malware Archives - Page 20 of 57 - Cyber Security Minute

Mac Malware Used in Attacks Targeting Industrial Organizations in Middle East

Issued by: Security Week

Dubbed WildPressure, the campaign started in May 2019 and for more than a year it involved only a Windows version of a malware named Milum. Earlier this year, however, the campaign’s operators started using new versions of the Trojan, to target macOS systems as well. In addition to the initially observed C++ iteration of the…

Vulnerabilities

Continuous Updates: Everything You Need to Know About the Kaseya Ransomware Attack

Issued by: Security Week

The attack appears to impact tens of Kaseya customers and hundreds of downstream businesses. The cybercrime group that launched the attack used the ransomware to encrypt files on compromised systems and they are hoping to earn tens of millions of dollars as a result. SecurityWeek is covering all the new information that emerges and here…

Vulnerabilities

Microsoft Confirms ‘PrintNightmare’ is New Windows Security Flaw

Issued by: Security Week

Microsoft’s confirmation of a new, unpatched Windows Print Spooler bug comes days after researchers noticed that published proof-of-concept code for a different vulnerability was reliably exploiting fully patched Windows machines. Microsoft’s own misdiagnosis of a Print Spooler flaw that was just patched in June this year also added to the confusion. In a pre-patch advisory…

Network Security

SASE Provider Versa Networks Raises $86 Million

Issued by: Security Week

The funding round was led by Princeville Capital and RPS Ventures, with additional participation from existing investors, including Sequoia Capital. Based in San Jose, California, Versa Networks platform is available via both the cloud and on-premises, helping enterprises keep branches, teleworkers, and users securely connected to cloud applications and data centers. A software-only offering, Versa…

Malware & Threats

Malvuln Project Catalogues 260 Vulnerabilities Found in Malware

Issued by: Security Week

Malvuln, an interesting project of security researcher John Page (aka hyp3rlinx), catalogues vulnerabilities discovered in malware and provides information on how those vulnerabilities can be exploited. Since launching the project in early January 2021, Page has discovered more than 260 vulnerabilities across an estimated 105 individual malware families, including trojans, worms, backdoors, droppers, and ransomware….

Application Security

Google Rolling Out Security Update for Google Drive

Issued by: Security Week

With this update, the search advertising giant is adding a resource key to sharing links, which will impact access to the files for those users who haven’t yet viewed the files. “Once the update has been applied to a file, users who haven’t viewed the file before will have to use a URL containing the…

Malware & Threats

New REvil-Based Ransomware Emerges

Issued by: Security Week

Also known as Sodinokibi, REvil has become one of the most prominent ransomware families out there, being involved in a large number of high-profile attacks, including the one on JBS, the world’s largest meat processing company. REvil is offered by an Eastern Europe/Russia-based threat actor tracked as PINCHY SPIDER, which is known for their RaaS…

Mobile Security

Vulnerabilities in Zephyr’s Bluetooth LE Stack May Lead to DoS Attacks

Issued by: Security Week

Six of the flaws, the researcher explains, could be abused by an attacker by sending malformed input that would cause the device to freeze. This could result in the device rebooting itself or may even allow for remote code execution in some instances. Other vulnerabilities could be exploited either to cause the device to misbehave…

Malware & Threats

Vermont Hospital Still Calculating Cost of Ransomware Attack

Issued by: Security Week

Scheduling and patient medical records were affected and some cancer patients faced delays in treatment. It took months for the University of Vermont Health Network to recover from the attack, estimated to cost upwards of $63 million. The network is insured for $30 million and officials are continuing to negotiate with the insurance companies, but…

Application Security

Google Intros SLSA Framework to Enforce Supply Chain Integrity

Issued by: Security Week

The U.S. tech giant this week unveiled SLSA (Supply chain Levels for Software Artifacts), a new end-to-end framework the company hopes will drive the enforcement of standards and guidelines to ensuring the integrity of software artifacts throughout the software supply chain. The framework, released as part of the OpenSSF Foundation, is essentially a set of…