Collaborate Disseminate
Security researchers have found evidence that a cyberespionage group has somehow compromised secure USB drives used by government agencies in South Korea, which might have allowed them to target air-gapped systems. “Weaponizing a secure USB driv… Continue reading Spy Group Targeted Air-Gapped Systems via Compromised Secure USB Drives
Cisco Systems patched another series of critical flaws this week, this time in its FXOS and NX-OS operating systems, which are used by switches, firewalls, security appliances and unified computing systems. The Cisco Firepower eXtensible Operating Sys… Continue reading Cisco Patches Critical Flaws in Switch and Firewall OS
Over the past year, a known cyberespionage group from China has been targeting satellite communications companies, telecom operators and defense firms from the United States and Southeast Asia. The group, tracked as Thrip by researchers from Symantec,… Continue reading China Cyberespionage Group Hacks Satellite, Telecom and Defense Firms
Olympic Destroyer, the threat actor that targeted the 2018 Winter Olympics in Pyeongchang, South Korea, has launched new attacks against organizations from Russia, Ukraine and several other European countries. To sabotage the 2018 Winter Olympics comp… Continue reading Olympic Destroyer Moves from Pyeongchang to Europe and Russia
Axis Communications, one of the largest manufacturers of video surveillance equipment in the world, has fixed critical security flaws that affect some 390 of its network camera models. The vulnerabilities were found by researchers from IoT security fi… Continue reading Security Flaws Allow Attackers to Hijack 400 Axis Camera Models
Cybercriminals have a new Android malware program in their toolbox called MysteryBot that can serve multiple purposes: banking Trojan, keylogger and ransomware. The Trojan was identified by researchers from threat intelligence firm ThreatFabric and se… Continue reading Multipurpose Trojan MysteryBot Targets Android Devices
As predicted by security researchers, the Meltdown and Spectre vulnerabilities announced this year were just the tip of the iceberg when it comes to security issues related to the speculative execution feature of modern CPUs. In coordination with oper… Continue reading Intel Faces Yet Another Speculative Execution Flaw in Its CPUs
Microsoft has fixed 50 vulnerabilities in its products during this month’s Patch Tuesday, 11 of which are rated critical. The company has also released mitigation for the new Spectre variant announced last month, known as Spectre Variant 4 or Sp… Continue reading Microsoft Fixes 11 Critical Flaws, Readies Patches for Spectre Variant 4
Unauthorized cryptocurrency mining has been one of the major malware trends this year, with attackers managing to mine more than 5 percent of Monero coins currently in circulation using abused devices. Researchers from Palo Alto Networks have analyzed… Continue reading Study: More than 5 Percent of Monero Cryptocurrency was Mined by Malware
Cisco Systems has released a new set of patches this week for a variety of products, including updates for IOS XE and Prime Collaboration Provisioning that fix two critical vulnerabilities. The Cisco IOS XE Software, the company’s operating syst… Continue reading Cisco Patches Critical Flaws in IOS XE and Prime Collaboration Provisioning