Group-IB, a Singapore-based cybersecurity company, observed the growth of the lifespan of phishing attacks in the second half of 2019. This trend, revealed by Group-IBâs Computer Emergency Response Team (CERT-GIB), resulted in the tremendous increase in the number of phishing websites blockages over the given period â it rose by over 230 percent year-on-year. In 2019 in general, web […]
Ruhr University Bochum (RUB) shuts down a large portion of its central IT infrastructure between May 6 and May 7, 2020. The Ruhr University Bochum (RUB), German, announced today that it was forced to shut down parts of its central IT infrastructure due to a cyber attack that took place overnight, between May 6 and […]
Cisco addresses tens of flaws in multiple products, including 12 high severity issues in Adaptive Security Appliance and Firepower Threat Defense. Cisco released security updates to address 34 flaws in multiple products, including 12 high severity vulnerabilities that affect Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD). Most of the vulnerabilities fixed by Cisco […]
Attackers exploited two security issues in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins to fully compromise over 1M sites. Hackers are actively exploiting two security flaws in the Elementor Pro and Ultimate Addons for Elementor WordPress plugins to fully compromise unpatched WordPress installs. Security experts from Wordfence have observed a hacking campaign targeting the […]
Samsung addressed this month a critical 0-click vulnerability that was discovered by security researchers from Google. Samsung released this week a security patch that addresses a critical vulnerability, tracked as CVE-2020-8899, impacting all smartphones sold since 2014. The flaw is tracked as SVE-2020-16747 in the Samsung security bulletin. “A possible memory overwrite vulnerability in Quram […]
Europol arrested five members of the Infinity Black hacker group that were selling stolen user credentials and hacking tools. Europol announced another success in the fight against cybercrime, today it has arrested five Polish hackers who were members of the Infinity Black hacking group. The joint operation coordinated by the Europol, saw the participation of […]
Level up Your Security Program With the Same Security Intelligence Used by the World’s Largest Governments and Many of the Fortune 1000 Recorded Future, the largest global security intelligence provider, today released a free browser extension that helps prioritize SIEM alerts and vulnerability patching, in addition to providing enhanced malware analysis. With this release, Recorded […]
A proof-of-concept (PoC) exploit for the recently fixed CVE-2020-1967 denial-of-service (DoS) issue in OpenSSL has been made public. Recently, the OpenSSL Project released a security update for OpenSSL that patches a high-severity vulnerability, tracked as CVE-2020-1967, that can be exploited by attackers to launch denial-of-service (DoS) attacks. The CVE-2020-1967 vulnerability has been described as a […]
Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. Last week, the popular security researcher MalwareMustDie and the experts at Intezer Labs spotted a new piece of malware dubbed Kaiji, that is targeting IoT devices via SSH brute-force attacks. The malicious code was designed to target […]
Microsoft warns of threat actors targeting organizations with malware-laced ISO and IMG files aimed at delivering a remote access trojan. Microsoft advanced machine learning threat detection models detected multiple malspam campaigns distributing malware-laced ISO. Last week experts from Microsoft detected a COVID-19-themed spam campaign, the messages are crafted to trick users into downloading and mounting […]