TrickBot Malware Operators Added New Techniques to Elude Detections          *
Russian Threat Group Targeting Government and Defense Industries          *
New DeadBolt Ransomware Targets QNAP Devices, Demands 50 BTC for Master Key          *
Initial Access Broker Attack VMware Horizon Servers in Log4Shell Attacks          *
Canadian Government Hit by Cyberattack, Few Services Disrupted          *
Threat Actors Hacked Segway Store to Steal Customers' Credit Card Data          *
Emotet Spam Campaign Using Unconventional IP Address to Evade Security Detections          *
Phishing Campaign Employing Malicious PowerPoint Files to Push Malware          *
Threat Actors Now Actively Targeting a Patched Critical SonicWall RCE Bug          *
Two CWP Bugs Allow Code Execution as Root on Linux Servers          *
Android Malware BRATA Strikes Back with Enhanced Features, Wipes Device After Stealing Data          *
Hackers Encrypted Belarusian Railway's Internal Servers in Protest          *
Researchers Identified a New UEFI Firmware Implant in Cyberattacks          *
Hackers Backdoored Over 90 WordPress Themes, Plugins in Supply Chain Attack          *
Researchers Uncover 2 Flaws in Zoom Software, Resulting in Zero-click Attack          *
SonicWall Provides Temp Fix For Firewalls Stuck in Reboot Loop          *
CISA Discloses New 17 Vulnerabilities Exploited in Attacks          *
Threat Group Molerats Targeting Middle East in Cyberespionage Campaign          *
McAfee Agent Update Fixes Two High-Severity Vulnerabilities          *
F5 Patches 24 Vulnerabilities in its BIG-IP, BIG-IQ, and NGINX Controller API Products          *
Dutch National Cybersecurity Centre Warns of Lingering Log4j Threats          *
WordPress Plugin Flaw Puts Users of 20,000 Sites at Phishing and Code Injection Risk          *
Several Spyware Campaigns Stealing Credentials in Industrial Firms          *
DoNot Hacking Group Targeting Government and Military Entities in South Asia          *
Indonesia's Central Bank Discloses Ransomware Attack, Conti Leaks Data          *
Cisco Flaws Provide Remote Attackers Root Privileges via Debug Mode          *
Red Cross Cyberattack Leaks Data of 515,000 Individuals          *
SolarWinds Patches Serv-U Vulnerability Exploited for Log4j Attacks          *
Russian Attackers Employing Subscription-based Malware Service to Deploy Malware          *
Scammers Impersonating United States Department of Labor in Phishing Campaign          *
A New Stealthy Malware Targeting Users' Cryptocurrency Wallets and Passwords          *
Researchers Discloses a Critical Flaw in SAP NetWeaver AS ABAP and ABAP Platforms          *
Critical Flaw in IDEMIA Biometric Identification Devices Enable Unauthorized Access          *
Large-scale Phishing Campaign Targeting Renewable Energy Firms          *
Researchers Link New White Rabbit Ransomware to FIN8 Hacking Group          *
Earth Lusca Hackers Targeting High-Value Targets in Government and Private Sectors          *
Microsoft Issues Emergency Patches for Windows Server, VPN Bugs          *
Fashion Giant Moncler Discloses Data Breach Post Ransomware Attack          *
Microsoft Warns of Fake Ransomware Targeting Ukraine in Data-wiping Attacks          *
High-Severity CSRF Flaw in 3 WordPress Plugins Affected 84,000 Websites          *
Nintendo Warns of Phony Sites Pushing Fake Switch Discounts          *
eNom Data Center Migration Process Knocks Sites Offline          *
Zoho Patches a Critical Security Flaw in Desktop Central          *
An Undisclosed npm Dependency Flaw Affected Facebook's Create React App          *
Vulnerable Apple Safari Browser Allows Hackers to Track User Activity          *
Cybercriminals Abusing Public Cloud Infrastructure to Distribute Several RAT's          *
Goodwill's E-commerce Platform 'ShopGoodwill' Suffers Data Breach          *
Cisco Patches a Critical Bug Affecting Unified CCMP and Unified CCDM          *
Qlocker Ransomware Returns to Target QNAP NAS Devices Globally          *
Defense Contractor Hensoldt Discloses a Ransomware Attack          *
Massive Cyber Attack Knocks Down Several Ukrainian Government Websites          *
North Korean Hackers Stealing Millions from Cryptocurrency Startups Globally          *
Financially Motivated Hacking Group Targeting Cryptocurrency Startups          *
Threat Actors Compromised FIFA 22 Accounts Using Social Engineering Techniques          *
AWS Patched Security Vulnerabilities that Exposed AWS Customers' Information          *
Sentinel LABS Released an Unofficial Patch for Privilege Escalation Vulnerability, affecting all Windows Devices          *
OceanLotus Threat Group is using Web Archive Files to Install Backdoors          *
Magniber Ransomware Gang now Utilizing Signed APPX Files in Attacks          *
Microsoft Patched Critical Flaw in Windows HTTP Protocol Stack          *
Apple Fixed a Persistent Denial of Service (DoS) Flaw Dubbed 'doorLock'          *
