malware

XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware campaign targeting Xcode developers that employed a re-engineered version of the XCSSET malware to support Apple’s new M1 chips. The new variant also implements new […]

The post XCSSET malware now targets macOS 11 and M1-based Macs appeared first on Security Affairs.

Read More XCSSET malware now targets macOS 11 and M1-based Macs

A new ransomware dubbed ‘NitroRansomware’ has appeared in the threat landscape, it demands a Discord Nitro gift code to decrypt files. Researchers from BleepingComputer reported infections of a new singular ransomware dubbed NitroRansomware which demands a Discord Nitro gift code to the victims to decrypt their files. Discord is a free VoIP, instant messaging and […]

The post Nitroransomware demands gift codes as ransom payments appeared first on Security Affairs.

Read More Nitroransomware demands gift codes as ransom payments

The software company Codecov suffered a security breach, threat actors compromised the supply chain of one of its tools. A new supply chain attack made the headlines, the software company Codecov recently disclosed a major security breach after a threat actor compromised its infrastructure to inject a credentials harvester code to one of its tools […]

The post Codecov was a victim of a supply chain attack appeared first on Security Affairs.

Read More Codecov was a victim of a supply chain attack

Threat actors targeted are exploiting the ProxyLogon vulnerabilities in Microsoft Exchange servers to deploy Monero cryptocurrency miners. Sophos researchers reported that threat actors targeted Microsoft Exchange by exploiting ProxyLogon vulnerabilities to deploy malicious Monero cryptominer in an unusual attack. The unknown attacker is attempting to deliver a payload which is being hosted on a compromised […]

The post Monero Cryptocurrency campaign exploits ProxyLogon flaws appeared first on Security Affairs.

Read More Monero Cryptocurrency campaign exploits ProxyLogon flaws

Fedir Hladyr (35), a Ukrainian national was sentenced today to 10 years in prison for his role in the financially motivated group FIN7, aka Carbanak. The Ukrainian national Fedir Hladyr (35), aka “das” or “AronaXus,” was sentenced to 10 years in prison for having served as a manager and systems administrator for the financially motivated […]

The post A member of the FIN7 group was sentenced to 10 years in prison appeared first on Security Affairs.

Read More A member of the FIN7 group was sentenced to 10 years in prison

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Is the recent accident at Iran Natanz nuclear plant a cyber attack? Joker malware infected 538,000 Huawei Android devices Personal data of 1.3 million Clubhouse users leaked online Fitch Ratings: […]

The post Security Affairs newsletter Round 310 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 310

Experts warn of malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. Since January, researchers observed malware campaigns delivering the BazarLoader malware abusing popular collaboration tools like Slack and BaseCamp. The campaigns aimed at employees of large organizations, the messages attempt to trick the victims that they contain important information […]

The post Is BazarLoader malware linked to Trickbot operators? appeared first on Security Affairs.

Read More Is BazarLoader malware linked to Trickbot operators?

Google Project Zero security team has updated its vulnerability disclosure policy, it gives users 30 days to patch flaws before disclosing associated technical details. The Google Project Zero security team announced an update to its vulnerability disclosure policy, it could include additional 30 days to the disclosure process for some bugs to give end-users enough […]

The post Google Project Zero updates vulnerability disclosure policy moving to a “90+30” model appeared first on Security Affairs.

Read More Google Project Zero updates vulnerability disclosure policy moving to a “90+30” model

SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in February 2021. […]

The post 6 out of 11 EU agencies running Solarwinds Orion software were hacked appeared first on Security Affairs.

Read More 6 out of 11 EU agencies running Solarwinds Orion software were hacked

Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable devices. Cybersecurity vendor Juniper Networks addressed a critical vulnerability in Junos OS, tracked as CVE-2021-0254, that could allow an attacker to remotely hijack or disrupt affected devices. This flaw stems from the improper buffer size […]

The post Critical RCE can allow attackers to compromise Juniper Networks devices appeared first on Security Affairs.

