Pwn2Own 2022 – Windows 11, MS Teams and Firefox Pwned on Day 1

Other than Windows 11, Microsoft Teams and Mozilla Firefox, Oracle Virtualbox, Ubuntu Desktop, and Safari browser were also hacked on day one of PWN2OWN 2022 in Vancouver. Pwn2Own is a…

Project Zero researchers see promising trends in vulnerability fixes

Written by AJ Vicens Feb 10, 2022 | CYBERSCOOP Big tech vendors generally are remediating serious bugs faster than they were three years ago, according to a new report from…

Firefox: Ad blockers are 2021's most popular browser extensions

Multiple ad blockers topped Firefox’s list of the most popular and innovative add-on browser extensions of 2021.  Firefox determines which add-ons are “most popular” by calculating their average daily users…

Agent Tesla Spyware Used in Phishing Campaign

Agent Tesla initially detected in late 2014, is a known spyware aimed at collecting sensitive data from a victim’s device, such as stored application credentials and keyboard inputs (keylogger). Agent…

French Users and Orgs Targeted by TinyNuke Info-Stealing Malware

According to security researchers, the TinyNuke banking malware (also known as Nukebot) has resurfaced in a new operation exclusively targeting French users and organizations with invoice-themed email lures. The targets…

Mozilla rolls out GPC for all Firefox users, but enforcement limited to two states

Mozilla has expanded its implementation of Global Privacy Control (GPC) to all users after rolling it out on a limited basis in October.  The feature – which tells websites not…

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

Trend Micro – Trend Micro – New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes Ransomware We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these…

Fake KPSPico Windows activator tool KPSPico steals crypto wallet data

The malware is dubbed CrypBot is essentially an information stealer that can obtain credentials for cryptocurrency wallets, browsers, credit cards, browser cookies, and capture screenshots from compromised devices. Cybersecurity solutions…

Mozilla properly fuzzed NSS and still ended up with a simple memory corruption hole

When it comes to fuzzing, Mozilla has plenty of cred, and has been doing so for some time, and yet, its prized Network Security Services (NSS) library was busted by…

Yanluowang Ransomware Tied to Thieflock Threat Actor

Links between the tactics and tools demonstrated in attacks suggest a former affiliate has switched loyalties, according to new research. A threat actor previously tied to the Thieflock ransomware operation…