Ransomware Operators Leveraging Log4Shell Exploit to Infect VMware Horizon Systems          *
Microsoft Patch Tuesday Security Advisory - January 2022          *
New SysJoker Backdoor Actively Targeting Windows, macOS, and Linux Users          *
Threat Actors Deploying New RedLine Malware Via Fake Omicron Stat Counter App          *
KCodes NetUSB Kernel Module Bug Affects Millions of Routers Globally          *
CISA Warns Federal Agencies of Ancient Flaws Still Being Exploited          *
Threat Actor Group 'Patchwork' Infecting Users with Ragnatela Malware          *
Researchers Link 'Abcbot' Botnet Operation to Xanthe Cryptomining Botnet Operators          *
Threat Actors Targeting Cybersecurity Researchers and Developers in Malware Campaign          *
State Hackers Employ New PowerShell Backdoor in Log4j Attacks          *
Vulnerable Open-Source NPM Libraries 'colors' and 'faker' Breaks Thousands of Apps          *
Researchers Disclose Flaws in Over A Dozen Widely Used URL Parser Libraries          *
Linux Version of AvosLocker Ransomware Encrypting VMware ESXi Servers          *
Researchers Discovered Security Flaw like Log4Shell in H2 Database Console          *
A New 'Night Sky' Ransomware Targeting Corporate Companies          *
Microsoft Warns of Persistent Attacks Leveraging Apache Log4j Flaws          *
Y2K22 Bug Hits SonicWall's Email Security, Firewall Products          *
Hackers Employ BadUSB to Target Defense Firms with Ransomware          *
NHS Warns of Unknown Hacker Group Exploiting Log4Shell in VMware Horizon          *
FluBot Malware Operators Targeting Europe Posing as Flash Player App          *
FinalSite Hit by a Ransomware Attack that Disrupted Thousands of Schools          *
QNAP Warns of Attacks Targeted at Internet-exposed NAS Devices          *
North Korean Hacker Group "Konni" Attacks Russian Foreign Ministry          *
Credential Stuffing Attacks Impact 1.1 Million Users at 17 Companies          *
US Online Pharmacy "Ravkoo" Suffers Data Breach Post AWS Portal Hack          *
Hackers Abusing Google Docs Commenting Feature to Drop Malware          *
FBI Warns of an Ongoing Google Voice Authentication Scams          *
Microsoft Releases an Emergency Update to Address Windows Remote Desktop Issues          *
Threat Actors Injecting Web Skimmer Code to Steal Sensitive Information          *
U.S. Cellular Disclose Data Breach Post Billing System Hack          *
Hospitality Chain McMenamins Suffers Data Breach Post Ransowmare Attack          *
Apple iOS Vulnerable to Denial of Service Flaw "doorLock"          *
Broward Health Company Discloses a Data Breach, 1.3 Million Individuals Affected          *
Threat Actors Deploying Purple Fox Malware via Malicious Telegram Installers          *
Microsoft Release a Temporary Fix to Address Exchange Server Flaw          *
Kyoto University Loses 77TB of Research Data due to Backup Error          *
Netgear Leaves Six High Severity Vulnerabilities Unpatched in Nighthawk Router          *
PulseTV Discloses Data Breach of 200,000 Credit Cards          *
Researcher Discloses a Security Flaw in Uber's Email System          *
New iLOBleed Rootkit Wiping Data from Compromised HP Enterprise Servers          *
AvosLocker Ransomware Group Releases Decryptor Post Breaching US Police          *
Firmware Attack May Drop Persistent Malware in Hidden SSD Area          *
Chinese APT Hackers Employ Log4Shell Flaw to Attack an Academic Institution          *
Prominent Crypto Trading Platform, ONUS Suffers Ransomware Attack via Log4j Hack          *
Storage Devices of Several Vendors Impacted by Encryption Software Bugs          *
Norwegian Media Giant Amedia Suffers Disruption Due to Cyberattack          *
Researchers Disclose New Autom Cryptomining Malware Attacks Using Upgraded Evasion Tactics          *
Apache Releases Log4j 2.17.1 to Address a Remote Code Execution Bug          *
RedLine Malware Stealing Passwords Saved in Chromium-based Web Browsers          *
BlackTech Cyber-espionage APT Targeting Japanese Companies Using Flagpro Malware          *
Threat Actors Attempted to Compromise LastPass Users Master Passwords          *
Researchers Identify Infiltration of Riskware Apps on Samsung's Galaxy Store          *
Threat Actors Actively Abusing MSBuild for Cobalt Strike Beacon Execution          *
Photo Services Giant Shutterfly Hit by Conti Ransomware Attack          *
ech0raix Ransomware Group Actively Scanning for Vulnerable QNAP NAS Devices          *
Pirated 'Spiderman: No Way Home' Movie Torrent Delivers Crypto-Mining Malware          *
Several Vulnerabilities in Garrett Metal Detectors Let Hackers to Alter Configurations          *
Global IT Services Provider Inetum Suffers Ransomware Attack          *
Android Banking Trojan Spreads via Bogus Google Play Store Page          *
Blackmagic Patches Critical DaVinci Resolve Code Execution Flaws          *
Dridex Operators Targeting Covid-19 Victims via Omicron Phishing Taunts          *
Monongalia Health System Suffers Email Breach, Affecting 400,000 Individuals          *