Read More Critical RCE can allow attackers to compromise Juniper Networks devices

The US government warned that Russian cyber espionage group SVR is exploiting five known vulnerabilities in enterprise infrastructure products. The U.S. National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have published a joint advisory that warns that Russia-linked APT group SVR  (aka APT29, Cozy Bear, and The Dukes). […]

The post Russia-linked APT SVR actively targets these 5 flaws appeared first on Security Affairs.

Read More Russia-linked APT SVR actively targets these 5 flaws

Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code.  Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt”, via threat intelligence systems and our in-house osquery-based sandbox. Upon analysis, we identified several codes, techniques and implementations of Gafgyt, […]

The post Mirai code re-use in Gafgyt appeared first on Security Affairs.

Read More Mirai code re-use in Gafgyt

Group-IB observed the North Korea-linked Lazarus APT group stealing cryptocurrency using a never-before-seen tool. In the last five years, JavaScript sniffers have grown into one of the most dangerous threats for e-commerce businesses. The simple nature of such attacks combined with the use of malicious JavaScript code for intercepting payment data attract more and more […]

The post Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto appeared first on Security Affairs.

Read More Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto

The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence Service (SVR). The U.S. and U.K. attributed with “high confidence” the supply chain attack on SolarWinds to operatives working for Russia’s Foreign Intelligence Service (SVR) (ska APT29, Cozy Bear, and The Dukes). The UK, US […]

The post US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack appeared first on Security Affairs.

Read More US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack

Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts. More than $760 million worth of Bitcoin, stolen from Asian cryptocurrency exchange Bitfinex in 2016, were moved on Wednesday to new accounts. On August 2016, the Asian Bitfinex suffered a security breach that resulted in the […]

The post Cyber thieves move $760 million stolen in the 2016 Bitfinex heist appeared first on Security Affairs.

Read More Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released notes, one of them fixes a critical issue in SAP Commerce. April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released ones, among the issues addressed by the software giant there is a […]

The post April 2021 Security Patch Day fixes a critical flaw in SAP Commerce appeared first on Security Affairs.

Read More April 2021 Security Patch Day fixes a critical flaw in SAP Commerce

For the second time in a week, a Chromium zero-day remote code execution exploit code has been released on Twitter, multiple browsers impacted. A new Chromium zero-day remote code execution exploit has been released on Twitter this week, kile the previous one that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. The […]

The post For the second time in a week, a Google Chromium zero-day released online appeared first on Security Affairs.

Read More For the second time in a week, a Google Chromium zero-day released online

WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s device. WhatsApp recently addressed two security vulnerabilities in its app for Android that could have been exploited by remote attackers to execute malicious code on a target device and potentially eavesdrop on communications. The vulnerabilities […]

The post WhatsApp flaws could have allowed hackers to remotely hack mobile devices appeared first on Security Affairs.

Read More WhatsApp flaws could have allowed hackers to remotely hack mobile devices

FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked in 2020 FireEye published its annual report, titled M-Trend 2021, which is based on the data collected during the investigation on security incidents it managed. Most of the incidents investigated by Mandiant (59%) in 2020 […]

The post FireEye: 650 new threat groups were tracked in 2020 appeared first on Security Affairs.

Read More FireEye: 650 new threat groups were tracked in 2020

FBI log into web shells that hackers installed on Microsoft Exchange email servers across the US and removed the malicious code used by threat actors. A US judge granted the FBI the power to log into web shells that were injected by nation-state hackers on Microsoft Exchange servers across the US and remove the malware, […]

The post FBI silently removed web shells planted on Microsoft Exchange servers in the US appeared first on Security Affairs.

Read More FBI silently removed web shells planted on Microsoft Exchange servers in the US

The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. The Swedish Sports Confederation is the umbrella organisation of the Swedish sports movement, it was hacked by Russian military intelligence in a campaign conducted between December 2017 and May 2018, officials said. In the same period, Russia-linked […]

The post Sweden blames Russia for Swedish Sports Confederation hack appeared first on Security Affairs.

