Inside the Ransomware Campaigns Targeting Exchange Servers
Security experts discuss the ransomware campaigns taking aim at Microsoft Exchange Server vulnerabilities patched last month.As organizations around the world scrambled to patch critical Microsoft Exchange Server flaws patched...
Data from 553 Million Facebook Accounts Leaked Online
Personal information belonging to more than 533 million Facebook users was found available on a cybercrime forum.The personal details of more than 533 million Facebook account holders from 106...
Kaspersky Uncovers New APAC Cyberespionage Campaign
A group related to Chinese-speaking threat group Cycldek is targeting government and military organizations in Vietnam. Kaspersky researchers have uncovered an advanced cyberespionage campaign targeting government and military organizations...
LinkedIn Phishing Ramps Up With More-Targeted Attacks
Seeking to take advantage of out-of-work users, malware groups continue to use LinkedIn and business services to offer fictional jobs and deliver infections instead.Phishing attacks are targeting out-of-work users...
Ryuk’s Rampage Has Lessons for the Enterprise
The Ryuk ransomware epidemic is no accident. The cybercriminals responsible for its spread have systematically exploited weaknesses in enterprise defenses that must be addressed.The Ryuk ransomware gang is hiring...
Crime Service Gives Firms Another Reason to Purge Macros
Recent Trickbot campaigns and at least three common banking Trojans all attempt to infect systems using malicious macros in Microsoft Office documents created using EtterSilent.A crime service gives attackers...
Microsoft Teams, Exchange Server, Windows 10 Hacked in Pwn2Own 2021
The 2021 Pwn2Own is among the largest in its history, with 23 separate entries targeting 10 products.Pwn2Own 2021 kicked off this week with successful attempts against Apple's Safari browser...
Cartoon Caption Winner: Something Seems Afoul
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2021-29221PUBLISHED: 2021-04-09
A local privilege escalation vulnerability was discovered in Erlang/OTP prior to version 23.2.3. By adding files to an existing installation's directory, a local...
Attackers Actively Seeking, Exploiting Vulnerable SAP Applications
Analysis of threat activity in mission-critical environments prompts CISA advisory urging SAP customers to apply necessary security patches and updates.Threat actors are actively exploiting unpatched vulnerabilities in SAP applications,...
Voice-Changing Software Found on APT Attackers’ Server
Security researchers believe the presence of Morph Vox Pro could indicate APT-C-23 has new plans for their phishing campaigns.The discovery of voice-changing software on the server of APT-C-23 could...
