Collaborate Disseminate
As many as 85 command-and-control (C2) servers have been discovered supported by the ShadowPad malware since September 2021, with infrastructure detected as recently as October 16, 2022.
That’s according to VMware’s Threat Analysis Unit (TAU), which s… Continue reading Researchers Expose Over 80 ShadowPad Malware C2 Servers
A now-patched security flaw in Apple’s iOS and macOS operating systems could have potentially enabled apps with Bluetooth access to eavesdrop on conversations with Siri.
Apple said “an app may be able to record audio using a pair of connected AirPods,… Continue reading Apple iOS and macOS Flaw Could’ve Let Apps Eavesdrop on Your Conversations with Siri
Australian health insurance firm Medibank on Wednesday disclosed that the personal information of all of its customers had been unauthorizedly accessed following a recent ransomware attack.
In an update to its ongoing investigation into the incident, … Continue reading Australian Health Insurer Medibank Suffers Breach Exposing 3.9 Million Customers’ Data
A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency.
Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, wi… Continue reading New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances
A 26-year-old Ukrainian national has been charged in the U.S. for his alleged role in the Raccoon Stealer malware-as-a-service (MaaS) operation.
Mark Sokolovsky, who was arrested by Dutch law enforcement after leaving Ukraine on March 4, 2022, in what… Continue reading U.S. Charges Ukrainian Hacker Over Role in Raccoon Stealer Malware Service
The North Korean espionage-focused actor known as Kimsuky has been observed using three different Android malware strains to target users located in its southern counterpart.
That’s according to findings from South Korean cybersecurity company S2W, wh… Continue reading Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans
The threat actor behind a remote access trojan called RomCom RAT has been observed targeting Ukrainian military institutions as part of a new spear-phishing campaign that commenced on October 21, 2022.
The development marks a shift in the attacker’s … Continue reading Unknown Actors are Deploying RomCom RAT to Target Ukrainian Military
A cybercrime group known as Vice Society has been linked to multiple ransomware strains in its malicious campaigns aimed at the education, government, and retail sectors.
The Microsoft Security Threat Intelligence team, which is tracking the threat cl… Continue reading Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector
Cisco has warned of active exploitation attempts targeting a pair of two-year-old security flaws in the Cisco AnyConnect Secure Mobility Client for Windows.
Tracked as CVE-2020-3153 (CVSS score: 6.5) and CVE-2020-3433 (CVSS score: 7.8), the vulnerabil… Continue reading Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
VMware on Tuesday shipped security updates to address a critical security flaw in its VMware Cloud Foundation product.
Tracked as CVE-2021-39144, the issue has been rated 9.8 out of 10 on the CVSS vulnerability scoring system, and relates to a remote … Continue reading VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform