Microsoft uncovered a large-scale phishing-as-a-service operation, dubbed BulletProofLink, that enabled threat actors to easily carry out malicious campaigns. Microsoft researchers have uncovered a large-scale phishing-as-a-service (PHaaS) operation, dubbed BulletProofLink (aka Anthrax), that offers to its customers phishing kits, email templates, and hosting and automated services to carry out phishing attacks. BulletProofLink service was very cheap […]
Minnesota-based farming supply cooperative Crystal Valley was hit by a ransomware attack, it is the second attack against the agriculture business in a few days. Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, this is the second farming cooperative that was hit by ransomware operators in a few days. At this time, […]
CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. Security experts from consulting firm GRIMM have discovered a vulnerability in Small Offices/Home Offices (SOHO) Netgear routers that could be exploited by a remote attacker to execute arbitrary code as root The flaw, tracked as CVE-2021-40847, […]
CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang targeting US organizations. CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) are warning of an increased number of Conti ransomware attacks against US organizations. The advisory urges organizations to take supplementary measures […]
Researchers found multiple flaws in widely used network management products from Nagios that pose serious risk to organizations. Researchers from industrial cybersecurity firm Claroty have discovered eleven vulnerabilities in widely used network management products from Nagios. Nagios XI provides monitoring of all mission-critical infrastructure components including applications, services, operating systems, network protocols, systems metrics, and […]
VMware addressed a critical arbitrary file upload vulnerability that affects the default configuration of vCenter Server 6.7 and 7.0 deployments. VMware addressed a critical arbitrary file upload vulnerability, tracked as CVE-2021-22005, that impacts appliances running default vCenter Server 6.7 and 7.0 deployments. vCenter Server is the centralized management utility for VMware, and is used to manage […]
Security researchers disclosed a new zero-day flaw in Apple’s macOS Finder that can allow attackers to run arbitrary commands on Macs. Independent security researcher Park Minchan disclosed a zero-day vulnerability in Apple’s macOS Finder that can be exploited by attackers to run arbitrary commands on Mac systems running any macOS version. The flaw is due […]
Russia-linked cyber espionage group Turla made the headlines again, the APT has employed a new backdoor in a recent wave of attacks Cisco Talos researchers reported that the Russia-linked Turla APT group recently used a new backdoor, dubbed TinyTurla, in a series of attacks against the US, Germany, and Afghanistan. The threat actors are using […]
Apache OpenOffice (AOO) is currently impacted by a remote code execution flaw, tracked as CVE-2021-33035, that has yet to be fixed in the official release. Security researcher Eugene Lim (@spaceraccoonsec) recently revealed technical details about a remote code execution flaw, tracked as CVE-2021-33035, (CVE-2021-33035) that impacts OpenOffice (AOO). The experts disclosed the flaw at HackerOne’s […]
U.S. The farmers cooperative NEW Cooperative was hit by Black Matter ransomware gang that is demanding a $5.9 million ransom. BlackMatter ransomware gang hit NEW Cooperative, a farmer’s feed and grain cooperative, and is demanding a $5.9 million ransom. The ransomware gang claims to have stolen 1,000 GB of data including the source code for […]