10 Nov 2021

New Android Spyware Poses Pegasus-Like Threat

Researchers have uncovered new Android spyware that boasts similar capabilities to the controversial NSO Group’s Pegasus spyware. The software, called PhoneSpy, is a mobile surveillance tool that has already stolen data and tracked the activity of targets in South Korea. The spyware is disguising itself as legitimate lifestyle apps. PhoneSpy

Read More
09 Nov 2021

Chinese hackers are targeting Zoho ManageEngine software

Microsoft has issued an alert regarding the exploitation of systems running Zoho ManageEngine ADSeflService Plus. Microsoft Threat Intelligence Center (MSTIC) has detected exploits originating from a sophisticated Chinese hacker group. Microsoft stated that the group is targeting an obscure bug in the Zoho software to install a web shell. The

Read More
09 Nov 2021

Fears of violence escalate on Poland-Belarus border as thousands of migrants set up camp

Thousands of migrants have erected makeshift camps in freezing conditions near the border between Poland and Belarus. Concerns over the potential for violence intensified Tuesday as Poland has accused Belarusian leader Alexander Lukashenko of attempting to orchestrate a crisis on the eastern frontier by funneling migrants to the border. Poland

Read More
09 Nov 2021

Iranian hackers targeting telecoms, ISPs

Researchers have investigated the activities of an Iranian threat group called Lyceum and found that the group is focused on infiltrating the networks of telecoms companies and internet service providers (ISPs). Lyceum is also referred to as Hexane, Spirlin, and Siamesekitten and has been active since 2017. The group has

Read More
09 Nov 2021

Proofpoint Phish Harvests Microsoft O365, Google Logins

A new campaign impersonating Proofpoint has successfully avoided Microsoft email security. The campaign consists of phishers attempting to fool targets into believing the email comes from Proofpoint, a well-known cybersecurity company, in an attempt to steal Microsoft Office 365 and Google email credentials. According to researchers at Armorblox, one such

Read More
08 Nov 2021

Feds Offer $10 Million Bounty for DarkSide Info

The US State Department has ramped up its search for ransomware perpetrators connected with the DarkSide threat group by offering a massive $10 million bounty for information leading to the location or arrest of the leaders of the cybercrime group. The federal government has been seeking to take down the

Read More
08 Nov 2021

Cloudflare report highlights devastating DDoS attacks on VoIP services and several ‘record-setting HTTP attacks’

This week, Cloudflare released its Q3 DDoS Attack Trends report. The company found that Q3 witnessed a record-setting number of devastating attacks on VoIP services. Researchers stated that the quarter also included several HTTP DDoS attacks, terabit-strong network-layer attacks, and one of the largest botnets ever deployed. The VoIP attack

Read More
08 Nov 2021

Cybersecurity firms provide threat intel for Clop ransomware group arrests

In June, six subjects were arrested by Ukrainian police forces during 20 different raids across Kyiv that consisted of seizing computers, technology, cars, and roughly $185,000 in cash. The Ukrainian police worked with law enforcement in South Korea on the raid, which is known as Operation Cyclone. Interpol allegedly managed

Read More
05 Nov 2021

US Blacklists Pegasus Spyware Maker

The US has blacklisted NSO Group, the company behind the harmful and invasive Pegasus spyware. Pegasus has been linked to cyberattacks against dissents, activists, and NGOs. The notorious, military-grade software has been banned in the US and NSO Group has been added to the US Commerce Department’s “Entity List” on

Read More
05 Nov 2021

Critical Linux Kernel Bug Allows Remote Takeover

A new critical Linux bug that allows remote takeover has been discovered by security researchers. The bug, tracked as CVE-2021-43267, exists in a TIPC message that allows Linux nodes to send cryptographic keys back and forth between devices. The vulnerability is known as a critical heap-overflow security bug in the

Read More