08 Jun 2022

NSA, FBI warn hackers are using these flaws to target VPNs and network devices

The US has warned that hackers conducting illicit cyber activity on the behalf of China may be exploiting publicly disclosed flaws in network devices. This may be part of a broader effort to steal and manipulate network traffic, the NSA and FBI warn.  According to the agencies, there are at

Read More
07 Jun 2022

A Long-Awaited Defense Against Data Leaks May Have Just Arrived

After years of data breaches, leaks, and hacks leaving the world desperate for tools to stem the illicit flow of sensitive personal data, a key advance has appeared on the horizon. On Tuesday, MongoDB is announcing “Queryable Encryption,” a feature that will allow database users to search their data while it

Read More
07 Jun 2022

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

Threat actors are leveraging public exploits to utilize a critical zero-day remote code execution that affects all versions of a popular collaboration tools called Atlassian. Atlassian is used in cloud and hybrid server environments. The flaw reportedly allows for complete host takeover, making it a very serious threat. Researchers from

Read More
07 Jun 2022

State-Backed Hacker Believed to Be Behind Follina Attacks on EU and US

An unidentified state actor is reportedly perpetrating a phishing campaign that targets European and local US government entities by leveraging the Follina Office vulnerability. Security researchers at Proofpoint spotted the hacking attempts and addressed the issue via Twitter last Friday from its Threat Insight account. In the series of tweets,

Read More
07 Jun 2022

Critical Vulnerability Found in Motorola’s Unisoc Chips

Security researchers at cyber threat intelligence company Checkpoint Research have detected a critical vulnerability in the Motorola Unisoc Tiger Y700 chips. The smartphones impacted are the Motorola Moto G20, E30 and E40 smartphones. The components have been identified as threat vectors due to a stack overflow vulnerability. The components made

Read More
06 Jun 2022

Evil Corp Pivots LockBit to Dodge U.S. Sanctions

Evil Corp is reportedly distancing itself from its previous signature moves by shifting tactics and tools to prevent identification and continue its nefarious activity. Evil Corp has pivoted to the LockBit ransomware after US sanctions have made it extremely difficult for the group to benefit financially from its activity. Mandiant

Read More
06 Jun 2022

Russian Ministry Website Reportedly Hacked

Although little information has been clarified, it appears that Russia’s Ministry of Construction, Housing, and Utilities website has been hacked, leaving behind a site that reads “Glory to Ukraine” in Ukrainian. The ministry did acknowledge that the site was unavailable to users, however, it confirmed that no personal data was

Read More
06 Jun 2022

Gloucester Council IT Systems Still Not Fully Operational Six Months After Cyber-Attack

Gloucester City Council’s IT team has reported that its systems are still impacted from a cyberattack that occurred six months ago. The cyberattack was perpetrated by Russian actors and rendered the systems unoperational. Today, the systems are not operating at their full capacity due to lasting effects from the attack.

Read More
03 Jun 2022

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Krebs on Security recently released a post discussing Costa Rica’s involvement in the Conti ransomware group’s larger plans for the future. Last week, Costa Rica’s national health service was hacked by a Russian ransomware group referred to as Hive, just weeks after the country entered a state of emergency in

Read More
03 Jun 2022

Cybercriminals Expand Attack Radius and Ransomware Pain Points

In an interview with Melissa Bischoping, the security researcher with Tanium and Infosec Insiders columnist warns of the increasingly popular trend towards triple extortion ransomware attacks. The multi-faceted approach beyond ransomware and the primary victim is a significant concern for organizations and their members, says Bischoping. Secondhand victims such as

Read More