Threat Actors Weaponize Telegram Bots to Compromise PayPal Accounts

A campaign is stealing one-time password tokens to gain access to PayPal, Apple Pay and Google Pay, among others. Cybercriminals are using Telegram bots to steal one-time password tokens (OTPs)…

Windows Boot Manager Hijacked by FinFisher Malware

The FinFisher surveillance solution was developed by the Gamma Group but it also comes with malware-like capabilities often found in spyware strains. Its creator claims it is only offered to government…

A Working Exploit for the CVE-2021-22005 Flaw in VMware vCenter Was Publicly Released

A working exploit for the Remote Code Execution (RCE) vulnerability in VMware vCenter tracked as CVE-2021-22005 has been publicly released. According to security experts, the bug is already exploited by…

Pingback malware: How it works and how to prevent it

A new malware called pingback that uses ICMP for communicating with its C2 server was discovered by researchers recently. In this article, we will understand how this malware can bypass…

Bitdefender Threat Debrief | August 2021

The Bitdefender Threat Debrief (BDTD) is a monthly series analyzing ransomware news, trends, and research from the previous month. Read the debut issue (July 2021) here. Highlight of the month:…

Illegitimate Call Centers Defrauding Foreign Cryptocurrency Investors Were Taken Down by SSU

Security Service of Ukraine (SSU) experts have taken down an illegitimate network of call centers located in Lviv. Scammers used the centralized offices to steal money from foreigners who thought…

NSA and CISA Release Security Tips Regarding VPN Security

The National Security Agency (NSA) and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) have issued guidance for strengthening the security of virtual private network (VPN) services. The document was…

Ransomware Explained. What It Is and How It Works

Every day, cybersecurity specialists detect over 200,000 new ransomware strains. This means that each minute brings no less than 140 strains capable of avoiding detection and inflicting irreparable damage. But…

What Is RBAC? Role-Based Access Control Definition, Benefits, Best Practices, and Examples

Role-Based Access Control (RBAC), also known as role-based security, is a method that restricts system access to authorized users based on their role within an organization. In order to protect…

FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal

Trend Micro – Trend Micro – FormBook Adds Latest Office 365 0-Day Vulnerability CVE-2021-40444 to Its Arsenal Exploits & Vulnerabilities Trend Micro detected a new campaign using a recent version…