featured

Malware & Threats

Issued by: Dark Reading

The ransomware-as-a-service (RaaS) groups LockBit and ALPHV (aka BlackCat), among others, have been the focus of distributed denial-of-service (DDoS) attacks targeting their data leak sites, causing downtime and outages. The attacks have been monitored by Cisco Talos since Aug. 20 and include a wide range of other RaaS groups, including Quantum, LV, Hive, Everest, BianLian,…

Malware & Threats

Issued by: Security Week

Leveraging threat intelligence to combat nation state espionage threats is a common practice for cybersecurity teams. However, outside of common types of fraud seen in darkweb or closed forums, the same threat intelligence often is not leveraged to combat enterprise fraud. If you are a target of APT threats by espionage actors, buying access to…

Vulnerabilities

Issued by: Security Week

Twenty-one of the resolved security defects were reported by external researchers, including one critical-, eight high-, nine medium-, and three low-severity vulnerabilities. A total of nine use-after-free issues were resolved with the latest browser update, the most important of which is a critical flaw in the Network Service component, reported by Google Project Zero researcher…

Malware & Threats

Issued by: Security Week

An analysis of nightly backups of more than 400,000 unique web servers has revealed the existence of more than 47,000 malicious plugins installed on nearly 25,000 unique WordPress websites. More than 94% of these plugins (over 44,000) continue to be in use today. Over 3,600 of the identified malicious plugins were purchased from legitimate marketplaces…

Vulnerabilities

Issued by: Security Week

Tracked as CVE-2022-2587 (CVSS score of 9.8) and described as an out-of-bounds write, the vulnerability was addressed with the release of a patch in June. The issue was identified in the CRAS (ChromiumOS Audio Server) component, and could be triggered using malformed metadata associated with songs. CRAS resides between the operating system and ALSA (Advanced…

Network Security

Issued by: Security Week

Media coverage of data breaches (e.g., Cisco, Flagstar Bank, South Denver Cardiology Associates) often puts a spotlight on the tail end of the cyberattack life cycle, focusing on the exfiltration points rather than how the threat actor got there. Post-mortem analysis has repeatedly found that the most common source of a hack is compromised credentials…

Malware & Threats

Issued by: Security Week

Also referred to as APT27, Bronze Union, Emissary Panda, Lucky Mouse, and TG-3390 (Threat Group 3390), Iron Tiger has been active since at least 2010, targeting hundreds of organizations worldwide for cyberespionage purposes. As part of recent attacks, the advanced persistent threat (APT) group abused the compromised servers of MiMi – an instant messaging application…

Malware & Threats

Issued by: Help Net Security

Avast released a report revealing a significant increase in global ransomware attacks, up 24% from Q1/2022. Researchers also uncovered a new zero-day exploit in Chrome, as well as signals how cybercriminals are preparing to move away from macros as an infection vector. Ransomware attacks increase After months of decline, global ransomware attacks increased significantly in…

Vulnerabilities

Issued by: Security Week

Acquired by Belden earlier this year, NetModule provides IIoT and industrial routers, vehicle routers, and other types of wireless M2M connectivity products. All of NetModule’s routers run the Linux-based NRSW by default, and can be managed remotely using a remote management platform. According to Flashpoint, its researchers recently identified two critical flaws in NetModule’s router…