Cyber Security News

  • Ukraine says Russian hacktivists use new Somnia ransomware

    November 12, 2022

    Russian hacktivists have infected multiple organizations in Ukraine with a new ransomware strain called ‘Somnia,’ encrypting their systems and causing operational problems. The Computer Emergency Response Team of Ukraine (CERT-UA) has confirmed the outbreak via an announcement on its portal, attributing the attacks to ‘From Russia with Love’ (FRwL), also known as ‘Z-Team,’ whom they track ...

  • World Cup apps pose a data security and privacy nightmare

    November 11, 2022

    With mandated spyware downloads to tens of thousands of surveillance cameras equipped with facial-recognition technology, the World Cup in Qatar next month is looking more like a data security and privacy nightmare than a celebration of the beautiful game. Football fans and others visiting Qatar must download two apps: Ehteraz, a Covid-19 tracker, and Hayya, which ...

  • NSA to developers: Think about switching from C and C++ to a memory safe programming language

    November 11, 2022

    The National Security Agency (NSA) is urging developers to shift to memory safe languages – such as C#, Go, Java, Ruby, Rust, and Swift – to protect their code from remote code execution or other hacker attacks. Of the languages mentioned above, Java is the most widely used across enterprise and Android app development, while Swift ...

  • Europe calls for joint cyber defense to ward off Russia

    November 11, 2022

    The European Commission on Thursday proposed a cyber defense policy in response to Europe’s “deteriorating security environment” since Russia illegally invaded Ukraine earlier this year. The Commission, citing recent cyber attacks on energy networks, transportation infrastructure and space assets, called on member states to “significantly increase” investments in cybersecurity capabilities. It also aims to boost defense ...

  • CISA Releases SSVC Methodology to Prioritize Vulnerabilities

    November 10, 2022

    Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization (SSVC), a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts to safety, and prevalence of the affected product in a singular system. As stated in Executive Assistant Director (EAD) Eric Goldstein’s blog post Transforming the Vulnerability Management Landscape, implementing a ...

  • Phishing drops IceXLoader malware on thousands of home, corporate devices

    November 10, 2022

    A ongoing phishing campaign has infected thousands of home and corporate users with a new version of the ‘IceXLoader’ malware. The authors of IceXLoader, a malware loader first spotted in the wild this summer, have released version 3.3.3, enhancing the tool’s functionality and introducing a multi-stage delivery chain. The discovery of the Nim-based malware came in June ...

  • iPhone iOS 16.1.1 fixes two security vulnerabilities – time to update

    November 10, 2022

    Apple has released an update that protects users against two security vulnerabilities that could affect iPhones and iPads. The iOS 16.1.1 and iPadOS 16.1.1 software update comes two weeks after the release of iOS 16.1 for all iPhone and iPad users. The security update protects users against two vulnerabilities CVE-2022-40303 and CVE-2022-40304. Both vulnerabilities have been found ...

  • US Health Dept warns of Venus ransomware targeting healthcare orgs

    November 10, 2022

    The U.S. Department of Health and Human Services (HHS) warned today that Venus ransomware attacks are also targeting the country’s healthcare organizations. In an analyst note issued by the Health Sector Cybersecurity Coordination Center (HC3), HHS’ security team also mentions that it knows about at least one incident where Venus ransomware was deployed on the networks ...

  • Hack the Real Box: APT41’s New Subgroup Earth Longzhi

    November 9, 2022

    In early 2022, Trend Micro investigated an incident that compromised a company in Taiwan. The malware used in the incident was a simple but custom Cobalt Strike loader. After further investigation, however, we found incidents targeting multiple regions using a similar Cobalt Strike loader. While analyzing code similarities and tactics, techniques, and procedures (TTPs), we ...

  • VMware warns of three critical holes in remote-control tool

    November 9, 2022

    VMware has revealed a terrible trio of critical-rated flaws in Workspace ONE Assist for Windows – a product used by IT and help desk staff to remotely take over and manage employees’ devices. The flaws are all rated 9.8 out of 10 in CVSS severity. A miscreant able to reach a Workspace ONE Assist deployment, either ...

  • Emotet coming in hot

    November 8, 2022

    Emotet is a ubiquitous and well-known banking trojan that has evolved over the years to become a very successful modular botnet capable of dropping a variety of other threats. Even after a global takedown campaign in early 2021 disrupted the botnet, it reemerged later that year, rebuilding its infrastructure and becoming highly active in a ...