28 Jul 2021

Praying Mantis Threat Group Targeting US Firms in Sophisticated Attacks

Security researchers at Sygnia reported observing attacks originating from a sophisticated threat actor that bore resemblance to the hallmarks of an Australian campaign that targeted high-profile public and private entities. According to the researchers, the campaign targeting Australia last year seems to have shifted its focus to the US. The

Read More
28 Jul 2021

Get patching: US, UK, and Australia issue joint advisory on top 30 exploited vulnerabilities

The US’s Cybersecurity and Infrastructure Security Agency (CISA), Australia’s Cyber Security Centre (ACSC), and the UK’s National Cyber Security Centre (NCSC), and the US FBI recently released an advisory detailing the top 30 most exploited vulnerabilities dating back to 2017. After seven months of 2021, the agencies found that CVE-2017-11882,

Read More
27 Jul 2021

Babuk Ransomware Gang Ransomed, New Forum Stuffed With Explicit Videos

RAMP, the underground forum started and hosted by the Babuk ransomware group, has been targeted by a comment spammer. The comment spammer flooded the ransomware gang’s new forum with explicit videos and GIFs, demanding $5k in bitcoin to make the intrusions stop. Babuk ransomware has been attempting to rebrand itself

Read More
27 Jul 2021

Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

Microsoft rushed to release mitigations for a new exploit that forces remote Windows systems to reveal password hashes that can easily be cracked by malicious actors. The flaw lies in the Windows NT LAN Manager, according to the company, and has been dubbed PetitPotam. Microsoft has released an advisory that

Read More
27 Jul 2021

Time to update your iPhone as Apple fixes ‘actively exploited’ zero day flaw

Apple released a fix for a previously undisclosed flaw that appears to have been actively exploited. The patch pertains to iPad iOS 14.7.1 and iOS 14.7.1. The company also released macOS Big Sur 11.5.1 to address the same issue, however, this one lies in a common Apple kernel extension called

Read More
26 Jul 2021

Kaseya Obtains Universal Decryptor for REvil Ransomware

Reports have emerged that Kaseya has obtained a master decryptor key to mitigate the effects of a REvil ransomware attack that disrupted and locked up the systems of at least 60 of its customers. It is unclear if the ransom demand was paid to access the decryption key. Kaseya stated

Read More
26 Jul 2021

Malware Infects Japanese Devices Ahead of Olympic Games

According to Japanese security company Mitsui Bussan Secure Directions, Olympics-themed malware is targeting Japanese PCs across the country. The malware was discovered on July 21, just days before the opening ceremony, and is designed to wipe files from target systems. Although the malware does not delete everything, it searches for

Read More
26 Jul 2021

Scammers offer streaming services, giveaways and a fake cyber currency to cash in on the Olympic Games

According to experts at Kaspersky, Olympic-related phishing attacks have popped up in several different forms, including through fake pages offering streaming services, tickets to events that don’t allow spectators, and fake Olympic Games virtual currency. Kaspersky researchers stated that it’s common for cybercriminals to take advantage of popular sports events

Read More
23 Jul 2021

Atlassian Patches Critical Vulnerability in Jira Data Center Products

On Wednesday, Atlassian, software development and collaboration solutions provider, informed its customers that it had effectively patched a serious vulnerability regarding critical code execution that was plaguing some of its Jira products. Atlassian stated that the bugs were discovered by one of its security researchers, who found that the Jira

Read More
23 Jul 2021

FBI Warns Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics

The FBI has released a statement regarding the Tokyo Olympics, claiming that they are prepared to intercept attempts from threat actors to hijack video feeds or cause other disruptions to the event. The Olympics have already been targeted by threat actors, however, the Federal Bureau of Investigation’s Cyber Division recently

Read More