Security researchers at Sygnia reported observing attacks originating from a sophisticated threat actor that bore resemblance to the hallmarks of an Australian campaign that targeted high-profile public and private entities. According to the researchers, the campaign targeting Australia last year seems to have shifted its focus to the US. The

The US’s Cybersecurity and Infrastructure Security Agency (CISA), Australia’s Cyber Security Centre (ACSC), and the UK’s National Cyber Security Centre (NCSC), and the US FBI recently released an advisory detailing the top 30 most exploited vulnerabilities dating back to 2017. After seven months of 2021, the agencies found that CVE-2017-11882,

RAMP, the underground forum started and hosted by the Babuk ransomware group, has been targeted by a comment spammer. The comment spammer flooded the ransomware gang’s new forum with explicit videos and GIFs, demanding $5k in bitcoin to make the intrusions stop. Babuk ransomware has been attempting to rebrand itself

Microsoft rushed to release mitigations for a new exploit that forces remote Windows systems to reveal password hashes that can easily be cracked by malicious actors. The flaw lies in the Windows NT LAN Manager, according to the company, and has been dubbed PetitPotam. Microsoft has released an advisory that

Apple released a fix for a previously undisclosed flaw that appears to have been actively exploited. The patch pertains to iPad iOS 14.7.1 and iOS 14.7.1. The company also released macOS Big Sur 11.5.1 to address the same issue, however, this one lies in a common Apple kernel extension called

Reports have emerged that Kaseya has obtained a master decryptor key to mitigate the effects of a REvil ransomware attack that disrupted and locked up the systems of at least 60 of its customers. It is unclear if the ransom demand was paid to access the decryption key. Kaseya stated

According to Japanese security company Mitsui Bussan Secure Directions, Olympics-themed malware is targeting Japanese PCs across the country. The malware was discovered on July 21, just days before the opening ceremony, and is designed to wipe files from target systems. Although the malware does not delete everything, it searches for

According to experts at Kaspersky, Olympic-related phishing attacks have popped up in several different forms, including through fake pages offering streaming services, tickets to events that don’t allow spectators, and fake Olympic Games virtual currency. Kaspersky researchers stated that it’s common for cybercriminals to take advantage of popular sports events

On Wednesday, Atlassian, software development and collaboration solutions provider, informed its customers that it had effectively patched a serious vulnerability regarding critical code execution that was plaguing some of its Jira products. Atlassian stated that the bugs were discovered by one of its security researchers, who found that the Jira

The FBI has released a statement regarding the Tokyo Olympics, claiming that they are prepared to intercept attempts from threat actors to hijack video feeds or cause other disruptions to the event. The Olympics have already been targeted by threat actors, however, the Federal Bureau of Investigation’s Cyber Division recently