83 vulnerabilities have been patched on Microsoft’s first Patch Tuesday of 2021. The patches addressed 10 major flaws, including a zero-day remote code execution bug in Microsoft Defender. 73 of the fixes are classified important and one is publicly known. The fixes addressed Microsoft Windows, the Edge search browser, ChakraCore,
A cyberattack targeting the European Union’s medical agency has resulted in stolen information about the COVID-19 vaccines. The stolen information has been leaked. The attack was against the European Medicines Agency last month and information about coronavirus medicines was gained. The documents containing the data about coronavirus medicines, including the
Turla cyberspies were linked to the SolarWinds breach due to similarities in the malware used in the attack and Kazuar, a backdoor used. The hackers are believed to be based in Russia and targeted the SolarWinds company in a sophisticated attempt to breach the system of hundreds of high-profile organizations.
SocialArks exposed 318 million records from Facebook, Instagram, and LinkedIn in a misconfig of the cloud. Details for social-media influencers and celebrities from the U.S were among the public and personal profile data exposed. An ElasticSearch database owned by a Chinese social-media company, SocialArks, was misconfigured leading to the leak.
Three Remote Access Trojans (RATs) are being used to commit a wave of attacks on companies in Columbia. These attacks result in the stealing of confidential information and the campaign has been named Operation Spalax. ESET discovered the campaign on Tuesday that is targeting government and private entities, specifically with
The High Court in the UK ruled against the intelligence agencies’ use of bulk hacking for domestic targets. Edward Snowden revealed the use of hacking to target large numbers of users simultaneously in 2014. In 2016, the Non-profit Privacy International challenged the practice in a secretive court for cases involving
Andrei Tyurin was sentenced to 12 years in prison after his role in a global hacking campaign. The campaign accessed personal information for more than 80 million JP Morgan Chase customers. This breach was the largest-ever of a financial institution in the United States. From 2012 to 2015, Tyurin hacked
Equifax has agreed to set aside a minimum of $380.5 million for breach compensation and promises to spend another $1 billion on elevating its information security over the next five years. Customers affected by the breach, almost 147 million US consumers, have one week from today to file a claim.
TrickBot is evolving to avoid detection by adding a new backdoor to its arsenal. Russian cybercriminals behind the malware have developed “PowerTrick” to infiltrate high-value targets and give TrickBot new capabilities. SentinelLabs stated that PowerTrick was released on Thursday and is designed to execute commands and return results in Base64
Google has removed 1,700 applications compromised by the Joker Android malware from its Google Play Store to protect consumers from the harmful software. The infected applications have been detected and removed since 2017 when the company began tracking the uploads. CSIS Security Group researchers found 24 apps with over 400,000