Phishing Archives - Page 9 of 23 - Cyber Security Minute

Microsoft Confirms ‘PrintNightmare’ is New Windows Security Flaw

Issued by: Security Week

Microsoft’s confirmation of a new, unpatched Windows Print Spooler bug comes days after researchers noticed that published proof-of-concept code for a different vulnerability was reliably exploiting fully patched Windows machines. Microsoft’s own misdiagnosis of a Print Spooler flaw that was just patched in June this year also added to the confusion. In a pre-patch advisory…

Application Security

Sevco Security Banks $15 Million Series A Funding

Issued by: Security Week

Sevco Security, based in Austin, Texas, has raised $15 million in Series A funding led by SYN Ventures. The company said .406 Ventures, Accomplice, Bill Wood Ventures and fama Ventures also joined as investors. In a statement, Sevco Security said its platform delivers two values to customers: continuous converged visibility of all assets across siloed…

Network Security

SASE Provider Versa Networks Raises $86 Million

Issued by: Security Week

The funding round was led by Princeville Capital and RPS Ventures, with additional participation from existing investors, including Sequoia Capital. Based in San Jose, California, Versa Networks platform is available via both the cloud and on-premises, helping enterprises keep branches, teleworkers, and users securely connected to cloud applications and data centers. A software-only offering, Versa…

Application Security

Google Rolling Out Security Update for Google Drive

Issued by: Security Week

With this update, the search advertising giant is adding a resource key to sharing links, which will impact access to the files for those users who haven’t yet viewed the files. “Once the update has been applied to a file, users who haven’t viewed the file before will have to use a URL containing the…

Mobile Security

Vulnerabilities in Zephyr’s Bluetooth LE Stack May Lead to DoS Attacks

Issued by: Security Week

Six of the flaws, the researcher explains, could be abused by an attacker by sending malformed input that would cause the device to freeze. This could result in the device rebooting itself or may even allow for remote code execution in some instances. Other vulnerabilities could be exploited either to cause the device to misbehave…

Software Security

Diplomatic Entities Targeted with New ‘Moriya’ Windows Rootkit

Issued by: Security Week

Dubbed Moriya, the rootkit provides the threat actor with the ability to intercept network traffic and hide commands sent to the infected machines, thus allowing the attackers to stay hidden within the compromised networks for months. The rootkit is part of the toolkit used by TunnelSnake, an unknown actor that deploys backdoors onto public servers…

Malware & Threats

APT Group Using Voice Changing Software in Spear-Phishing Campaign

Issued by: Security Week

The Molerats hacking group, also tagged as Gaza Hackers Team, Gaza Cybergang, DustySky, Extreme Jackal, and Moonlight, has been active since at least 2012, mainly targeting entities in the Middle East, but also launching attacks against targets in Europe and the United States. Cado Security says that APT-C-23, believed to be part of Molerats, typically…

Vulnerabilities

VMware Patches Critical Flaw in Carbon Black Cloud Workload

Issued by: Security Week

Tracked as CVE-2021-21982 and featuring a CVSS score of 9.1, the recently addressed vulnerability resides in the administrative interface for the appliance and exists because attackers could bypass authentication through manipulation of a URL on the interface. “A malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance…

Malware & Threats

Financial Sector Remains Most Targeted by Threat Actors: IBM

Issued by: Security Week

Manufacturing and energy became the second and third most targeted industries last year, respectively. Retail and professional services rounded up the top five most targeted sectors, IBM says. In the latest installment of their annual X-Force Threat Intelligence Index, IBM Security also reveals that ransomware was the most popular attack method in 2020, with a…

Malware & Threats

‘Russian Hackers’ Again Target German MPs: Report

Issued by: Security Week

Hackers used phishing emails to gain access to the computers of at least seven federal MPs and 31 lawmakers in regional parliaments, according to Der Spiegel weekly. A spokesman for the lower house of parliament confirmed the cyber attack but said there was “currently no indication” of a direct attack on the IT infrastructure of…