Collaborate Disseminate
The ‘ModifiedElephant’ threat actors are technically unimpressive, but they’ve evaded detection for a decade, hacking human rights advocates’ systems with dusty old keyloggers and off-the-shelf RATs.
Continue reading Cybercrooks Frame Targets by Planting Fabricated Digital Evidence
The Maze gang are purportedly never going back to ransomware and have destroyed all of their ransomware source code, said somebody claiming to be the developer. Continue reading Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares
SAP’s Patch Tuesday brought fixes for a trio of flaws in the ubiquitous ICM component in internet-exposed apps. One of them, with a risk score of 10, could allow attackers to hijack identities, steal data and more.
Continue reading SAP to Give Threat Briefing on Uber-Severe ‘ICMAD’ Bugs
Crane Hassold, former FBI analyst turned director of threat intel at Abnormal Security, shares stories from his covert work with cyberattackers. Continue reading Ex-Gumshoe Nabs Cybercrooks with FBI Tactics
This batch had zero critical CVEs, which is unheard of. Most (50) of the patches are labeled Important, so don’t delay to apply the patches, security experts said. Continue reading No Critical Bugs for Microsoft February 2022 Patch Tuesday, 1 Zero-Day
Feb. 18 is the deadline to patch a bug that affects all unpatched versions of Windows 10 and requires zero user interaction to exploit. Continue reading CISA Orders Federal Agencies to Fix Actively Exploited Windows Bug
The now-patched flaw that led to the ForcedEntry exploit of iPhones was exploited by both NSO Group and a different, newly detailed surveillance vendor.
Continue reading QuaDream, 2nd Israeli Spyware Firm, Weaponizes iPhone Bug
And customers including Tesla, PepsiCo and NYC transit workers are filing lawsuits over the “real pain in the rear end” of manual inputting, inaccurate wages & more. Continue reading Kronos Still Dragging Itself Back From Ransomware Hell
The popular bridge, which connects Ethereum, Solana blockchain & more, was shelled out by it’s-not-saying. Wormhole is trying to negotiate with the attacker. Continue reading Wormhole Crypto Platform: ‘Funds Are Safe’ After $314M Heist
The warning follows a Citizen Lab report that found the official, mandatory app has an encryption flaw that “can be trivially sidestepped.” Besides burners, here are more tips on staying cyber-safe at the Games. Continue reading FBI: Use a Burner Phone at the Olympics