18 May 2020

Microsoft Confirms Serious New Security Problem For Windows 10 Users

Microsoft has confirmed a newly reported security vulnerability called “Thunderspy” that lies within a vulnerability in its THunderbolt ports. The vulnerability enables an attacker with physical PC access to adjust or change the port’s controller firmware, effectively disabling its security and presenting huge risks for the victim. Last week, consumers

Read More
18 May 2020

RATicate Group Hits Industrial Firms With Revolving Payloads

According to researchers, a new threat group called RATicate is targeting industrial companies with revolving payloads and is behind several malspam attacks against companies such as LokiBot, Agent Tesla, Netwire, FormBook, and BetaBot. Researchers have attributed at least six separate campaigns to the group, with the first starting in November

Read More
18 May 2020

FBI warns of ProLock ransomware decryptor not working properly

The FBI has issued an alert warning the public that the ProLock ransomware decryptor does not work to secure data in the event of a ransomware attack. Earlier this month, the FBI released a flash alert informing organizations of the new threat actor, stating that it targets US healthcare, government,

Read More
15 May 2020

Developments in cyber espionage tool looks to exfil from air-gapped networks

The cyber espionage framework looks to collect and exfiltrate information, even from air-gapped networks according to research by cybersecurity firm ESET.  The framework, which has been in development since 2019, has been dubbed Ramsay and exploits several vulnerabilities and includes capabilities that appear to still be in development and could

Read More
15 May 2020

Inventory of hacked servers for sale on cybercrime forum exceeds 43,000

Recent cyber intelligence reporting has revealed that the MagBo portal, which sells cyberattackers access to previously compromised servers, is now listing an inventory of 43,000 hacked servers.  The portal provides access to hacked servers, with some belonging to local and state government, hospitals, and financial organizations and has firmly established

Read More
15 May 2020

Law firm hackers double ransom and claim to have material on President Trump

The cybercrime group REvil has doubled the extortion ransom against compromised law firm Grubman, Shire, Meiselas and Sacks.  The law firm represents clients such as Lady Gaga, Drake, Elton John, Madonna, Robert De Niro, LeBron James, The Weeknd, and Priyanka Chopra. Despite the fact that President Trump was not a

Read More
15 May 2020

Cisco and Palo Alto Networks appliances impacted by Kerberos authentication bypass

A high risk authentication bypass vulnerability was found to impact a wide variety of Cisco and Palo Alto Networks devices.  The issue was the result of an error in the implementation of the Kerberos protocol that could allow an attacker to get administrative control over the devices and execute a

Read More
15 May 2020

Critical Flaws Found in Cyberoam Security Devices

Trusted cybersecurity company, Cyberoam, released their firewall and VPN technology with critical flaws. These Flaws went unnoticed by Cyberoam, but were recently discovered by researchers at vpnMentor. Cyberoam’s 65,000 users are concerned as they rely on Cyberoam to protect the intellectual property of their global corporations. A countless number of

Read More
15 May 2020

New Microsoft 365 Sign-in Pages Already Spoofed for Phishing

Microsoft’s newly updated sign-in pages have already been succumbed to phishing campaigns by attackers. The new sign-in page update was created in an attempt to lower the bandwidth requirements of the pre-existing Azure AD sign-in pages. Additionally, it allowed Microsoft users to more easily determine if they were the potential

Read More
14 May 2020

Scammers steal $10 million from Norway’s state investment fund

Norfund, Norway’s state investment fund, has reportedly been the victim of a cyberattack in which cybercriminals stole $10 million from the organization. The fraudsters were able to launch the attack through running business email compromise scams, eventually obtaining access to the email system. This allowed the attackers to monitor communication

Read More