding round, which boosted its valuation above the $2 billion mark. Over the past nine months, the company has raised $230 million.
read more
Google Updates Target API Level Requirements for Android Apps
Google this week announced updated target level API requirements for Android applications in an attempt to improve the overall security of the ecosystem.
read more
Windows Autopatch Aims to Make Patch Tuesday ‘Just Another Tuesday’ for Enterprises
Microsoft this week announced Windows Autopatch, a new automatic updates service for Windows 10 and 11 Enterprise E3 customers that will manage all software, firmware, driver, and enterprise app updates.
read more
SharkBot Android Malware Continues Popping Up on Google Play
Over the past couple of months, security researchers identified several applications in Google Play that were designed to download the SharkBot Android trojan.
read more
Zoom Paid Out $1.8 Million in Bug Bounties in 2021
Video communications giant Zoom this week announced that it paid out roughly $1.8 million in bug bounty rewards in 2021.
The company launched its bug bounty program on the HackerOne platform in 2019, and says it has handed out more than $2.4 million in…
VMware Patches Five Critical Vulnerabilities in Workspace ONE Access
VMware on Wednesday announced patches for several critical and high-severity vulnerabilities affecting Workspace ONE Access and other products.
read more
Microsoft Adds On-Premises Exchange, SharePoint, Skype to Bug Bounty Program
Microsoft announced this week that on-premises versions of Exchange, SharePoint, and Skype for Business have been added to its Applications and On-Premises Servers Bounty Program.
The tech giant is offering up to $26,000 in rewards for eligible reports…
Google Doubles Rewards for Nest and Fitbit Vulnerabilities
Google on Tuesday announced that security researchers submitting eligible Google Nest and Fitbit vulnerability reports through its bug bounty program can now receive double the usual bounty payouts.
read more
Coro Raises $80 Million for Cybersecurity Platform for Mid-Market Organizations
Coro this week announced that it has raised $60 million in a Series C funding round that brings the total raised over the past six months to $80 million.
The latest funding round was led by Balderton Capital, with participation from Jerusalem Venture P…
FIN7 Cybercrime Operation Continues to Evolve Despite Arrests
Despite recent arrests and convictions, the FIN7 cybercrime operation has continued to evolve, with hackers updating their tools and techniques and changing monetization strategies, according to cybersecurity firm Mandiant.
read more
44 Vulnerabilities Patched in Android With April 2022 Security Updates
The Android updates released by Google for April 2022 include patches for 44 vulnerabilities, including several rated “critical severity.”
As usual, the update was split into two parts, with the first of them arriving on devices as the “2022-04-01 secu…
US State Department Launches Cyberspace and Digital Diplomacy Bureau
The US Department of State on Monday announced the creation of the Bureau of Cyberspace and Digital Policy (CDP).
The new entity was created to deal with national security challenges, but also with the implications of cyberspace and digital technologie…