Read More Sweden blames Russia for Swedish Sports Confederation hack

Microsoft patch Tuesday security updates address four high and critical vulnerabilities in Microsoft Exchange Server that were reported by the NSA. Microsoft patch Tuesday security updates released today have addressed four critical and high severity vulnerabilities in Exchange Server (CVE-2021-28480, CVE-2021-28481, CVE-2021-28482, CVE-2021-28483), some of these flaws were reported by the U.S. National Security Agency (NSA). All the […]

The post Microsoft fixes 2 critical Exchange Server flaws reported by the NSA appeared first on Security Affairs.

Read More Microsoft fixes 2 critical Exchange Server flaws reported by the NSA

Adobe has addressed security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Adobe has fixed ten security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Seven vulnerabilities have been rated as critical, some of them could be exploited by remote attackers to execute arbitrary code. Adobe has released two […]

The post Adobe addresses two critical vulnerabilities in Photoshop appeared first on Security Affairs.

Read More Adobe addresses two critical vulnerabilities in Photoshop

The exploit code for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station video management system is available online. An exploit for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices was publicly released. The vulnerability, tracked as CVE-2020-2501, is a stack-based buffer overflow issue that affects […]

The post Experts released PoC exploit code for a critical RCE in QNAP NAS devices appeared first on Security Affairs.

Read More Experts released PoC exploit code for a critical RCE in QNAP NAS devices

Security experts disclosed nine flaws, collectively tracked as NAME:WRECK, affecting implementations of the DNS protocol in popular TCP/IP network communication stacks. Security researchers disclosed nine vulnerabilities, collectively tracked as NAME:WRECK, that affect implementations of the Domain Name System protocol in popular TCP/IP network communication stacks running on at least 100 million devices. The flaws were […]

The post Millions of devices impacted by NAME:WRECK flaws appeared first on Security Affairs.

Read More Millions of devices impacted by NAME:WRECK flaws

An Indian security researcher has published a proof-of-concept (PoC) exploit code for a vulnerability impacting Google Chrome and other Chromium-based browsers. The Indian security researcher Rajvardhan Agarwal has publicly released a proof-of-concept exploit code for a recently discovered vulnerability that affects Google Chrome, Microsoft Edge, and other Chromium-based browsers (i.e. Opera, Brave). The researchers uploaded the PoC […]

The post Expert publicly released Chromium-based browsers exploit demonstrated at Pwn2Own 2021 appeared first on Security Affairs.

Read More Expert publicly released Chromium-based browsers exploit demonstrated at Pwn2Own 2021

Pulse Secure VPN users were not able to login due to the expiration of a code signing certificate used to digitally sign and verify software components. Pulse Secure VPN users were not able to login after a code signing certificate used to digitally sign and verify software components has expired. Multiple users have reported on […]

The post Expired certificate caused a Pulse Secure VPN global scale outage appeared first on Security Affairs.

Read More Expired certificate caused a Pulse Secure VPN global scale outage

President Joe Biden has appointed two former senior NSA officials for two prominent cyber roles in his administration. President Joe Biden has assigned to two former senior National Security Agency (NSA) officials key cyber roles in his administration. The first name was John Chris Inglis, who was nominated as the first-ever National Cyber Director, a role […]

The post Two former NSA Officials appointed by Joe Biden for prominent cyber roles appeared first on Security Affairs.

Read More Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Microsoft released as open-source the ‘CyberBattleSim Python-based toolkit which is an Enterprise Environment Simulator. Microsoft has recently announced the open-source availability of the Python-based enterprise environment simulator. named ‘CyberBattleSim.’ “CyberBattleSim is an experimentation research platform to investigate the interaction of automated agents operating in a simulated abstract enterprise network environment. The simulation provides a high-level […]

The post Microsoft is open sourcing CyberBattleSim Enterprise Environment Simulator appeared first on Security Affairs.