NVIDIA and HPE Patches Apache Log4j Library Vulnerabilities in its Products          *
Researchers Disclose a New Variant of Babuk Ransomware          *
New Dell BIOS Updates Results in Laptops and Desktops Boot Issues          *
Apple Patches macOS Security Flaw Behind Gatekeeper Bypass          *
Researchers Uncover New Phishing Campaign Aimed at CoinSpot Crypto Exchange          *
Threat Actors Deploying Stealthy BLISTER Malware on Windows Devices          *
Pro Wrestling Tees Discloses Data Breach, 31,000 Customers Info Compromised          *
Apache Patches Two Severe Security Vulnerabilities in its HTTP Server          *
Microsoft Azure App Service Bug Exposes Customers Source Code Repository          *
CISA, FBI and NSA Releases Joint Advisory and Scanner for Log4j Vulnerabilities          *
Chinese-speaking Espionage Group Targeting Government and Transportation Sectors          *
Researchers Identify Stealthy Backdoors in Auerswald's COMpact 5500R PBX's Firmware          *
All Mobile Phone Generations Since 2G Vulnerable to Newly Identified Mobile Network Vulnerabilities          *
FBI: Threat Actors Actively Exploiting New Zoho Zero-Day Since October 2021          *
Over 820,000 Vulnerable WordPress sites are Exposed to Attacks          *
PYSA Ransomware Group was Behind Major Attacks in November 2021          *
Scammers Impersonate Pharmaceutical company 'Pfizer' in Phishing Attacks          *
Sony Life Insurance Employee Arrested for Stealing $154 Million Dollars          *
Hackers Taking Over Vulnerable Windows Domains via Elevation of Privilege Vulnerabilities          *
Researchers Suspect 'Cytrox' for Distributing 'Predator' Spyware on iPhones          *
Cyber Criminals Infected U.S. Federal Agency's Network with Backdoor          *
Malicious Android App Distributes New Joker Malware, Infected Over 500,000 Android Users          *
Hackers Distributing New Stealthy DarkWatchman Malware through Phishing Emails          *
Threat Actors Revived TellYouThePass Ransomware in Linux, and Windows Log4j Attacks          *
Threat Actors Exploiting Log4j Vulnerability to Deploy Dridex Banking Malware          *
Western Digital Urges Users to Upgrade their My Cloud Devices          *
Logistics Firm "Hellmann" Warns Users of BEC Emails Post Ransomware Attack          *
Threat Actors Infected Over 35,000 Computers in 2021 Using a New PseudoManuscrypt Malware          *
Threat Actors Targeting Spider-Man Franchise Fans with Credit-Card Harvesting          *
VMware Patches a Critical Flaw in Workspace ONE UEM          *
Phorpiex Botnet Surfaces Again with a more Sophisticated Variant          *
Khonsari Ransomware Group Targeting Self-Hosted Minecraft Servers          *
Apache Issues a New Patch to Fix 3rd Log4j Vulnerability          *
Researchers Suspect New Attack Vector Identified in Log4j Exploits may Expand the Attack Surface          *
Iranian State-Sponsored Hacker Abused Slack API to Steal Asian Airline Data          *
US Prominent Brewery and Hotel chain "McMenamins" Hit by a Conti Ransomware Attack          *
Log4j Hackers Switch to Injecting Monero Miners via RMI          *
Credit Card Skimmers Targeting Ecommerce Sector via Magecart Attacks          *
DDoS Mitigation Service Provider "Cloudflare" Suffers Widespread Latency and Timeouts          *
A New Espionage Campaign Targeting Telecom Organizations in Middle East and Asia          *
Hackers Steal Microsoft Exchange Credentials Using Backdoor "Owowa "          *
Threat Actors Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges          *
Apple Releases an iOS Update for Remote Jailbreak Exploit          *
PyPi Removes 3 Python Packages Suspected of Dropping a Trojan on Victim Systems          *
Virginia Information Technology Agency Suffers Ransomware Attack          *
Workforce Management Solutions Provider, Kronos Suffers Ransomware Attack          *
Over 300,000 MikroTik Devices Still Vulnerable to Remote Hacking Flaws          *
AWS Suffers Second Outage in this Month, Impacts Twitch, Zoom, PSN, Hulu, others          *
Vulnerabilities in Wi-Fi and Bluetooth Chips Enable Hackers to Steal Passwords          *
Researchers Identify "ALPHV" as the Most Sophisticated Ransomware in 2021          *
Threat Actors Actively Exploiting Log4Shell Vulnerability to Deliver Malware on Vulnerable Machines          *
Partially Fixed Dell Computer Drivers Still Vulnerable to Windows Kernel-level Attacks          *
Threat Actors Targeting German E-Banking Users via New Phishing Campaigns          *
Volvo Cars Suffers Ransomware Attack, R&D Information Exposed          *
Researchers Link 'XE Group' to Eight Years of Credit Card Theft          *
Apache Foundation Releases a Security Patch for Second Log4j Vulnerability          *
Microsoft Patch Tuesday Security Advisory - December 2021          *
Mojang Studios Publishes an Emergency Minecraft Update Amid Critical Log4j Vulnerability Exploits          *
