According to Kaspersky, Emotet infection has seen a ten-fold increase from February to March, going from 3,000 to 30,000 emails. It is switching to new payloads detected by fewer antivirus engines.
The flaw is tracked as CVE-2022-0540 and comes with a severity rating of 9.9. It allows a remote attacker to bypass authentication by sending a specially crafted HTTP request to vulnerable endpoints.
Whereas the previous, 2013 iteration focused on helping organizations to deploy patch management technologies, the new edition centers on developing strategies for patch management.
The malware, suspected to be created by Golden Chickens (aka Venom Spider), is a stealthy, modular backdoor suite capable of stealing valuable information and conducting lateral movement across the compromised network.
A security researcher has discovered several vulnerabilities, including ones rated critical- and high-severity, in industrial products made by Elcomplus, a Russian company specializing in professional radio communications and industrial automation.
Tracked as CVE-2022-20783 (CVSS score of 7.5), the NSA-reported flaw is a denial of service (DoS) issue in TelePresence Collaboration Endpoint (CE) and RoomOS software, which could be exploited remotely, without authentication.
The first of the bugs fixed with the latest iterations of the open-source CMS is an access bypass issue that exists because of an improperly implemented generic entity access API for entity revisions.
Cybercriminals purposely choose specific times when all of us are busy with taxes, and preparing for holidays (e.g., Easter), that’s why you need to be especially careful during these times.
Ukraine is now issuing physical security keys to as many government agencies as possible, said Oleksandr Potii, deputy chief of the State Service of Special Communication and Information Protection.
REvil ransomware’s servers in the Tor network are active again after months of inactivity. At present, these servers are redirecting users to a new operation that is believed to have started in mid-December 2021.