Meta removes accounts of spyware company Cytrox after Citizen Lab report on gov't hacks

Citizen Lab has released a new report highlighting widespread government use of the “Predator” spyware from North Macedonian developer Cytrox. Researchers found that Predator was used to attack two people…

Patch Tuesday December 2021 – Microsoft Fixes 67 Flaws, Including 6 Zero-Day Vulnerabilities

December’s Patch Tuesday comes with numerous security fixes and improvements, including two actively exploited zero-day vulnerabilities. The list features spoofing, denial of service, remote code execution, elevation of privilege, and…

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

December’s Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. Microsoft has addressed a zero-day vulnerability that was exploited in the wild to deliver Emotet, Trickbot…

Next-Gen Maldocs & How to Solve the Human Vulnerability

Malicious email attachments with macros are one of the most common ways hackers get in through the door. Huntress security researcher John Hammond discusses how threat hunters can fight back.…

REvil/Sodinokibi Ransomware: Origin, Victims, Prevention Strategies

This post is also available in: Danish Cyberattacks have become a part of our reality, but have you ever wondered what might happen if your company gets targeted? You probably…

Kali Linux 2021.4 released with Samba compatibility, Apple M1 support, 9 new tools

Kali Linux 2021.4 comes with several improved features, including Samba compatibility, better Apple M1 support, switching package manager mirrors – Download Kali Linux 2021.4 now. Offensive Security has finally released…

Windows 10 Drive-By RCE Triggered by Default URI Handler

There’s an argument injection weakness in the Windows 10/11 default handler, researchers said: an issue that Microsoft has only partially fixed. Researchers have discovered a drive-by remote code-execution (RCE) bug…

Hackers pretending to be Iranian govt use SMS messages to steal credit card info, create botnet

Security company Check Point Research has uncovered a hacking campaign that involves cyberattackers impersonating Iranian government bodies to infect the mobile devices of Iranian citizens through SMS messages.  The SMS…

Researchers Reveal More Details About SideCopy, the Pakistani Threat Actor Group

A hacking group from Pakistan managed to perform Facebook, Twitter, and Google sensitive credentials theft. It seems that its targets were Afghan ministries and a shared government computer from India.…

Bill proposes suspension of instant payments in Brazilian state as crime surges

As crime increases in Brazil, a new bill is proposing the suspension of instant payments system Pix in the state of São Paulo. If signed into law, the proposals put…