‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

It’s similar to Lazarus’s Manuscrypt malware, but the new spyware is splattering itself onto government organizations and ICS in a non-Lazarus-like, untargeted wave of attacks. Researchers have tracked new spyware…

Ransomware in 2022: We're all screwed

Ransomware is now a primary threat for businesses, and with the past year or so considered the “golden era” for operators, cybersecurity experts believe this criminal enterprise will reach new…

Espionage Hacking Campaign Is Targeting Telecom Operators

A fresh espionage hacking effort targeting Middle Eastern and Asian telecommunications and IT service companies was recently discovered. The operation has been running for six months, and it may have…

Patch Tuesday December 2021 – Microsoft Fixes 67 Flaws, Including 6 Zero-Day Vulnerabilities

December’s Patch Tuesday comes with numerous security fixes and improvements, including two actively exploited zero-day vulnerabilities. The list features spoofing, denial of service, remote code execution, elevation of privilege, and…

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot…

Microsoft December 2021 Patch Tuesday: Zero-day exploited to spread Emotet malware

Microsoft has released 67 security fixes for software including seven critical issues and a zero-day flaw being actively exploited by cybercriminals.  In the Redmond giant’s latest round of patches, usually released…

‘Karakurt’ Extortion Threat Emerges, But Says No to Ransomware

The threat group, first identified in June, focuses solely on data exfiltration and subsequent extortion, and has already targeted 40 victims since September. There is a new financially motivated threat…

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

Trend Micro – Trend Micro – New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes Ransomware We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these…

AWS Among 12 Cloud Services Affected by Flaws in Eltima SDK

Researchers have found a number of high-security vulnerabilities in third-party driver software – bugs that originated in a library created by network virtualization firm Eltima – that leave about a…

Are You Guilty of These 8 Network-Security Bad Practices?

Tony Lauro, director of Security Technology & Strategy at Akamai, discusses VPNs, RDP, flat networks, BYOD and other network-security bugbears. They say the first step in addressing a serious issue…