Malware & Threats Check Point VPN Attacks Involve Zero-Day Exploited Since April The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords. Eduard KovacsMay 30, 2024
ICS/OT JAVS Courtroom Audio-Visual Software Installer Serves Backdoor Backdoored JAVS courtroom recording and management software installer puts thousands at risk of complete takeover. Ionut ArghireMay 24, 2024
Malware & Threats New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data The Antidot Android banking trojan snoops on users and steals their credentials, contacts, and SMS messages. Ionut ArghireMay 17, 2024
Malware & Threats Microsoft Quick Assist Tool Abused for Ransomware Delivery The Black Basta group abuses remote connection tool Quick Assist in vishing attacks leading to ransomware deployment. Ionut ArghireMay 17, 2024
Fraud & Identity Theft Threat Actors Abuse GitHub to Distribute Multiple Information Stealers Russian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software. Ionut ArghireMay 15, 2024
Malware & Threats 400,000 Linux Servers Hit by Ebury Botnet The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected. Ionut ArghireMay 15, 2024
Malware & Threats Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention. Ryan NaraineMay 14, 2024
Malware & Threats Adobe Patches Critical Flaws in Reader, Acrobat Adobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software. Ryan NaraineMay 14, 2024
Malware & Threats Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures. Ionut ArghireMay 14, 2024
Malware & Threats Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS Apple documents another zero-day flaw being exploited on older iPhones and documents security problems in macOS, iOS and iPadOS. Ryan NaraineMay 13, 2024
Email Security US Says North Korean Hackers Exploiting Weak DMARC Settings The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks. Ionut ArghireMay 3, 2024
Cybercrime Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals A botnet dismantled in January and used by Russia-linked APT28 consisted of more than just Ubiquiti Edge OS routers. Ionut ArghireMay 3, 2024