Collaborate Disseminate
A threat actor is promoting on underground criminal forums a vendor-independent UEFI rootkit that can disable security software and controls, cybersecurity veteran Scott Scheferman warns.
read more Continue reading New ‘Black Lotus’ UEFI Rootkit Provides APT-Level Capabilities
Cisco’s Talos security researchers warn of a newly identified attack framework and its associated remote access trojan (RAT) targeting Windows, Linux, and macOS systems.
read more Continue reading New ‘Alchimist’ Attack Framework Targets Windows, Linux, macOS
ESET has published an analysis of the seven backdoors that Lebanese advanced persistent threat (APT) actor Polonium has been using since September 2021 in attacks targeting Israeli organizations.
read more Continue reading Seven ‘Creepy’ Backdoors Used by Lebanese Cyberspy Group in Israel Attacks
A China-linked cyberespionage group was recently observed targeting a state legislature in the United States, Symantec warns.
read more Continue reading Chinese Cyberspies Targeting US State Legislature
More than 800 corporate users have been infected in a new QBot malware distribution campaign since September 28, Kaspersky warns.
read more Continue reading QBot Malware Infects Over 800 Corporate Users in New, Ongoing Campaign
Microsoft on Tuesday released software fixes to address more than 90 security defects affecting products in the Windows ecosystem and warned that one of the vulnerabilities was already being exploited as zero-day in the wild.
read more Continue reading Microsoft Warns of New Zero-Day; No Fix Yet For Exploited Exchange Server Flaws
Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs to take complete control of vulnerable machines.
read more Continue reading Patch Tuesday: Critical Flaws in ColdFusion, Adobe Commerce
It’s officially a venture capital funding frenzy in the software supply chain security space.
read more Continue reading Endor Labs Joins Race to Secure Software Supply Chain
The BlackByte ransomware has been observed targeting a vulnerability in a legitimate driver to disable endpoint detection and response (EDR) solutions running on the victim machine.
read more Continue reading BlackByte Ransomware Abuses Legitimate Driver to Disable Security Protections
Security researchers with threat hunting firm DCSO CyTec are warning of a new backdoor that has been targeting Microsoft SQL (MSSQL) servers.
read more Continue reading New ‘Maggie’ Backdoor Targeting Microsoft SQL Servers