Malware & Threats

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE

Akamai, Malware & Threats, Microsoft, Microsoft Outlook, Vulnerabilities, Zero-Day /

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE 19/12/2023 at 23:55 By Ionut Arghire Akamai researchers document more vulnerabilities and patch bypasses leading to zero-click remote code execution in Microsoft Outlook. The post Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE Read More »

Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies

APT29, espionage, Malware & Threats, Russia, supply chain, Supply Chain Security /

Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies 14/12/2023 at 14:35 By Ionut Arghire US, UK, and Poland warn of Russia-linked cyberespionage group’s broad exploitation of recent TeamCity vulnerability. The post Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies Read More »

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle

Adobe, Application Security, Illustrator, Malware & Threats, Patch Tuesday, Vulnerabilities /

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle 12/12/2023 at 23:47 By Ryan Naraine Adobe warned users on both Windows and macOS systems about exposure to code execution, memory leaks and denial-of-service security issues. The post Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle Read More »

North Korean Hackers Developing Malware in Dlang Programming Language

Lazarus, Malware, Malware & Threats, North Korea /

North Korean Hackers Developing Malware in Dlang Programming Language 11/12/2023 at 18:16 By Ionut Arghire North Korean hackers have used Dlang-based malware in attacks against manufacturing, agriculture, and physical security organizations. The post North Korean Hackers Developing Malware in Dlang Programming Language appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

North Korean Hackers Developing Malware in Dlang Programming Language Read More »

Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat

Android, apple, Data Protection, iOS, Malware & Threats, Mobile & Wireless, spyware, surveillance /

Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat 06/12/2023 at 19:03 By Ryan Naraine iVerify, a seed-stage startup spun out of Trail of Bits, ships a mobile threat hunting platform to neutralize iOS and Android zero-days. The post Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Trail of Bits Spinout iVerify Tackles Mercenary Spyware Threat Read More »

5 Critical Steps to Prepare for AI-Powered Malware in Your Connected Asset Ecosystem

Artificial Intelligence, Malware & Threats /

5 Critical Steps to Prepare for AI-Powered Malware in Your Connected Asset Ecosystem 06/12/2023 at 14:17 By Rik Ferguson AI-powered attacks will become progressively more common, and a well-rounded security approach involves more than simply managing incidents effectively. The post 5 Critical Steps to Prepare for AI-Powered Malware in Your Connected Asset Ecosystem appeared first

React to this headline:

Loading spinner

5 Critical Steps to Prepare for AI-Powered Malware in Your Connected Asset Ecosystem Read More »

Russian Pleads Guilty to Role in Developing TrickBot Malware

Conti, cybercrime, Data Breaches, Malware & Threats, Ransomware, Ryuk, Trickbot /

Russian Pleads Guilty to Role in Developing TrickBot Malware 04/12/2023 at 18:16 By Ionut Arghire Russian national Vladimir Dunaev pleaded guilty to involvement in the development and use of the TrickBot malware that caused tens of millions of dollars in losses. The post Russian Pleads Guilty to Role in Developing TrickBot Malware appeared first on

React to this headline:

Loading spinner

Russian Pleads Guilty to Role in Developing TrickBot Malware Read More »

New ‘Turtle’ macOS Ransomware Analyzed

Mac malware, Malware & Threats, Ransomware /

New ‘Turtle’ macOS Ransomware Analyzed 01/12/2023 at 15:01 By Eduard Kovacs New Turtle macOS ransomware is not sophisticated but shows that cybercriminals continue to target Apple devices. The post New ‘Turtle’ macOS Ransomware Analyzed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

New ‘Turtle’ macOS Ransomware Analyzed Read More »

Apple Patches WebKit Flaws Exploited on Older iPhones

apple, CVE-2023-42916, CVE-2023-42917, Endpoint Security, Featured, iOS, macOS, Malware & Threats, Vulnerabilities /

Apple Patches WebKit Flaws Exploited on Older iPhones 30/11/2023 at 23:02 By Ryan Naraine Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1. The post Apple Patches WebKit Flaws Exploited on Older iPhones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Apple Patches WebKit Flaws Exploited on Older iPhones Read More »

Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users

Android trojan, Iran, Malware & Threats, Mobile & Wireless /

Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users 30/11/2023 at 14:16 By Ionut Arghire Zimperium has identified over 200 information-stealing Android applications targeting mobile banking users in Iran. The post Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users Read More »

Exploitation of Critical ownCloud Vulnerability Begins

exploited, Featured, Malware & Threats, ownCloud, Vulnerabilities /

Exploitation of Critical ownCloud Vulnerability Begins 28/11/2023 at 18:01 By Ionut Arghire Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure. The post Exploitation of Critical ownCloud Vulnerability Begins appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Exploitation of Critical ownCloud Vulnerability Begins Read More »

Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine

Malware & Threats, Russia, USB, worm /

Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine 20/11/2023 at 15:46 By Ionut Arghire Gamaredon’s self-propagating LitterDrifter USB worm spreads from Ukraine to the US and other countries. The post Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Russia’s LitterDrifter USB Worm Spreads Beyond Ukraine Read More »

US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website

credential stuffing, cybercrime, DraftKings, Identity & Access, Joseph Garrison, Malware & Threats /

US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website 17/11/2023 at 19:18 By Ionut Arghire Wisconsin teenager Joseph Garrison has admitted in court to launching a credential stuffing attack on a betting website. The post US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website appeared first on SecurityWeek. This

React to this headline:

Loading spinner

US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website Read More »

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA KEV, exploited, Featured, Malware & Threats, Sophos /

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability 17/11/2023 at 16:20 By Eduard Kovacs CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability Read More »

Zimbra Zero-Day Exploited to Hack Government Emails

email security, exploited, Featured, Government, Malware & Threats, Zimbra /

Zimbra Zero-Day Exploited to Hack Government Emails 16/11/2023 at 19:46 By Eduard Kovacs Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails. The post Zimbra Zero-Day Exploited to Hack Government Emails appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Zimbra Zero-Day Exploited to Hack Government Emails Read More »

US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea

botnet, Featured, Malware & Threats, takedown, Tracking & Law Enforcement /

US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea 15/11/2023 at 17:01 By Eduard Kovacs US government announces the takedown of the IPStorm proxy service botnet and the guilty plea of its creator, a Russian/Moldovan national. The post US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea Read More »

Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion

Acrobat and Reader, Adobe, Application Security, ColdFusion, Malware & Threats, Patch Tuesday, Vulnerabilities /

Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion 14/11/2023 at 21:46 By Ryan Naraine Adobe patches 72 security bugs and calls special attention to code-execution defects in the widely deployed Acrobat and Reader software. The post Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion Read More »

MySQL Servers, Docker Hosts Infected With DDoS Malware

botnet, cloud security, cybercrime, DDoS, Docker, Malware & Threats, MySQL /

MySQL Servers, Docker Hosts Infected With DDoS Malware 14/11/2023 at 19:47 By Ionut Arghire Researchers warn attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed DDoS attacks. The post MySQL Servers, Docker Hosts Infected With DDoS Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

MySQL Servers, Docker Hosts Infected With DDoS Malware Read More »

Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads

artificial inteligence, Artificial Intelligence, cybercrime, Google, Malware & Threats, scam /

Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads 14/11/2023 at 16:16 By Eduard Kovacs Google files a lawsuit against cybercriminals who delivered account-hijacking malware by offering fake Bard AI downloads.  The post Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads Read More »

Tidal Cyber Raises $5 Million for Threat-Informed Defense Platform

Funding/M&A, Incident Response, Malware & Threats, seed-stage, Tidal Cyber /

Tidal Cyber Raises $5 Million for Threat-Informed Defense Platform 09/11/2023 at 19:47 By Ionut Arghire The Washington, DC startup is building a threat-informed defense platform that helps organizations automate detection and response work. The post Tidal Cyber Raises $5 Million for Threat-Informed Defense Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Tidal Cyber Raises $5 Million for Threat-Informed Defense Platform Read More »

Scroll to Top