Cybersecurity Attacks

Securezoo Cybersecurity Threat Center blog posts of new cybersecurity attacks.

H0lyGh0st ransomware actors target small and midsize businesses

Security researchers from Microsoft warn threat actors from North Korea are using H0lyGh0st ransomware to target small and midsize businesses around the globe.

ZuoRAT targets SOHO devices to launch sophisticated multi-stage cyber attacks

Threat actors are using a multi-stage malware dubbed ZuoRAT to exploit small office/home office (SOHO) routers and launch sophisticated attacks against North American and European networks.

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit)

The Cybersecurity and Infrastructure Security Agency (CISA) has added eight vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, Mitel, Google Chromium, and the RedHat “PwnKit” vulnerability (CVE-2021-4034) in Polkit’s pkexec tool.

Zoom patches XMPP vulnerability chain that could allow an attacker to compromise user over Zoom chat

Zoom recommends users upgrade their Zoom client to version 5.10.0 to fix an XMPP vulnerability chain that could enable an attacker to execute remote code and compromise another user over Zoom chat.