Vulnerabilities

iOS Kids Game Morphs into Underground Crypto Casino

A malicious ‘Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with...

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

Widely deployed platforms from Citrix, Fortinet, Pulse Secure, Synacor and VMware are all in the crosshairs of APT29, bent on stealing credentials and...

Mandiant Front Lines: How to Tackle Exchange Exploits

Matt Bromiley, senior principal consultant with Mandiant, offers checklists for how small- and medium-sized businesses (SMBs) can identify and clear ProxyLogon Microsoft Exchange...

Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period

The zero-day flaw research group has revised its disclosure of the technical details of vulnerabilities in the hopes of speeding up the release...

Biden Races to Shore Up Power Grid Against Hacks

A 100-day race to boost cybersecurity will rely on incentives rather than regulation, the White House said. Source link

Gafgyt Botnet Lifts DDoS Tricks from Mirai

The IoT-targeted malware has also added new exploits for initial compromise, for Huawei, Realtek and Dasan GPON devices. Source link

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Threat actors targeted compromised Exchange servers to host malicious Monero cryptominer in an “unusual attack,” Sophos researchers discovered. Source link

Security Bug Allows Attackers to Brick Kubernetes Clusters

The vulnerability is triggered when a cloud container pulls a malicious image from a registry. Source link

Ransomware Attack Creates Cheese Shortages in Netherlands

Not a Gouda situation: An attack on a logistics firm is suspected to be related to Microsoft Exchange server flaw. Source link

Latest articles

What to consider when shopping for cyber insurance

Cyber insurance is gaining favor in the business world. An expert offers tips on how...

BazarLoader Malware Abuses Slack, BaseCamp Clouds

Two cyberattack campaigns are making the rounds using unique social-engineering techniques. Source link

Update to REvil ransomware changes Windows passwords to automate file encryption via Safe Mode

The ransomware changes the device password to "DTrump4ever" and forces the device to log in...

iOS Kids Game Morphs into Underground Crypto Casino

A malicious ‘Jungle Run’ app tricked security protections to make it into the Apple App Store, scamming users out of money with...