Operation Honeybee
Security researchers from McAfee’s Advanced Threat Research team have discovered a new cybersecurity operation dubbed “Operation Honeybee” that targets humanitarian aid organizations.
Operation Honeybee Read More »
Spectre Variant 2 patches
Microsoft provided security updates earlier this week to address the Spectre Variant 2 (CVE 2017-5715) data leaking vulnerability that affects Intel’s Skylake H/S (6th generation Core CPUs) and Skylake U/Y & Skylake U23e (6th Generation Core m Processors).
Spectre Variant 2 patches Read More »
Sofacy hacking group attacks German government network
The Sofacy group (aka APT28, Fancy Bear, and Pawn Storm) have allegedly attacked and breached German government’s secure computer network. Many security experts believe the cyberespionage group has ties back to the Russian government.
Sofacy hacking group attacks German government network Read More »
Cache utility memcached is being exploited
Do you have any internet-facing devices running memcached? Security experts warn that systems exposed to the internet and running memcached on port 11211 UDP and TCP are being exploited in a new distributed denial-of-service (DDoS) reflection attack.
Cache utility memcached is being exploited Read More »
SAML vulnerabilities affect multiple SSO implementations
Duo Labs has found SAML protocol vulnerabilities that impact multiple vendor single sign-on (SSO) systems.
SAML vulnerabilities affect multiple SSO implementations Read More »
Oracle vulnerability exploited to deliver dual Monero miners
Trend Micro security researchers have spotted an Oracle vulnerability that is being abused to deliver dual Monero miner malware. The Oracle WebLogic WLS-WSAT vulnerability (CVE-2017-10271) allows remote code execution and was patched by Oracle back in October.
Oracle vulnerability exploited to deliver dual Monero miners Read More »
Evolving W-2 phishing campaigns
The Internet Crime Complaint Center (IC3) has issued an alert on W-2 phishing campaigns. In the latest scam, criminals are targeting sensitive tax information by using IRS-related phishing emails.
Evolving W-2 phishing campaigns Read More »
Active BEC scams target Fortune 500 companies
Threat actors from likely Nigerian origin are using business email compromise scams (BECs) to target Fortune 500 companies.
Active BEC scams target Fortune 500 companies Read More »
Hacking tax preparers to pull off tax refund fraud
In a relatively new IRS scam, identity thieves are now hacking tax preparers to pull off tax refund fraud.
Hacking tax preparers to pull off tax refund fraud Read More »
Cyber attack on Indian bank’s SWIFT system
Indian City Union Bank said that cyber criminals gained access to the bank’s SWIFT systems and made three unauthorized transfers totalling $1.8 million.
Cyber attack on Indian bank’s SWIFT system Read More »