Threat Actors Dropping Agent Tesla Malware Using PowerPoint Macros in On-going Phishing Campaigns          *
Hackers Employ Known Info-stealing Malware "TinyNuke" Targeting French Users          *
Researchers Disclose Building Blocks of Widely Active Qakbot Banking Trojan          *
AWS Discloses the Cause Behind the Recent Massive Outage          *
Researches Disclose an Active Campaign Exploiting Over Vulnerable 1.6 Million WordPress Sites          *
17 Malicious NPM Packages Let Attackers to Steal Discord Tokens          *
Google Pushes Emergency Chrome Update to Fix Zero-day in its Chrome Browser          *
South Australian Government Data Breach Expose Over 80,000 Employees Info          *
Threat Actors Targeting Enterprises Using New Zero-day Exploit for Log4j Java Library          *
StrongPity Hacking Group Pushing Malware Using Malicious Notepad++ Installers          *
Dark Mirai Botnet Actively Targeting Unpatched TP-Link Routers          *
Hackers Targeting US Universities via Office 365 Phishing Campaigns          *
Vulnerable Hikvision's IoT Devices Targeted by Moobot Botnet          *
Emotet Malware is Now Installing Cobalt Strike Directly on Infected Devices          *
Fujitsu Cites the Breach on Japanese Ministries' on Stolen ProjectWEB Credentials          *
Cox Communications Disclose Data Breach Post Hacker Impersonates Support Agent          *
SanDisk SecureAccess Flaw Enables Brute Force Attacks Against Vault Passwords          *
Google Fixes High Severity Use-After-Free Vulnerabilities in its Chrome Browser          *
SolarWinds Hackers Targeting Government and Business Organizations Worldwide          *
Phony KMSPico Software Stealing Victims' Cryptocurrency Wallets          *
Hackers Employ Fake 'Spam Notification' Phishing Emails to Steal Microsoft Credentials          *
SonicWall Patches Several Security Flaws in its SMA 100 Series Appliances          *
Grafana Patches a Zero-day Flaw Post Exploits Spread Over Twitter          *
Popular Cloud Service Providers Affected by Multiple Vulnerabilities in Eltima SDK          *
AWS Suffers Outage, Impacts Ring, Netflix, and Amazon Deliveries          *
QNAP Warns Users to Secure NAS Devices Against Bitcoin Miner          *
Conti Ransomware Strikes Scandinavian Hotel Group "Nordic Choice"          *
Hundreds of SPAR Stores Suffer Massive Outage in Northern England          *
BitMart Cryptocurrency Exchnage Loses $200 Million Worth of Cryptocurrency Tokens Post Hack          *
Microsoft Seizes Domains Used by APT15 Chinese State Hacker Group          *
Researches Disclose 17 Malicious Frameworks Used to Attack Air-Gapped Networks          *
Pakistani Threat Actor "SideCopy" Targeting Indian and Afghan Governments          *
Malvertising Campaigns Distributing Backdoors and Malicious Chrome Extensions          *
Threat Actors Distributing Android Banking Malware "BRATA" via SMS Phishing Campaign          *
Researchers Disclose 14 New XS-Leaks Attacks on Well-known Web Browsers          *
Finland's National Cyber Security Centre Warns of New Android Banking Malware Campaigns          *
Threat Actors Employing RTF Template Injection Method in Phishing Campaigns          *
Phishing Actors Actively Exploiting Users Via Omicron Themed Phishing Campaign          *
Zoho Patches a Critical ManageEngine Bug Exploited in Wild          *
Pegasus Spyware Reportedly Hacked iPhones of U.S. State Department and Diplomats          *
Scammer Sentenced for Stealing Millions of Dollars of Cryptocurrencies via SIM Hijacking          *
Threat Actors Promoting a Malicious Android App to Steal Malaysian Bank Credentials, and MFA Codes          *
BlackByte Ransomware Group Exploiting Proxy-shell Flaws to Deploy Web-shells on Vulnerable Microsoft Exchange Servers          *
New Malware "NginRAT" Actively Targeting E-commerce Servers          *
Planned Parenthood LA Discloses Data Breach Post Ransomware Attack          *
Threat Actors Spreading Emotet via Fake Adobe Windows App Installer Packages          *
Four Android Banking Trojans Infected Over 300,000 Android Devices in 2021          *
Mozilla Patches a Critical Flaw in its Cross-platform Cryptography Library          *
TrickBot Malware Authors Employing New Ways to Evade Detection          *
Russian Threat Actors Employing Babadeda Crypter to Evade Detection          *
Hardware Giant "HP" Patches 8-year-old Critical Flaws in its Multi-functional Printers          *
Ohio-based DNA Testing Firm "DNA Diagnostics Center" Discloses Data Breach, Impacting 2.1 Million People          *
'Sabbath' Ransomware Operators Target Critical Infrastructure in US and Canada          *
North Korean Defectors and Journalists Targeted by a New Chinotto Malware          *
Threat Actors Utilizing Compromised Google Cloud Instances to Mine Cryptocurrency          *
Marine Services Provider "Swire Pacific Offshore" Suffers Ransomware Attack          *
Threat Actors Hide New Linux Malware Payload in Cron Jobs to Steal Credit Card Data          *
