Monthly Archives: February 2023

VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree

VMware on Monday said it found no evidence that threat actors are leveraging an unknown...

07
Feb
GuLoader Malware Using Malicious NSIS Executable to Target E-Commerce Industry

E-commerce industries in South Korea and the U.S. are at the receiving end of an...

06
Feb
Microsoft: Iranian Nation-State Group Sanctioned by U.S. Behind Charlie Hebdo Hack

An Iranian nation-state group sanctioned by the U.S. government has been attributed to the hack...

06
Feb
High-Performance Computing (HPC) Security: Draft NIST SP 800-223 is Available for Public Comment
February 6, 2023

NIST is requesting public comments on the initial public draft of Special Publication (SP) 800-223,...

High-Performance Computing (HPC) Security: Draft NIST SP 800-223 is Available for Public Comment
February 6, 2023

NIST is requesting public comments on the initial public draft of Special Publication (SP) 800-223,...

SaaS in the Real World: Who’s Responsible to Secure this Data?

When SaaS applications started growing in popularity, it was unclear who was responsible for securing...

06
Feb
OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability

The maintainers of OpenSSH have released OpenSSH 9.2 to address a number of security bugs,...

06
Feb
FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection

An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed...

06
Feb
PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

A new Android banking trojan has set its eyes on Brazilian financial institutions to commit...

04
Feb
New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy...

04
Feb
Warning: Hackers Actively Exploiting Zero-Day in Fortra’s GoAnywhere MFT

A zero-day vulnerability affecting Fortra’s GoAnywhere MFT managed file transfer application is being actively exploited...

04
Feb
Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered

Two new security weaknesses discovered in several electric vehicle (EV) charging systems could be exploited...

03
Feb
Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware

In a continuing sign that threat actors are adapting well to a post-macro world, it has...

03
Feb
Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations

The Iranian nation-state hacking group known as OilRig has continued to target government organizations in the Middle...

03
Feb
NIST Revises the Digital Signature Standard (DSS) and Publishes a Guideline for Elliptic Curve Domain Parameters
February 3, 2023

Today, NIST is publishing Federal Information Processing Standard (FIPS) 186-5, Digital Signature Standard (DSS) ,...

Spotlight: Understanding Human-Tech Interactions With Computer Scientist Shanée Dawkins
February 3, 2023

Meet Shanée Dawkins, a computer scientist whose expertise in the way people interact with technology...

NIST Revises the Digital Signature Standard (DSS) and Publishes a Guideline for Elliptic Curve Domain Parameters
February 3, 2023

Today, NIST is publishing Federal Information Processing Standard (FIPS) 186-5, Digital Signature Standard (DSS), along...

Spotlight: Understanding Human-Tech Interactions With Computer Scientist Shanée Dawkins
February 3, 2023

Meet Shanée Dawkins, a computer scientist whose expertise in the way people interact with technology...

The Pivot: How MSPs can Turn a Challenge Into a Once-in-a-Decade Opportunity

Cybersecurity is quickly becoming one of the most significant growth drivers for Managed Service Providers...

03
Feb
Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability

Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server...

03
Feb
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products

F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service...

03
Feb
CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its...

03
Feb
IOTW: Malicious actors gain access to GitHub source code
February 2, 2023

A hacker has cloned repositories associated with multiple GitHub-owned organizations...

New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

The State Cyber Protection Centre (SCPC) of Ukraine has called out the Russian state-sponsored threat...

02
Feb
Cybersecurity budgets are going up. So why aren’t breaches going down?

Over the past few years, cybersecurity has become a major concern for businesses around the...

02
Feb
North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

A new intelligence gathering campaign linked to the prolific North Korean state-sponsored Lazarus Group leveraged...

02
Feb
New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

At least 1,200 Redis database servers worldwide have been corralled into a botnet using an...

02
Feb
Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility

Cybersecurity researchers have disclosed details of two security flaws in the open source ImageMagick software that could...

01
Feb
JD Sports data breach affects 10 million customers
February 1, 2023

The breach was discovered after a malicious actor gained unauthorized access to the retailer’s network...

Experts Warn of ‘Ice Breaker’ Cyberattacks Targeting Gaming and Gambling Industry

A new attack campaign has targeted the gaming and gambling sectors since at least September...

01
Feb