China’s Cyberspies Targeting Southeast Asian Government Entities
By: Ravie Lakshmanan
A sweeping and "highly active campaign" that originally set its sights on Myanmar has broadened its focus to strike a number of targets located in the Philippines,...
Safari Zero-Day Used in Malicious LinkedIn Campaign
Researchers shed light on how attackers exploited Apple web browser vulnerabilities to target government officials in Western Europe.
Threat actors used a Safari zero-day flaw to send malicious links...
Fake Zoom App Dropped by New APT ‘LuminousMoth’
First comes spear-phishing, next download of malicious DLLs that spread to removable USBs, dropping Cobalt Strike Beacon, and then, sometimes, a fake Zoom app.
Researchers have spotted a...
Chinese Hackers Exploited Latest SolarWinds 0-Day in Targeted Attacks
By: Ravie Lakshmanan
Microsoft on Tuesday disclosed that the latest string of attacks targeting SolarWinds Serv-U managed file transfer service with a now-patched remote code execution (RCE) exploit is the...
REvil Ransomware Gang Mysteriously Disappears After High-Profile Attacks
By: Ravie Lakshmanan
REvil, the infamous ransomware cartel behind some of the biggest cyberattacks targeting JBS and Kaseya, has mysteriously disappeared from the dark web, leading to speculations that the...
A New Critical SolarWinds Zero-Day Vulnerability Under Active Attack
By: Ravie Lakshmanan
SolarWinds, the Texas-based company that became the epicenter of a massive supply chain attack late last year, has issued patches to contain a remote code execution flaw...
Threat actors scrape 600 million LinkedIn profiles and are selling the data online –...
For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Once again, an archive of data...