Stealthy Hacker Group "WIRTE" Targeting Governments in the Middle East          *
Researchers Warn of Attacks Targeting Recently Patched Apache HTTP Server Vulnerability Exploited in Wild          *
Japanese Multinational Conglomerate "Panasonic" Discloses Data Breach Post Network Hack          *
Furniture Retail Giant IKEA Email Systems Hit by Ongoing Cyberattack          *
Researchers Disclose New Zero-day Vulnerability in Windows 10 Mobile Device Management Service          *
APT C-23 Hackers Targeting Target Middle East Users Using New Android Spyware Variant          *
Researchers Uncover a New Stealthy JavaScript Malware Dropping Several Windows based RATs          *
Iranian Threat Actors Exploiting Microsoft MSHTML RCE Flaw to Steal Google, Instagram Credentials          *
Advanced Hacking Group Targeting Biomanufacturing Industries Via New Malware Variant          *
Researchers Linked North Korean Attackers to Several Credential Theft Campaigns          *
Malicious Python Libraries Steal Discord Tokens and Install Reverse Shells          *
PHP Deserialize Bug in CloudLinux Imunity360 May Lead to Remote Code Execution          *
"RedCurl," A Corporate Cyber Espionage Threat Group Strikes With New Hacking Tools          *
Cisco Patches a High Severity Bug in its Cisco ASA and FTD Firewalls          *
MediaTek Chips Bugs Affect 37% of All Smartphones and IoT Globally          *
VMware Patches Multiple Vulnerabilities in its vCenter Server and Cloud Foundation          *
Over 6 Million Sky Routers Vulnerable to Takeover Attacks for 17 months          *
New Android Banking Malware ‘SharkBot’ Hitting Targets in U.S., UK and Italy          *
North American Wind Turbine Giant "Vestas" Suffers a Data Breach          *
Iran Airlines "Mahan Air" Hit By Cyber Attack          *
Threat Actors Actively Exploiting New Windows Installer Zero-day Flaw          *
US SEC Alerts Investors About Ongoing Impersonation Attacks          *
Utah Medical Center Suffers Data Breach; 582k Patients Info Stolen          *
Threat Actors Hacking Vulnerable Microsoft Exchange Servers to Hijack Internal Email Chains          *
GoDaddy Suffers Data Breach Affecting 1.2 million Customers          *
Android Malware BrazKing Back with New Stealthy Techniques          *
Threat Actors Abusing Glitch Cloud Service to Host Short-lived Phishing Websites          *
APT Group Exploiting FatPipe VPN Zero-Day Bug Since May 2021          *
Vulnerable eCommerce Sites Allow Hackers to Deploy a New Linux Backdoor          *
Attackers Employing Domain Fronting Technique to Evade Malicious Traffic          *
Attackers Distributing Emotet Malware in New Spam Campaigns          *
Netgear Fixes Pre-Authentication Buffer Overflow Bug which Affects various Products          *
New TikTok Phishing Attack Targeting Influencers’ Accounts          *
Emotet Botnet Returns Using TrickBot Malware          *
Microsoft Released Emergency Updates to Fix Windows Server Authentication Issues          *
NPM Patched Private Package Names Leak and Serious Authorization Flaw          *
New Release Google Chrome 96 Shatters Twitter and Discord Web Apps          *
WordPress Sites are Targeted to Display Fake Ransomware Notes          *
High Severity Flaws Discovered in BIOS Firmware Affects Various Intel Processors          *
Hackers Actively Targeting Alibaba ECS Instances to Deploy Cryptojacking Malware          *
Lazarus Attackers Targeting Security Researchers with Trojanized IDA Pro Application          *
Attackers Hacked FBI Email Servers to Distribute Spam Campaign          *
American Retail Giant 'Costco' Reveals Data Breach After Identifying Credit Card Skimmer          *
A Zero-Day Flaw in the Windows User Profile Service Gets Free Unofficial Patch          *
BotenaGo Malware Targeting Millions of Routers and IoT Devices with 33 Exploits          *
TrickBot Hackers Abused Microsoft's App Installer in Spam Campaigns          *
WP Reset PRO Plugin Enables Attackers to Hijack Websites          *
Netflix, Instagram, and Twitter Users are Targeted by New Android Malware          *
TeamTNT Cybercrime Group Actively Targeting Vulnerable Docker Servers          *
German Medical Software Company Medatixx Hit by Ransomware Attack          *
Palo Alto Addresses Multiple Vulnerabilities in PAN-OS          *
Clop Ransomware Gang is now Exploiting SolarWinds Serv-U flaw in Attacks          *
Zombie-themed Phishing Emails Infecting Users with MirCop Ransomware          *
A New Variant of Mekotio Banking Trojan Spotted in the Wild          *
Microsoft Patch Tuesday Security Advisory - November 2021          *
Microsoft Warned Admins to Patch Exchange Server Vulnerability          *
Cisco Patches Hard Coded Credentials and Default SSH Key Issues in its Catalyst PON Switches          *
Researchers Disclose a Critical RCE Vulnerability in Linux Kernel's TIPC Module          *
Scammers Harvesting Microsoft O365, Google Logins Via Fake Proofpoint Emails          *