Read More Microsoft is open sourcing CyberBattleSim Enterprise Environment Simulator

LinkedIn has formally denied that the recently disclosed data leak was caused by a security breach, data were obtained via web scraping. LinkedIn has issued a formal statement to deny that the recent leak that exposed the account details of more than 500 million of its registered users was caused by a security breach. A […]

The post LinkedIn confirmed that it was not a victim of a data breach appeared first on Security Affairs.

Read More LinkedIn confirmed that it was not a victim of a data breach

Fitch Ratings is warning that cyberattacks could pose a risk to water and sewer utilities potentially impacting their ability to repay debt. Fitch Ratings Inc. is an American credit rating agency and is one of the “Big Three credit rating agencies”, the other two being Moody’s and Standard & Poor’s. It is one of the […]

The post Fitch Ratings: Cyberattacks could pose a material risk to water and sewer utilities appeared first on Security Affairs.

Read More Fitch Ratings: Cyberattacks could pose a material risk to water and sewer utilities

On Sunday, an “accident” occurred in the electricity distribution network at Iran’s Natanz nuclear facility, experts speculate it was caused by a cyberattack. A mysterious incident occurred on Sunday at the Natanz nuclear enrichment site and the media speculate it was caused by a cyber attack. The “accident” impacted the electricity distribution network at Iran’s […]

The post Is the recent accident at Iran Natanz nuclear plant a cyber attack? appeared first on Security Affairs.

Read More Is the recent accident at Iran Natanz nuclear plant a cyber attack?

An SQL database containing the personal data of 1.3 million Clubhouse users was leaked online for free, a few days after LinkedIn and Facebook suffered similar leaks. Researchers from Cyber News have discovered that the personal data of 1.3 million Clubhouse users was leaked online days after LinkedIn and Facebook also suffered data leaks. The […]

The post Personal data of 1.3 million Clubhouse users leaked online appeared first on Security Affairs.

Read More Personal data of 1.3 million Clubhouse users leaked online

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Clop Ransomware operators plunder US universities Malware attack on Applus blocked vehicle inspections in some US states 2,5M+ users can check whether their data were exposed in Facebook data leak […]

The post Security Affairs newsletter Round 309 appeared first on Security Affairs.

Read More Security Affairs newsletter Round 309

More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android store. More than 500,000 Huawei users were infected with the Joker malware after they have downloaded tainted apps from the company’s official Android store. The fight to the Joker malware (aka Bread) begun in September […]

The post Joker malware infected 538,000 Huawei Android devices appeared first on Security Affairs.

Read More Joker malware infected 538,000 Huawei Android devices

APKPure, one of the largest alternative app stores, was the victim of a supply chain attack, threat actors compromised client version 3.17.18 to deliver malware. Multiple security experts discovered threat actors tampered with the APKPure client version 3.17.18 of the popular alternative third-party Android app store. APKPure is available only on devices that use Google […]

The post Hackers compromised APKPure client to distribute infected Apps appeared first on Security Affairs.

Read More Hackers compromised APKPure client to distribute infected Apps

Microsoft researchers spotted a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Security experts from Microsoft have uncovered a malware campaign abusing contact forms on legitimate websites to deliver the IcedID malware. Threat actors behind the operation are using contact forms published on websites to deliver malicious links to enterprises […]

The post Crooks abuse website contact forms to deliver IcedID malware appeared first on Security Affairs.

Read More Crooks abuse website contact forms to deliver IcedID malware

The FBI arrested a man for allegedly planning a bomb attack against Amazon Web Services (AWS) to kill about 70% of the internet. The FBI arrested Seth Aaron Pendley (28), from Texas, for allegedly planning to launch a bomb attack against Amazon Web Services (AWS) data center on Smith Switch Road in Ashburn, Virginia. The […]

The post This man was planning to kill 70% of Internet in a bomb attack against AWS appeared first on Security Affairs.

