Blog Series
security
Critical flaw found in Aptos...
Researchers from Singapore-based Numen Cyber Labs have discovered and shared details on a vulnerability in the Move virtual machine responsible for powering the Aptos blockchain network. Aptos, one of the...
Venus ransomware target publicly-exposed Remote...
A relatively new ransomware operation, identified as Venus is hacking into publicly exposed Remote Desktop services to encrypt Windows devices. According to researchers, Venus ransomware started operating in mid or...
Hackers compromise nearly 900 servers...
Hackers are exploiting a vulnerability tracked as CVE-2022-41352 in the Zimbra Collaboration Suite (ZCS). Already, threat actors were able to hack into almost 900 servers. The proof-of-concept (PoC) of the...
Attackers impersonate Zoom to steal...
A malicious campaign uncovered by security firm Armorblox shows that attackers manipulate Zoom to compromise Microsoft user data. In one of the incidents analyzed, more than 21,000 users of a...
New auth bypass bug targets...
A Fortinet vulnerability in FortiGate firewalls and FortiProxy web proxies could allow a threat actor to perform unauthorized actions on vulnerable devices. The bug, a critical bug traced as CVE-2022-40684,...
U.S. military contractor’s enterprise network...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the NSA have issued a joint report describing an intrusion into the network of a U.S. military contractor that...
Lazarus hackers exploit Dell driver...
ESET researchers have uncovered the malicious activities of Lazarus, a North Korean hacking group that exploits a Dell hardware driver flaw for Bring Your Own Vulnerable Driver attacks. In order...
LofyGang distributes 199 trojanized NPM...
The software security company Checkmarx has uncovered the malicious activities of the threat actor LofyGang, which distributes trojanized and typosquatted packages on the NPM open source repository. Security researchers discovered...
Chaos malware targets multiple...
According to researchers from Lumen-based Black Lotus Lab, a new Chaos malware is targeting multiple architectures to spread DDoS, cryptocurrency miners, and install backdoors. The malware is written in Go...
Hackers compromise GitHub accounts with...
GitHub warns that cyber attackers are compromising user accounts through a sophisticated phishing campaign. The malicious messages notify users that their CircleCI session has expired and that it is imperative...
New ransomware tool uses unique...
Threat actors are now updating the data exfiltration tool Exmatter with a unique data corruption feature, which attackers could switch to perform ransomware attacks in the future. The new unique...