Microsoft Patches Six Zero-Day Bugs this MonthPatch Tuesday updates require urgent action from sysadminsLeer másPatch Tuesday updates require urgent action from sysadmins
Day: November 9, 2022
Windows 10 KB5019959 and KB5019966 updates released
Windows 10 KB5019959 and KB5019966 updates releasedMicrosoft has released the Windows 10 KB5019959 and KB5019966 cumulative updates for versions 22H2, version 21H2, version 21H1, and 1809 to fix security vulnerabilities...
Citrix ADC and Citrix Gateway are affected by a critical authentication bypass flaw
Citrix ADC and Citrix Gateway are affected by a critical authentication bypass flawCitrix released security updates to address a critical authentication bypass vulnerability in Citrix ADC...
Instagram Influencer Gets 11 Years for Money Laundering
Instagram Influencer Gets 11 Years for Money LaunderingMan known as “Hushpuppi” linked to fraud and business email compromiseLeer másMan known as “Hushpuppi” linked to fraud and...
Laplas Clipper Malware Aimed at Cryptocurrency Users
Laplas Clipper Malware Aimed at Cryptocurrency UsersCryptocurrency users are once again threatened by cyberattacks, this time in the shape of a new clipper malware strain called Laplas,...
VMware fixes three critical flaws in Workspace ONE Assist
VMware fixes three critical flaws in Workspace ONE AssistVMware address three critical bugs in the Workspace ONE Assist solution that allow remote attackers to bypass authentication...
Windows 11 KB5019980 and KB5019961 cumulative updates released
Windows 11 KB5019980 and KB5019961 cumulative updates releasedMicrosoft has released the Windows 11 KB5019980 and KB5019961 cumulative updates for versions 22H2 and 21H2 to fix security...
Advanced RAT AgentTesla Most Prolific Malware in October
Advanced RAT AgentTesla Most Prolific Malware in OctoberInfo-stealers take top three spots, says Check PointLeer másInfo-stealers take top three spots, says Check Point
Microsoft Patch Tuesday updates fix 6 actively exploited zero-days
Microsoft Patch Tuesday updates fix 6 actively exploited zero-daysMicrosoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days. Microsoft Patch Tuesday...
50K Bitcoin from the Silk Road Hack Found and Seized by U.S. Authorities
50K Bitcoin from the Silk Road Hack Found and Seized by U.S. AuthoritiesThe U.S. Department of Justice (DoJ) announced on Monday, October 7, 2022, the seizure...
Medibank Confirms Data Stolen in Breach is Now Available Online
Medibank Confirms Data Stolen in Breach is Now Available OnlineThe leaked data includes personal data like names, addresses and phone numbers, among othersLeer másThe leaked data...
Cisco Event Response: November 2022 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication
Cisco Event Response: November 2022 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled PublicationContenido de la entradaLeer másCisco Event Responses
LockBit Affiliate Uses Amadey Bot in Phishing Campaign
LockBit Affiliate Uses Amadey Bot in Phishing CampaignA LockBit 3.0 affiliate is targeting companies with phishing emails, tricking them into installing the Amadey Bot and taking...
Experts observed Amadey malware deploying LockBit 3.0 Ransomware
Experts observed Amadey malware deploying LockBit 3.0 RansomwareExperts noticed that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems. Researchers from AhnLab Security...
Microsoft: Windows 10 21H1 reaches end of service next month
Microsoft: Windows 10 21H1 reaches end of service next monthMicrosoft has reminded customers today that all editions of Windows 10 21H1 (also known as the May...
Malicious Extension Grants Threat Actors Remote Access to Google Chrome
Malicious Extension Grants Threat Actors Remote Access to Google ChromeCybersecurity researchers discovered ‘Cloud9’ – a new Chrome browser botnet that uses malicious extensions to steal user...
Armageddon APT Hacker Group aka UAC-0010 Spreads Phishing Emails Masquerading as the State Special Communications Service of Ukraine
Armageddon APT Hacker Group aka UAC-0010 Spreads Phishing Emails Masquerading as the State Special Communications Service of Ukraine The russia-linked Armageddon APT aka Gamaredon or UAC-0010...
VMware fixes three critical auth bypass bugs in remote access tool
VMware fixes three critical auth bypass bugs in remote access toolVMware has released security updates to address three critical severity vulnerabilities in the Workspace ONE Assist solution...
Having refused to pay ransom, health insurer Medibank sees customer data posted online by hackers
Having refused to pay ransom, health insurer Medibank sees customer data posted online by hackersA ransomware gang has begun to publish data on the dark web...
Patch Tuesday, November 2022 Election Edition
Patch Tuesday, November 2022 Election EditionLet’s face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today....
Malicious extension lets attackers control Google Chrome remotely
Malicious extension lets attackers control Google Chrome remotelyA new Chrome browser botnet named 'Cloud9' has been discovered in the wild using malicious extensions to steal online...
Defeating Phishing-Resistant Multifactor Authentication
Defeating Phishing-Resistant Multifactor AuthenticationCISA is now pushing phishing-resistant multifactor authentication. Roger Grimes has an excellent post reminding everyone that “phishing-resistant” is not “phishing proof,” and that...
TeamTNT Returns — Or Does It?
TeamTNT Returns — Or Does It?Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed...
LockBit affiliate uses Amadey Bot malware to deploy ransomware
LockBit affiliate uses Amadey Bot malware to deploy ransomwareA LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of...
Hack the Real Box: APT41’s New Subgroup Earth Longzhi
Hack the Real Box: APT41’s New Subgroup Earth LongzhiWe looked into the campaigns deployed by a new subgroup of advanced persistent threat (APT) group APT41, Earth...
Lenovo fixes flaws that can be used to disable UEFI Secure Boot
Lenovo fixes flaws that can be used to disable UEFI Secure BootLenovo has fixed two high-severity vulnerabilities impacting various ThinkBook, IdeaPad, and Yoga laptop models that...
MSA-22-0024: Remote code execution risk when restoring malformed backup file from Moodle 1.9
MSA-22-0024: Remote code execution risk when restoring malformed backup file from Moodle 1.9от Michael Hawkins. A remote code execution risk when restoring backup files originating from...
China Likely Amasses 0-Days Via Vulnerability Disclosure Law
China Likely Amasses 0-Days Via Vulnerability Disclosure LawMicrosoft Finds Increased Use of Zero-Days by Chinese Hackers Over Past YearIt's been a year since Beijing imposed regulations...
Feds Warn of Iranian Threats to Healthcare Sector
Feds Warn of Iranian Threats to Healthcare SectorTehran Hackers Use Social Engineering to Close Sophistication GapThe healthcare industry should be aware of Iranian hackers using social...
Ransomware group starts publishing Medibank data as company warns customers to be vigilant for scammers
Ransomware group starts publishing Medibank data as company warns customers to be vigilant for scammersHundreds of names, addresses, birthdates and Medicare details posted under ‘good list’...