Top

Application security, Security

U.S. Government, Tech Giants Discuss Open Source Software Security

January 14, 2022

Via: Security Week

The recent disclosure and exploitation of vulnerabilities affecting the widely used Log4j logging utility have once again highlighted the importance of open source security and software supply chain security. The goal of the White House summit was to identify ways […]


Threats & Malware, Virus & Malware

Recent GootLoader Campaign Targets Law, Accounting Firms

January 14, 2022

Via: Security Week

Initially detailed in December 2020, GootLoader is a piece of initial access malware, allowing its operators to deploy various other malware families – including ransomware – on the compromised machines. Over the past few weeks, the GootLoader hacking group has […]


Cyber warfare, Cyber-crime

U.S. Cyber Command Officially Links MuddyWater Group to Iranian Intelligence

January 13, 2022

Via: Security Week

Also tracked as MERCURY, Seedworm, and Static Kitten, MuddyWater was initially detailed in 2017. The threat actor is known for conducting espionage campaigns focused on entities in the Middle East, but has targeted entities in Europe and North America as […]


Threats & Malware, Vulnerabilities

Mozilla addresses High-Risk Firefox, Thunderbird vulnerabilities

January 13, 2022

Via: Security Affairs

Mozilla released Firefox 96 that addressed 18 security vulnerabilities in its web browser and the Thunderbird mail program. Nine vulnerabilities addressed by the new release are rated high-severity, the most severe one is a race condition issue tracked as CVE-2022-22746. […]


Threats & Malware, Vulnerabilities

Microsoft has uncovered loads of Windows 11 security threats – here’s what you need to do

January 13, 2022

Via: TechRadar

Microsoft has revealed that it has discovered several serious security vulnerabilities in Windows 11, as well as other versions including Windows 10. The revelations came as part of January 2022’s ‘Patch Tuesday’ – the day of the month that Microsoft […]


Threats & Malware, Vulnerabilities

When it comes to banking security, there’s no silver bullet

January 13, 2022

Via: Help Net Security

As banks start to increasingly embrace digital transformation, they become more susceptible to cyberattacks. What is making them so vulnerable? The banking and finance industry has traditionally been slow to adopt new technologies because of complex concerns with security, privacy, […]


Cyber warfare, Cyber-crime

FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure

January 12, 2022

Via: The Hacker News

Amid renewed tensions between the U.S. and Russia over Ukraine and Kazakhstan, American cybersecurity and intelligence agencies on Tuesday released a joint advisory on how to detect, respond to, and mitigate cyberattacks orchestrated by Russian state-sponsored actors. To that end, […]


Threats & Malware, Virus & Malware

New SysJoker Espionage Malware Targeting Windows, macOS, and Linux Users

January 12, 2022

Via: The Hacker News

A new cross-platform backdoor called “SysJoker” has been observed targeting machines running Windows, Linux, and macOS operating systems as part of an ongoing espionage campaign that’s believed to have been initiated during the second half of 2021. “SysJoker masquerades as […]


Cyber-crime, Malware

Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware

January 12, 2022

Via: The Hacker News

Threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver commodity remote access trojans (RATs) such as Nanocore, Netwire, and AsyncRAT to siphon sensitive information from compromised systems. The spear-phishing attacks, which […]


Threats & Malware, Vulnerabilities

CISA Adds 15 Recent and Older Vulnerabilities to ‘Must-Patch’ List

January 12, 2022

Via: Security Week

Initially announced in early November 2021, the list includes more than 300 vulnerabilities that are a frequent attack vector in malicious attacks, and which represent a significant risk to federal organizations. The Known Exploited Vulnerabilities Catalog was published along with […]