Microsoft warns of a large-scale BEC campaign to make gift card scam

Microsoft is warning of a large-scale BEC campaign that targeted hundreds of organizations leveraging typo-squatted domains registered days before the attacks. Business email compromise (BEC) attacks represent a serious threat for organizations worldwide, according to the annual report released by FBI’s Internet Crime Complaint Center, the 2020 Internet Crime Report, in 2020, the IC3 received 19,369 Business […]

Continue Reading

Russia-linked APT29 group changes TTPs following April advisories

The UK and US cybersecurity agencies have published a report detailing techniques used by Russia-linked cyberespionage group known APT29 (aka Cozy Bear). Today, UK NCSC and CISA-FBI-NSA cybersecurity agencies published a joint security advisory that warns organizations to patch systems immediately to mitigate the risk of attacks conducted by Russia-linked SVR group (aka APT29, Cozy Bear, and The Dukes)). The […]

Continue Reading

19 petabytes of data exposed across 29,000+ unprotected databases

CyberNews researchers found more than 29,000 unprotected databases worldwide that are still publicly accessible, leaving close to 19,000 terabytes of data exposed to anyone, including threat actors. Most organizations use databases to store sensitive information. This includes passwords, usernames, document scans, health records, bank account and credit card details, as well as other essential data, […]

Continue Reading

VMware addresses critical RCE in vRealize Business for Cloud

VMware has fixed a new critical RCE flaw in VMware vRealize Business for Cloud that was reported by sanctioned Russian firm Positive Technologies. VMware has addressed a critical remote code execution vulnerability, tracked as CVE-2021-21984, in VMware vRealize Business for Cloud. vRealize Business for Cloud is an automated cloud business management solution that allows customers to […]

Continue Reading

Windows Moriya rootkit used in highly targeted attacks

Experts spotted a new malware, dubbed Moriya rootkit, that targets Windows systems as part of cyberespionage campaign dubbed TunnelSnake. An unclassified threat actor employed a new stealthy malware, dubbed Moriya rootkit, to compromise Windows systems. Kaspersky experts who uncovered the threat speculate the attacks are likely part of an ongoing espionage campaign dubbed TunnelSnake that has been […]

Continue Reading

Qualcomm bug impacts about 30% of all smartphones

A high severity flaw, tracked as CVE-2020-11292, affects Qualcomm Mobile Station Modem chips used by around 30% of all smartphones worldwide Researchers from Checkpoint have discovered a buffer overflow vulnerability, tracked as CVE-2020-11292, in the Qualcomm Mobile Station Modem that can be exploited by attackers to trigger memory corruption and execute arbitrary code on the […]

Continue Reading

Chinese PLA Unit 61419 suspected to have purchased AVs for cyber-espionage

Chinese military unit PLA Unit 61419 is suspected to be involved in cyber-espionage campaigns against multiple antivirus companies. Researchers from cybersecurity firm Recorded Future’s Insikt Group have discovered six procurement documents from official People’s Liberation Army (PLA) military websites and other sources that demonstrate that PLA Unit 61419 has sought to purchase antivirus solutions from […]

Continue Reading