Read More This man was planning to kill 70% of Internet in a bomb attack against AWS

Zero-day broker Zerodium announced that will triples payouts for remote code execution exploits for the popular WordPress content management system. Zero-day broker Zerodium has tripled the payouts for exploits for the WordPress content management system that could be used to achieve remote code execution. Zerodium announced via Twitter that is temporarily offering a $300,000 payout […]

The post Zerodium will pay $300K for WordPress RCE exploits appeared first on Security Affairs.

Read More Zerodium will pay $300K for WordPress RCE exploits

Cisco announced it will not release security updates to address a critical security vulnerability affecting some of its Small Business routers. Cisco is urging customers that are using some of its Small Business routers to replace their devices because they will no longer receive security updates. According a security advisory published by the company, Cisco […]

The post Cisco will not release updates to fix critical RCE flaw in EoF Business Routers appeared first on Security Affairs.

Read More Cisco will not release updates to fix critical RCE flaw in EoF Business Routers

The Pwn2Own 2021 hacking competition was concluded, participants earned more than $1.2 million, the greatest total payout ever. The Pwn2Own 2021 hacking competition reached the end, participants earned more than $1.2 million which is more than ever paid out at this contest. White hat hackers demonstrated exploits for Safari, Chrome, Edge, Windows 10, Ubuntu, Microsoft […]

The post Pwn2Own 2021: participants earned $1,2M of the $1.5M prize pool appeared first on Security Affairs.

Read More Pwn2Own 2021: participants earned $1,2M of the $1.5M prize pool

A threat actor has sold almost 900,000 gift cards and over 300,000 payment cards on a cybercrime forum on the dark web. A crook has sold 895,000 gift cards and over 300,000 payment cards, for a total of US$38 million, on a  top-tier Russian-language hacking forum on the dark web. The criminal actor was spotted offering […]

The post 330K stolen payment cards and 895K stolen gift cards sold on dark web appeared first on Security Affairs.

Read More 330K stolen payment cards and 895K stolen gift cards sold on dark web

Wizcase experts discovered a security flaw in the open-source learning platform Moodle that could allow accounts takeover. At the beginning of October 2020, the Wizcase cyber research team, led by Ata Hakcil, discovered a security vulnerability in the open-source learning platform Moodle. Anyone who had an account on a given school’s Moodle (with TeX filter enabled) could […]

The post Moodle flaw exposed users to account takeover appeared first on Security Affairs.

Read More Moodle flaw exposed users to account takeover

Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked online on March 17, 2021. The database was posted on a different underground forum and contained 12,344 records of the card shop admins, sellers and buyers including their nicknames, hashed passwords, contact details, history of activity, and […]

The post Swarmshop – What goes around comes around: hackers leak other hackers’ data online appeared first on Security Affairs.

Read More Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Pwn2Own 2021 – Day 2: a security duo earned $200,000 for a zero-interaction Zoom exploit allowing remote code execution. One of the most interesting working exploits of the second day of the Pwn2Own 2021 was demonstrated by security researchers Daan Keuper and Thijs Alkemade from Computest. The duo successfully targeted Zoom Messenger in the Enterprise […]

The post Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit appeared first on Security Affairs.

Read More Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit

Days after a massive Facebook data leak made the headlines, 500 million LinkedIn users are being sold online, seller leaked 2 million records as proof. Original Post at https://cybernews.com/news/stolen-data-of-500-million-linkedin-users-being-sold-online-2-million-leaked-as-proof-2/ An archive containing data purportedly scraped from 500 million LinkedIn profiles has been put for sale on a popular hacker forum, with another 2 million records leaked as […]

The post Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof appeared first on Security Affairs.

Read More Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof

The maintainers of the PHP programming language confirmed that threat actors may have compromised a user database containing their passwords. The maintainers of the PHP programming language have provided an update regarding the security breach that took place on March 28. Unknown attackers hacked the official Git server of the PHP programming language and pushed […]

The post User database was also hacked in the recent hack of PHP ‘s Git Server appeared first on Security Affairs.

