Threats and Risks
Redesigned for stealth and adaptability, data-stealing Valak malware targets Microsoft Exchange Server in enterprises
Valak has been rapidly reconfigured for data exfiltration and has been spotted targeting US and German enterprises
Latest version of Turla's ComRAT backdoor uses Gmail web UI to receive orders from hackers
It is built on an entirely different codebase and was compiled in November 2019
US officials arrest another member of Fin7 hacking group
The Ukrainian national was part of spear-phishing campaign that enabled hackers to gain unauthorised access to victims' system
Unc0ver team releases new jailbreak package that can unlock iPhones running iOS 13.5
The tool uses zero-day bug in the Darwin XNU kernel
Warning over Mandrake malware infecting Android devices since 2016
The malware avoids infecting every Android device, and rather focuses on hand-picked targets
Trading Standards warns of NHS contact-tracing phishing scam
Message telling people that they may be infected links to a malicious website which asks for personal details
Chinese cyber actors are trying to steal Covid-19 vaccine research, FBI
Theft of such valuable data could threaten the delivery of secure treatment options, the agency believes
US cyber security agencies shares list of routinely exploited vulnerabilities since 2016
Hackers are most frequently exploiting bugs in Microsoft's OLE technology
Vulnerabilities impacting Oracle iPlanet Web Server could result in data leakage, phishing
Vendors says it will not release a security patch as affected product has already reached end-of-life
Lazarus hacking group hiding a new variant of Dacls RAT in security app to target macOS users
The app is mostly used by Chinese speakers, as per researchers
Threat groups are looking to steal Covid-19 research, NCSC and CISA warn
The organisations being targeted include healthcare bodies, medical research institutions, pharmaceutical firms and others
InfinityBlack hacking group busted by European law enforcement agencies
'Well organised' cyber criminals were focused on loyalty card schemes
Warning over EventBot banking Trojan draining financial details from Android phones
The malware can intercept the two-factor authentication security codes sent to the device
CISA urges action on common Office 365 security vulnerabilities
US Cyber agency offers best practice for configuring Microsoft Office 365 to secure employees working from home
NSA, ASD publish advisory for detecting and mitigating web shell malware
Malicious web shells can evade detection from most security tools, so they are difficult to detect
Zoom announces version 5.0 with improved security and control features
New version with 256-bit AES encryption (for real this time) to be rolled out next week
Zoom zero-day exploits being sold online for $500,000, report
The reported vulnerabilities impact Zoom clients for MacOS and Windows, Zoom refutes the claim
Nemty ransomware operators close public ransomware-as-a-service operation and switch to private mode
Victims have one week to purchase decryption keys from operators
Hackers are mass-scanning the internet to discover Microsoft Exchange servers vulnerable to RCE bug
A patch to fix this bug has already been released by Microsoft
NCSC and CISA warn of ongoing coronavirus cyber threat
Spear-phishing emails from cyber crooks claim to provide information on Covid-19 from official sources
Just 17 per cent of all internet-facing Microsoft Exchange servers are patched against CVE-2020-0688 vulnerability
More than 31,000 Exchange 2010 servers have received no update since 2012
Critical vulnerabilities in HP Support Assistant could allow arbitrary code execution
The tool which comes preinstalled on all brand-new HP notebooks and desktops could allow an attacker to escalate local privilege on vulnerable Windows systems
Two zero-day flaws in Zoom could enable threat actors to access webcam and microphone on MacOS system
Zoom is currently the most popular app on both the Play Store and App Store but privacy and security concerns are rising
How rapid advances in quantum computing are reshaping cybersecurity
We must all prepare for the end of public key encryption as we know it
Most read
