Apple Patches 3 More Zero-Days Under Active Attack
One of the bugs, which affects macOS as well as older versions of iPhones, could allow an attacker to execute arbitrary code with kernel privileges. Source: Threatpost.com
Continue ReadingAuthor: Elizabeth Montalbano
Large-Scale Phishing-as-a-Service Operation Exposed
Discovery of BulletProofLink—which provides phishing kits, email templates, hosting and other tools—sheds light on how wannabe cybercriminals can get into the business. Source: Threatpost.com
Continue ReadingFeds Sanctions SUEX Cryptocurrency Exchange for Laundering Ransomware Payouts
The action is the first of its kind in the U.S., as the government increases efforts to get a handle on cybercrime. Source: Threatpost.com
Continue ReadingBlackMatter Strikes Iowa Farmers Cooperative, Demands $5.9M Ransom
Critical infrastructure appears to be targeted in latest ransomware attack, diminishing the hopes of governments to curb such attacks. Source: Threatpost.com
Continue ReadingMicrosoft MSHTML Flaw Exploited by Ryuk Ransomware Gang
Microsoft and RiskIQ researchers have identified several campaigns using the recently patched zero-day, reiterating a call for organizations to update affected systems. Source: Threatpost.com
Continue ReadingAzure Zero-Day Flaws Highlight Lurking Supply-Chain Risk
Dubbed OMIGOD, a series of vulnerabilities in the Open Management Infrastructure used in Azure on Linux demonstrate hidden security threats, researchers said. Source: Threatpost.com
Continue ReadingAttackers Impersonate DoT in Two-Day Phishing Scam
Threat actors dangled the lure of receiving funds from the $1 trillion infrastructure bill and created new domains mimicking the real federal site. Source: Threatpost.com
Continue ReadingBlackMatter Ransomware Hits Japanese Tech Giant Olympus
The incident that occurred Sept. 8 and affected its EMEA IT systems seems to signal a return to business as usual for ransomware groups. Source: Threatpost.com
Continue ReadingStolen Credentials Led to Data Theft at United Nations
Threat actors accessed the organization’s proprietary project management software, Umoja, in April, accessing the network and stealing info that can be used in further attacks. Source: Threatpost.com
Continue ReadingBladeHawk Attackers Target Kurds with Android Apps
Pro-Kurd Facebook profiles deliver ‘888 RAT’ and ‘SpyNote’ trojans, masked as legitimate apps, to perform mobile espionage. Source: Threatpost.com
Continue Reading