Cybersecurity Threat Center Archives - Page 2 of 3

OrBit: New evasive and persistent Linux malware

Malware, Vulnerabilities & Exploits / Frank Crast / July 9, 2022 / Cybersecurity Threat Center, Linux, malware, OrBit, payload

Researchers from Intezer have discovered a new evasive and persistent Linux malware dubbed OrBit.

OrBit: New evasive and persistent Linux malware Read More »

ZuoRAT targets SOHO devices to launch sophisticated multi-stage cyber attacks

Cybersecurity Attacks, Malware, Network Security / Frank Crast / July 8, 2022 / ASUS, Black Lotus Labs, Cisco, CVE-2020-26878, CVE-2020-26879, Cybersecurity Attack, Cybersecurity Threat Center, DrayTek, Lumen, NETGEAR, Python, Small Office, SOHO, ZuoRAT

Threat actors are using a multi-stage malware dubbed ZuoRAT to exploit small office/home office (SOHO) routers and launch sophisticated attacks against North American and European networks.

ZuoRAT targets SOHO devices to launch sophisticated multi-stage cyber attacks Read More »

Maui ransomware targets entities in the Healthcare and Public Health sector

Cybersecurity Attacks, Malware / Frank Crast / July 6, 2022 / CISA, Cybersecurity Threat Center, FBI, Health, healthcare, HPH, Maui, Public Health, Treasury

Cybersecurity experts warn North Korean State-Sponsored threat actors are using Maui ransomware to target entities in the Healthcare and Public Health (HPH) sector.

Maui ransomware targets entities in the Healthcare and Public Health sector Read More »

Google releases Chrome 103 security update with fix for zero-day vulnerability (CVE-2022-2294) exploited in the wild

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / Frank Crast / July 6, 2022 / Chrome, Chrome103, CVE-2022-2294, CVE-2022-2295, CVE-2022-2296, Cybersecurity Threat Center, WebRTC, Zero-day

Google has released Chrome 103.0.5060.114 for Windows with fixes for multiple vulnerabilities, to include one High severity zero-day (CVE-2022-2294) exploited in the wild.

Google releases Chrome 103 security update with fix for zero-day vulnerability (CVE-2022-2294) exploited in the wild Read More »

OpenSSL patches High risk RSA private key operation vulnerability (CVE-2022-2274)

Cryptography, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / July 6, 2022 / CVE-2022-2274, Cybersecurity Threat Center, OpenSSL, RSA

OpenSSL has patched one High risk heap memory corruption with RSA private key operation (CVE-2022-2274) in certain OpenSSL versions.

OpenSSL patches High risk RSA private key operation vulnerability (CVE-2022-2274) Read More »

Toll fraud Android malware is major threat to steal your money

Malware, Mobile Security / Frank Crast / July 4, 2022 / Android, Cybersecurity Threat Center, Google Play Store, malware, Microsoft, mobile, toll fraud

Researchers from Microsoft warn that toll fraud Android malware has been one of the most prevalent malware downloaded from the Google Play Store since 2017 and is a major threat to steal your money.

Toll fraud Android malware is major threat to steal your money Read More »

Google releases Chrome 103 (103.0.5060.53) security updates with fixes for 1 Critical, 2 High severity vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / June 24, 2022 / Chrome, Chrome 103, CVE-2022-2156, CVE-2022-2157, CVE-2022-2158, Cybersecurity Threat Center

Google has released Chrome version 103.0.5060.53 for Windows, Mac and Linux, with fixes for one Critical and two High severity vulnerabilities.

Google releases Chrome 103 (103.0.5060.53) security updates with fixes for 1 Critical, 2 High severity vulnerabilities Read More »

Interpol operation “First Light 2022” leads to thousands of arrests of social engineering scammers worldwide

Cybercrime, Fraud, Phishing, Social Engineering / Frank Crast / June 17, 2022 / Cybercrime, Cybersecurity Threat Center, First Light 2022, Interpol, phishing, Ponzi, scammer, social engineering

Interpol has arrested thousands and seized millions of US dollars from social engineering scammers worldwide involved in telecommunication fraud, business mail compromise (BEC) and associated money laundering.

Interpol operation “First Light 2022” leads to thousands of arrests of social engineering scammers worldwide Read More »

CISA adds Critical Microsoft diagnostics tool vulnerability to Catalog of exploited vulnerabilities

Cybersecurity Attacks, Vulnerabilities & Exploits / Frank Crast / June 16, 2022 / CVE-2022-30190, Cybersecurity Threat Center, exploits, Follina, Microsoft, MSDT, RCE, Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has added one Microsoft Support Diagnostic Tool (MSDT) vulnerability CVE-2022-30190 (aka “Follina”) to its Known Exploited Vulnerabilities Catalog.

CISA adds Critical Microsoft diagnostics tool vulnerability to Catalog of exploited vulnerabilities Read More »

Microsoft June 2022 Security Updates addresses 55 vulnerabilities (3 Critical)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / June 14, 2022 / CVE-2022-30136, CVE-2022-30139, CVE-2022-30163, Cybersecurity Threat Center, HyperV, LDAP, Microsoft, NFS, RCE, Vulnerabilities

The Microsoft June 2022 Security Updates includes patches and advisories for 55 vulnerabilities, three of those rated Critical severity.

Microsoft June 2022 Security Updates addresses 55 vulnerabilities (3 Critical) Read More »