Researchers Disclose Two Critical SQL Injection Flaws in Philips Healthcare Informatics Solution          *
Prominent Stock Trading Platform "Robinhood" Suffers a Data Breach          *
Electronics Giant "MediaMarkt" Hit by Hive Ransomware Attack          *
Threat Actors Actively Targeting Patched Sitecore XP RCE Flaw          *
Central Depository Services (India) Limited Discloses a Data Breach          *
Babuk Ransomware Deployed via Microsoft Exchange ProxyShell Vulnerabilities          *
New Android Rooting Malware "AbstractEmu" Takes Over Mobile Phones Via Root Access          *
CISA Discloses a Catalog of Known Exploited Vulnerabilities for Multiple Products          *
UK Labour Party Discloses a Data Breach Post Ransomware Attack          *
Critical Flaw in Cisco Policy Suite's Hardcoded SSH Key Lets Remote Hackers Gain Root Access          *
US Defense Contractor Electronic Warfare Associates (EWA) Suffers Data Breach          *
Google Patches Actively Exploited Kernel Bugs in its Android November Patch          *
Microsoft Suffers Outage, Blocks Access to Onedrive and Sharepoint Files          *
Over 30,000 Unpatched GitLab Servers Vulnerable to Already Patched Critical RCE Flaw          *
Over 1.6 Million Devices in China Infected by Pink Botnet          *
Researchers Uncovered Multiple Critical Flaws in Pentaho Business Analytics Software          *
Threat Actors Used Kaspersky's Stolen Amazon SES Token in Office 365 Phishing Campaigns          *
Threat Actors Distributing Chaos Ransomware via Fake Minecraft 'alt list' Text Files          *
Threat Actors Deploying Snake Infostealer Malware Via Phishing Emails          *
Iranian Hackers Breach Israeli Web Hosting Provider"Cyberserve"          *
Canadian Province Health Care System Hit by Cyberattack          *
Researchers Disclose New Spook Ransomware Built on Prometheus Code Exposing All Victims          *
Pirated Sports Streamer Hacked Major American Sports Leagues and Tried to Extort MLB for $150,000          *
Hive Ransomware Group Launches New Variants Capable of Encrypting Linux and FreeBSD Devices          *
Israeli Internet Firm Hit By Ransomware Attack Led By Iranian Hackers          *
UMass Memorial Health Care Center Suffers Data Breach          *
Google Fixes the Flaw Causing Chromebooks Failing to Enroll Devices          *
Google Patches Two Zero-Day Bugs in Chrome Browser          *
macOS Flaw Allow Hackers to Deploy Rootkits          *
WordPress's OptinMonster Plugin Flaw Allow to Hijack Sites          *
Threat Actors Targeting YouTubers’ in Phishing Campaigns          *
Cybercriminals Delivering Ransomware via Malicious NPM Packages          *
Apple Fixed 22 Security Flaws in iOS and iPadOS Devices          *
Iranian Gas Station Hit by a Cyberattack          *
Hackers Employing a New Squirrelwaffle Malware In Spam Email Campaigns          *
Attackers Used a New Yanluowang Ransomware in Targeted Attacks          *
Russian Attackers Delivering Malicious Documents in Phishing Campaign          *
WordPress Plugin Flaw can Lead to Complete Takeover of Vulnerable Sites          *
South Korea's Telecommunications Firm 'KT Corporation' Suffers Nationwide Outage          *
CISA Advised to Fix Critical Flaw in Discourse Software          *
Attacker Hijacked NPM Library to Compromise Windows and Linux Devices          *
macOS Malware Utilizes New Evasion Techniques          *
New PurpleFox Backdoor Uses WebSockets for C2 Communication          *
SCUF Gaming International Suffers Data Breach: 32,000 Customers Affected          *
Attackers Distributing Malware Through Korean Webhard and Torrent Websites          *
New Threat Group Targeting South Asian Organizations Using Custom Malware          *
Chinese Attackers Exploited Windows Zero-Day Vulnerability in Cyberattacks          *
FBI Alerts on Fake Govt Sites Used to Steal Sensitive Information          *
Telecommunications Company 'Sinclair Broadcast Group' Hit by Ransomware Attack          *
The University of Sunderland Hit by Cyberattack          *
Olympus US Systems Hit by Cyberattack          *
Ecuador's Largest Bank 'Banco Pichincha' Hit by Cyberattack          *
Microsoft Fixed Compatibility Issues in Windows 11 KB5006674 Cumulative Update          *
Attackers Using Math Symbols in Phishing Campaigns          *
Microsoft Azure's Customer Hit by Largest DDoS Attack          *
Microsoft Patch Tuesday Security Advisory - October 2021          *
Apple Fixes a Zero-day Flaw in an Emergency iOS 15.0.2 Update          *
Google Fixes Four High-Severity Flaws in its Chrome Browser          *
American Pacific City Bank Hit by AvosLocker Ransomware Attack          *
Threat Actors Targeting Linux Devices Using New FontOnLake Rootkit          *
Ransomware Group FIN12 Aggressively Attacking Healthcare Sectors          *
Cox Media Group Discloses a Data Breach Post Ransomware Attack          *
Threat Actors Impersonating "QuickBooks" in Ongoing Phishing Campaigns          *