Read More User database was also hacked in the recent hack of PHP ‘s Git Server

A joint operation of Europol and the Italian Postal and Communication Police resulted in the arrest of an Italian national who hired a hitman on the dark web. Europol and the Italian Postal and Communication Police (Polizia Postale e delle Comunicazioni) arrested an Italian national as part of the “Operation Hitman” because he is suspected […]

The post Man arrested after hired a hitman on the dark web appeared first on Security Affairs.

Read More Man arrested after hired a hitman on the dark web

Attackers are actively exploiting the CVE-2018-13379 flaw in Fortinet VPN to deploy the Cring ransomware to organizations in the industrial sector. Threat actors are actively exploiting the CVE-2018-13379 vulnerability in Fortinet VPNs to deploy a new piece of ransomware, tracked as Cring ransomware (also known as Crypt3r, Vjiszy1lo, Ghost, Phantom), to organizations in the industrial sector. […]

The post New Cring ransomware deployed targeting unpatched Fortinet VPN devices appeared first on Security Affairs.

Read More New Cring ransomware deployed targeting unpatched Fortinet VPN devices

The Pwn2Own 2021 hacking competition has begun and white hat hackers participants earned more than $500000 on the first day. The Pwn2Own 2021 has begun, this year the formula for the popular hacking competition sees the distribution of the participants amongst various locations. The competition’s organizer, Trend Micro’s Zero Day Initiative (ZDI), describes this year’s […]

The post Pwn2Own 2021 Day 1 – participants earned more than $500k appeared first on Security Affairs.

Read More Pwn2Own 2021 Day 1 – participants earned more than $500k

A new supply chain attack made the headlines, threat actors compromised at least one update server of smartphone maker Gigaset to deliver malware. The German device maker Gigaset was the victim of supply chain attack, threat actors compromised at least one server of the company to deliver malware. Gigaset AG, formerly known as Siemens Home and […]

The post Gigaset Android smartphones infected with malware after supply chain attack appeared first on Security Affairs.

Read More Gigaset Android smartphones infected with malware after supply chain attack

Not only the European Commission, but many other organizations of the European Union have been targeted by a cyberattack in March. A European Commission spokesperson confirmed that the European Commission, along with other European Union organizations, was hit by a cyberattack in March. The authorities did not disclose any details about the type of threats […]

The post European Commission and other institutions were hit by a major cyber-attack appeared first on Security Affairs.

Read More European Commission and other institutions were hit by a major cyber-attack

Fileless malware and cryptominer attack rates grew by nearly 900% and 25% respectively, while unique ransomware payloads plummeted by 48% in 2020 compared to 2019, according to WatchGuard. Q4 2020 also brought a 41% increase in encrypted malware detect…

Read More Massive increase in endpoint attacks, rising rate of encrypted malware and new exploits targeting IoT

On-premises SAP systems are targeted by threat actors within 72 hours after security patches are released, security SAP security firm Onapsis warns. According to a joint study published by Onapsis and SAP, on-premises SAP systems are targeted by threat actors within 72 hours after security patches are released. Threat actors perform reverse-engineering of the SAP […]

The post SAP systems are targeted within 72 hours after updates are released appeared first on Security Affairs.

Read More SAP systems are targeted within 72 hours after updates are released

China-linked APT group Cycldek is behind an advanced cyberespionage campaign targeting entities in the government and military sector in Vietnam. China-linked APT group LuckyMouse (aka Cycldek, Goblin Panda, Hellsing, APT 27, and Conimes) is targeting government and military organizations in Vietnam with spear-phishing. The threat actors are sending out spear-phishing messages to compromise diplomatic targets in Southeast […]

The post Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks appeared first on Security Affairs.

Read More Chinese Cycldek APT targets Vietnamese Military and Government in sophisticated attacks