Critical MQTT-Related Bugs Open Industrial Networks to RCE Via Moxa

A collection of five security vulnerabilities with a collective CVSS score of 10 out of 10 threaten critical infrastructure environments that use Moxa MXview. Critical security vulnerabilities in Moxa’s MXview…

Europe's biggest car dealer hit with ransomware attack

One of Europe’s biggest car dealers, Emil Frey, was hit with a ransomware attack last month, according to a statement from the company.  ZDNet Recommends The Swiss company showed up…

Vulnerability Spotlight: Vulnerabilities in Moxa MXView could allow attacker to view sensitive information, bypass login

Patrick DeSantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw.  Cisco Talos recently discovered two vulnerabilities in Moxa’s MXview network management software that could allow an attacker to…

Microsoft, Oracle, Apache and Apple vulnerabilities added to CISA catalog

The US Cybersecurity and Infrastructure Security Agency (CISA) updated its catalog of known exploited vulnerabilities this week, adding 15 vulnerabilities based on evidence that threat actors are actively exploiting them.…

ModifiedElephant APT hackers plant incriminating evidence on victims devices

ModifiedElephant APT group has been carrying out its malicious activities since 2012 and successfully evading detection for over a decade. The IT security researchers at SentinelLabs have revealed details of…

Cybercrooks Frame Targets by Planting Fabricated Digital Evidence

The ‘ModifiedElephant’ threat actors are technically unimpressive, but they’ve evaded detection for a decade, hacking human rights advocates’ systems with dusty old keyloggers and off-the-shelf RATs. Threat actors are hijacking…

Google says nearly $9 million given out in 2021 vulnerability rewards

Google announced this week that its Vulnerability Reward Programs doled out $8,700,000 for vulnerability rewards in 2021.  Researchers donated $300,000 of their rewards to a charity of their choice, according…

Threat Roundup for February 4 to February 11

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between Feb. 4 and Feb. 11. As with previous roundups, this post isn’t meant to be an…

Google: Vendors took an average of 52 days to fix reported security vulnerabilities

Google’s Project Zero released a report covering its work in 2021. It found that vendors took an average of 52 days to fix reported security vulnerabilities. Between 2019 and 2021,…

Prison for Nintendo Pirate

Games giant thanks US authorities for securing 3-year prison term for Team-Xecuter leader