Global Brewery Firm BrewDog Exposes 200,000 Customers Sensitive Information          *
Researchers Disclose New Android Malware Infecting Android Mobiles          *
Telecommunication Firm 'Syniverse' Discloses a Database Breach          *
Microsoft Patched Flaw Prevent Security Updates for Azure Virtual Desktops          *
Apache Emergency Update Patched Incomplete Fix for Actively Exploited Bug          *
Researchers Disclose UEFI Bootkit Exploiting Windows Systems Since 2012          *
Live Streaming Platform 'Twitch' Suffers Massive Data Leak          *
APT Group "ChamelGang" Targeting Fuel, Energy, and Aviation Industries          *
Researchers Disclose Multiple Critical Flaws in Honeywell Experion PKS and ACE Controllers          *
Apache Patches a Zero-Day Vulnerability in its Web Server          *
The Telegraph Suffers Massive Data Breach;10 TB Database Leaked          *
Researchers Link Disparate Malware Attacks to Chinese Cyber-espionage Group          *
Unknown Ransomware Gang Encrypting VMware ESXi Servers Using Python Script          *
Industry Publication Giant Sandhills Global Hit by a Ransomware Attack          *
Misconfigured Apache Airflow Servers Leak Credentials          *
New Atom Silo Ransomware Group Targeting Unpatched Confluence Servers          *
An Unpatched Flaw Enables Contactless Payments From Locked iPhones          *
Threat Actors Targeting Commerzbank Customers Via New Malware Campaign          *
Hackers Steal Cryptocurrency from Coinbase Customers Using MFA Flaw          *
Threat Actor Group "GhostEmperor" Backdooring Windows 10 Systems Using a Rootkit          *
WhatsApp, Instagram and Facebook Suffers Massive Outage Due to a Configuration Error          *
Google Fixes Two Zero-Day Flaws in its Chrome Browser          *
Hackers Spreading Flubot Android malware Via Fake Security Updates          *
QNAP Patches 3 High-severity Stored Cross-site Scripting (XSS) Flaws Affecting NAS Devices          *
MoneyLion Discloses a Data Breach Post Credential Stuffing Attacks          *
Neiman Marcus Discloses a Massive Data Breach; 4.3 million Users Affected          *
Fake Amnesty International Pegasus Antivirus Affects Windows Systems          *
JVCKenwood Hit by CONTI Ransomware Attack          *
Threat Actors Hijack Windows Boot Manager With UEFI Bootkit          *
Microsoft Warns of Cyber Attacks Targeting Active Directory FS Servers          *
Hackers Draining Brazil's PIX Payment System Users' Bank Accounts          *
Researchers Linked New Tomiris Backdoor to Hackers Behind SolarWinds Cyberattack          *
Giant Trucking Company "Forward Air" Suffers Data Breach          *
Microsoft Suffers MFA Outage; Access to Microsoft 365 Services Blocked          *
Threat Actors Distributing a New Jupyter Malware Version Via MSI Installers          *
Threat Actors Stealing Financial Data from 378 Banking and Wallet Apps Via "ERMAC" Malware          *
Multiple Cyberattack Campaigns Abusing Atlassian Confluence RCE Flaw          *
Colossus Ransomware Hits Prominent Automobile Company in the USA          *
Twitter Web Client Suffers Worldwide Outage          *
Threat Actor Targets Indian Government With Commercial RATs Via Operation Armor Piercer Campaign          *
QNAP Patches Two Critical Flaws in its QVR Software          *
Prominent Communications Provider "" Hit By a DDoS Attack          *
New Malware 'BloodyStealer' Targeting Popular Gaming Platforms          *
Google Fixes High-Severity Zero-Day Flaw in its Chrome Browser          *
Researcher Discloses Exploit Codes for 4 iOS Zero-Day Flaws on GitHub          *
Microsoft Warns Organizations About a Wide-Scale Phishing-as-a-Service Operation          *
Colombian Real Estate Firm "Coninsa Ramon" Suffers Data Breach          *
Scammers Targeting US, Canada Users Via New Android Malware          *
SonicWall Patches a Critical Vulnerability in its SMA 100 Series Products          *
Threat Actors Deploying Web Shells Via Nagios RCE Vulnerabilities          *
Researchers Disclose a Remote Code Execution Flaw in AWS WorkSpaces          *
Netgear Patches a Remote Code Execution Vulnerability in its Routers          *
Threat Actors Employing BitRAT to Target South American Organizations via Spam Campaigns          *
Cisco Patches Three Critical Flaws in its IOS XR Software          *
Apple Patches a Zero-day Flaw Used to Hack iPhones and Macs          *
Threat actor Group "FamousSparrow" Breaching Hotels Worldwide Via ProxyLogon Exploits          *
Cyber Criminals Deploying Rootkit Via a New Bug in Microsoft Windows          *
Threat Actors Targeting Organizations in Latin America Via a New Banking Trojan          *
Threat Actors Employing New Malware Campaigns to Mine Cryptocurrency          *
Cring Ransomware Group Actively Exploiting Decade-Old Patched ColdFusion Vulnerabilities          *
Microsoft Exchange's Autodiscover Flaw Leaks 100K Windows Credentials          *
Russian Threat Actors Deploying TinyTurla Malware as Secondary Stage Backdoor          *
