News • Insights • Analysis
During the first week of October, Kaspersky took part in the 34th Virus Bulletin International Conference, one of the longest-running cybersecurity events. There, Kaspersky researchers delivered multiple presentations, and one of our talks focused on newly observed activities by the Read More …
Apple has released security patches for most of its operating systems, including iOS, Mac, iPadOS, Safari, and visionOS. To check if you’re using the latest software version, go to Settings (or System Settings) > General > Software Update. It’s also Read More …
Doughnut chain Krispy Kreme says it has been hit by a cyberattack which has disrupted its online systems. Some customers in the US have been unable to make online orders as a result of the hack, which occurred in late Read More …
While investigating incidents related to Cleo software exploitation, Rapid7 Labs and MDR observed a novel, multi-stage attack that deploys an encoded Java Archive (JAR) payload. Our investigation revealed that the JAR file was part of a modular, Java-based Remote Access Read More …
After proof-of-concept technical details were published on 5 December 2024 for CVE-2024-41713 and CVE-2024-55550, exploitation activity chaining these two Mitel MiCollab vulnerabilities has been reported. MiCollab is a cloud-based platform that integrates chat, voice, video, and SMS messaging for teams. Read More …
Cleo has released a security advisory addressing two vulnerabilities in Cleo Harmony, Cleo VLTrader, and Cleo LexiCom, which are commonly used to manage file transfers. Cleo LexiCom is a desktop-based client solution for communication with major trading networks Cleo VLTrader Read More …
Law enforcement agencies worldwide have disrupted a holiday tradition for cybercriminals: launching Distributed Denial-of-Service (DDoS) attacks to take websites offline. As part of an ongoing international crackdown known as PowerOFF, authorities have seized 27 of the most popular platforms used Read More …
Russia’s Federal Security Service (FSB), in collaboration with the Russian Interior Ministry, has exposed three Moscow-based illegal call centers that affected hundreds of citizens from more than 20 European and Asian countries, the FSB reported. “The unlawful activities of an Read More …
Ivanti has released security advisories addressing vulnerabilities in Cloud Services Application, Connect Secure, and Policy Secure. Ivanti Cloud Services Applicance (CSA) is an appliance that provides secure communication and functionality over the internet. Ivanti Connect Secure and Policy Secure are Read More …
Microsoft is addressing 70 vulnerabilities this December 2024 Patch Tuesday. Microsoft has evidence of in-the-wild exploitation and public disclosure for one of the vulnerabilities published today, and this is reflected in a CISA KEV entry. For the third month in Read More …
