Iranian Hackers Target Enterprise Android Users With New RatMilad Spyware
Zimperium is warning of an Iranian hacking group using a new piece of Android spyware in a broad campaign that has also targeted enterprise users. read more
Continue ReadingCategory: Virus & Threats
US Government Details Tools Used by APTs in Defense Organization Attack
The NSA, FBI and CISA have issued an alert describing the tools and techniques used by advanced persistent threat (APT) actors in an attack aimed at an unnamed defense industrial base organization in the United States. read more
Continue ReadingMitigation for ProxyNotShell Exchange Vulnerabilities Easily Bypassed
A mitigation proposed by Microsoft and others for the new Exchange Server zero-day vulnerabilities named ProxyNotShell can be easily bypassed, researchers warn. The security holes, officially tracked as CVE-2022-41040 and CVE-2022-41082, can allow an attacker to remotely execute arbitrary code with elevated privileges. read more
Continue ReadingSupply Chain Attack Targets Customer Engagement Firm Comm100
CrowdStrike is warning of a recently identified supply chain attack involving Canada-based customer engagement software provider Comm100. read more
Continue ReadingMicrosoft Links Exploitation of Exchange Zero-Days to State-Sponsored Hacker Group
Microsoft has been investigating the attacks exploiting the new Exchange Server zero-day vulnerabilities and believes that a single state-sponsored threat group has been using them in highly targeted attacks. read more
Continue ReadingMicrosoft Links Exploitation of Exchange Zero-Days to State-Sponsored Hacker Group
Microsoft has been investigating the attacks exploiting the new Exchange Server zero-day vulnerabilities and believes that a single state-sponsored threat group has been using them in highly targeted attacks. read more
Continue ReadingMicrosoft Confirms Exploitation of Two Exchange Server Zero-Days
Microsoft has confirmed that it’s aware of two Exchange Server zero-day vulnerabilities that have been exploited in targeted attacks. The tech giant is working on patches. read more
Continue ReadingChinese Cyberespionage Group ‘Witchetty’ Updates Toolset in Recent Attacks
Chinese cyberespionage group Witchetty has been observed updating its toolset in recent attacks targeting entities in the Middle East and Africa, Symantec reports. Also referred to as LookingFrog, Witchetty is believed to be part of Cicada, the Chinese advanced persistent threat (APT) actor also known as APT10 and Stone Panda. read more
Continue ReadingMicrosoft Exchange Attacks: Zero-Day or New ProxyShell Exploit?
A cybersecurity company based in Vietnam has reported seeing attacks exploiting a new Microsoft Exchange zero-day vulnerability, but it may just be a variation of the old ProxyShell exploit. read more
Continue ReadingHackers Possibly From China Using New Method to Deploy Persistent ESXi Backdoors
Hackers possibly from China have been using a new technique to install persistent backdoors in VMware ESXi hypervisors, giving them significant capabilities while making detection more difficult. read more
Continue Reading