15 Aug 2022

Critical Infrastructure at Risk as Thousands of VNC Instances Exposed

Security researchers have warned that several global organizations are vulnerable to remote compromise due to exposed Virtual Network Computing (VNC) instances. Security researchers at Cyble reported that more than 8,000 VNC instances are vulnerable to attack. The majority of the instances are managed by critical infrastructure organizations located across the

Read More
12 Aug 2022

Starlink Successfully Hacked Using $25 Modchip

Earlier this week at the Black Hat security conference, Belgian researcher Lennert Wouters revealed how he can mount a successful fault injection attack on a terminal for SpaceX’s satellite-based internet system. The successful hack was conducted using a homemade circuit board that Wouters claims cost roughly $25 to develop. The

Read More
12 Aug 2022

Recovery From NHS Ransomware Attack May Take a Month

Last week, a key NHS IT partner suffered from a ransomware attack that could take up to a month to recover from. The company, Advanced, operates several key systems for the health service. This includes clinical patient management and financial software. One of Advanced’s key healthcare clients is NHS 111,

Read More
11 Aug 2022

Cisco Confirms Network Breach Via Hacked Employee Google Account

Cisco Systems has confirmed that it suffered from a network breach after attackers were able to gain access to an employee’s VPN client via a compromised Google account. The network giant released a statement on Wednesday addressing the security incident. The attack occurred in May and was perpetrated by the

Read More
11 Aug 2022

DeathStalker’s VileRAT Continues to Target Foreign and Crypto Exchanges

Threat actor DeathStalker is actively targeting cryptocurrency exchanges located around the world with the VileRAT malware, according to Kaspersky researchers. The researchers published an advisory just days ago in which the campaign is detailed. The campaign reportedly began in September 2020 but revamped its efforts in June 2022, leveraging the

Read More
11 Aug 2022

Suspected $3m Romance Scammer Extradited to Japan

Interpol has reportedly launched a new awareness campaign in which they warn the public of the dangers of romance scams after arresting 15 individuals suspected of being involved in a major romance scam conspiracy. Interpol will launch a two-week global campaign in which is plans to highlight the role of

Read More
10 Aug 2022

Report Provides Updates on July’s Maui Ransomware Incident

Cybersecurity researchers at Kaspersky have published a new advisory that reveals technical details and additional findings regarding a ransomware incident that was address by the Cybersecurity and Infrastructure Security Agency in July. The attack leveraged the Maui ransomware and was first identified by the CISA in May 2021. However, the

Read More
10 Aug 2022

Microsoft Patches ‘Dogwalk’ Zero-Day and 17 Critical Flaws

Microsoft has patched a zero-day vulnerability that is reportedly over two weeks old. The vulnerability has been dubbed Dogwalk and is actively being exploited in the wild. Alongside Dogwalk, the August Patch Tuesday released by Microsoft this week addresses 121 CVEs total, including 17 critical bugs. Dogwalk is tied to

Read More
10 Aug 2022

Virtual Currency Platform ‘Tornado Cash’ Accused of Aiding APTs

The U.S. Treasury has reportedly issued sanctions on Tornado Cash, a virtual currency mixer, for laundering more than $7 billion in cryptocurrency derived from criminal activity. According to US officials, at least $455 million of that figure was move for the Lazarus Group, which is known to be sponsored by

Read More
09 Aug 2022

Phishers Swim Around 2FA in Coinbase Account Heists

Threat actors are evading two-factor authentication and deploying other clever strategies in a recently observed phishing campaign targeting Coinbase users. Security researchers have found that attackers are spoofing the cryptocurrency exchange Coinbase to trick users into logging in. After the login, the attackers record the password and username and eventually

Read More