Month: September 2022
-
Worried About the Exchange Zero-Day? Here’s What to Do
While organizations wait for an official patch for the two zero-day flaws in Microsoft Exchange, they should scan their networks for signs …
-
Witchetty APT used steganography in attacks against Middle East entities
A cyberespionage group, tracked as Witchetty, used steganography to hide a previously undocumented backdoor in a Windows logo. Broadcom’s …
-
The Challenge of Cracking Iran’s Internet Blockade
Iranians have faced escalating internet restrictions for years and have some workarounds in place as a result, like VPNs and other relay …
-
LA School District Ransomware Attackers Now Threaten to Leak Stolen Data
Weeks after it breached the Los Angeles Unified School District, the Vice Society ransomware group is threatening to leak the stolen data, …
-
Reshaping the Threat Landscape: Deepfake Cyberattacks Are Here
It’s time to dispel notions of deepfakes as an emergent threat. All the pieces for widespread attacks are in place and readily available to …
-
Cybercriminals See Allure in BEC Attacks Over Ransomware
While ransomware seems stalled, business email compromise (BEC) attacks continue to make profits from the ProxyShell and Log4j …
-
New Microsoft Exchange Zero-Day RCE Bug Actively Exploited by Hackers
New zero-day bugs existing in Microsoft Exchange that are not disclosed yet publicly are being exploited by the threat actors in order to …
-
Microsoft Confirms Two 0-Days Being Exploited Against Exchange Servers
A Vietnam-based cybersecurity company reported that cybercriminals are actively eyeing Microsoft zero-day vulnerabilities, particularly …
-
Trojanized, Signed Comm100 Chat Installer Anchors Supply Chain Attack
Malicious Comm100 files have been found scattered throughout North America, and across sectors including tech, healthcare, manufacturing, …
-
Mozilla Releases Security Update for Thunderbird
Original release date: September 30, 2022Mozilla has released a security update to address a vulnerability in Thunderbird. An …
-
Cisco Releases Security Updates for Multiple Products
Original release date: September 30, 2022Cisco has released security updates for vulnerabilities affecting multiple products. A …
-
Drupal Releases Security Update
Original release date: September 30, 2022Drupal has released a security update to address a vulnerability affecting multiple …
●●●