Hermit, an enterprise-grade Android spyware, has been used by organizations in Kazakhstan, Italy, and Syria to exploit a rooted Android device and collect data. The website used to mask its malicious activity is an official Oppo support page in the Kazakh language. Users should stay cautious with fraudulent websites and not install unknown apps, especially […]
Volexity researchers laid bare a sophisticated campaign by Chinese APT abusing a critical zero-day in Sophos’ firewall product. Sophos has fixed the flaw; provided mitigations to help organizations use their firewall and protect against threat actors abusing the vulnerability.
Referred to as Follina, the flaw is tracked as CVE-2022-30190. It affects multiple Office versions, including Office 2013, Office 2016, Office 2021, and Office Pro Plus.
Malicious cyber actors recently targeted members of the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) with a copyright-themed fake Facebook email.
A decentralized autonomous organization (DAO) called Inverse Finance has been robbed of cryptocurrency somehow exchangeable for $1.2 million, just two months after being taken for $15.6 million.
In at least two of the Windows-related incidents observed by cybersecurity vendor Sophos, adversaries exploited the vulnerability to deliver Cerber ransomware and a cryptominer called z0miner on victim networks.
The vulnerability impacts four Small Business RV Series models, namely the RV110W Wireless-N VPN Firewall, the RV130 VPN Router, the RV130W Wireless-N Multifunction VPN Router, and the RV215W Wireless-N VPN Router.
Fifteen security vulnerabilities affecting Siemens SINEC network management system (NMS) were unveiled this week, according to new research published by security company Claroty.
The latest version is written in Nim, a relatively new language utilized by threat actors over the past two years, most notably by the NimzaLoader variant of BazarLoader used by the TrickBot group.
Panchan, a new Golang-based P2P botnet, is targeting Linux servers in the education sector since March 2022. The botnet uses a basic SSH dictionary attack to implement wormable behavior and harvests SSH keys for lateral movement. During runtime, the botnet has been observed deploying and executing two miners, nbhash and XMRig on the host.