VMware Fixed Critical Arbitrary File Upload Vulnerability in its vCenter Server          *
Researchers Disclosed a New Zero-Day Vulnerability in macOS Finder          *
Republican Governors Association's Server Breached Via Microsoft Exchange Cyberattack          *
US Farmer Cooperative Suffered a BlackMatter Ransomware Attack          *
Over 1.4 Million COVID-19 Test Results From Multiple Hospitals Exposed in Paris          *
Scammers Sending Spam Emails to Promote Elon Musk-themed Cryptocurrency Scam          * Hit By a DDoS Attack; Multiple Services Impacted          *
AMD Patches An Information Disclosure Flaw in its Chipset Driver          *
Prominent Integration Service Provider, Travis CI Patches a Critical Security Flaw          *
Researchers Uncovered Phishing Campaign "Operation Layover" Targeting Aviation Industry          *
Threat Actors Deploying New Malware to Compromise Windows Subsystem for Linux Environment          *
Tamil Nadu Public Department Hit by Ransomware Attack          *
Netgear Patches Third Critical Bug in its Smart Switches          *
Microsoft Patches a Critical Flaw in Open Management Infrastructure Affecting Azure Cloud Services          *
Adobe Patches 36 Critical Vulnerabilities in its Products          *
Threat Actors Impersonate US Department of Transportation to Steal Microsoft Credentials          *
South Africa's Justice Ministry Suffers Ransomware Attack          *
Microsoft Warns of Information Leakage Vulnerability in Azure Container Instances          *
Cyber Criminals Deploying New Linux Cobalt Strike Beacons in Ongoing Cyber Attacks          *
Nitro Software Patches a Remote Code Execution Flaw in its Nitro Pro PDF          *
Threat Actors Spreading New ZLoader Malware Through Fake TeamViewer Installer          *
Millions of Computers Affected by HP Omen's Privilege Escalation Bug          *
Microsoft Patch Tuesday Security Advisory - September 2021          *
Telecommunications Provider "MyRepublic" Suffers Data Breach          *
New Android Banking Trojan Dubbed "S.O.V.A" Emerges With Growing Capabilities          *
TeamTNT Hacking Group Stealing Credentials Using New Open-Source Tools          *
Apple Patches Zero-click iPhone Exploit Deploying Pegasus Spyware          *
Google Patches 2 Zero-day Flaws in its Chrome Browser          *
“FudCo” Spam Empire Linked to Pakistan-based Software Firm          *
Howard University Suffers Ransomware Attack Leading to Network Shutdown          *
Threat Actors Targeting Kurdish Ethnic Group Via Mobile Spyware Attacks          *
New Windows 0-Day Attack Targeting Users Via Weaponized Office Documents          *
Meris Botnet Launches a 22 Million RPS DDoS Attack          *
Cisco Patches Multiple High-Severity Flaws in its IOS XR Software          *
Threat Actors Leaked 500,000 Fortinet VPN Credentials On Hacking Forum          *
Zoho Patches Critical Vulnerability in its ManageEngine ADSelfService Plus Solution          *
Critical Flaw in HAProxy Result in HTTP Request Smuggling Attack          *
FIN7 Group Deploying Backdoor Via Windows 11 Alpha-themed Word Documents          *
Ribbonsoft’s dxflib Library Flaw Allow Attackers to Remotely Execute Commands          *
New Malware Family Leverages CLFS Log Files to Evade Detection          *
Threat Actors Hacked Jenkins Project's Confluence Server to Install Monero Miners          *
NPM, Package Manager Patches a Critical Bug in the Package Pac-Resolver          *
Microsoft Links SolarWinds Serv-U SSH Zero-Day Attack to Chinese Hackers          *
Netgear Patches High Severity Bugs in its Smart Switches          *
Threat Actors Exploiting Confluence Bug to Install Cryptocurrency Miners          *
Billions of Bluetooth Devices From Multiple Vendors Remain Highly Vulnerable to BrakTooth Flaws          *
Dallas Public School Suffers Data Breach          *
Canada Immigration Accepts Additional 7,300 Applications in TR to PR Program Due to a Technical Bug          *
Cisco Patches Critical Authentication Bypass Flaw in NFV Infrastructure Software (NFVIS)          *
Over 60,000 Parked Domains Were Vulnerable to Domain Hijacking Attacks          *
Autodesk Targeted By SolarWinds Hackers Via Sunburst Backdoor          *
LockFile Ransomware Bypassing Protection Via Intermittent File Encryption          *
Microsoft Exchange ProxyToken Flaw Allow Attackers to Access User Email Messages          *
Multiple Vulnerabilities Identified in Fortress S03 Wi-Fi Home Security Systems          *
Threat Actors Selling a GPU Based Malware Via Hacker Forums          *
Annke Patches a Stack-based Buffer Overflow Flaw in its Video Surveillance Product          *
Synology Discloses Open SSL Vulnerabilities Impacting its NAS Devices          *
Attackers Abusing Proxyware Applications to Monetize Malware Campaigns          *
QNAP Discloses OpenSSL Flaws Impacting its NAS Devices          *
New York Credit Union Discloses An Insider Threat; 21GB of Sensitive Data Destroyed          *
Google App Bug Restrict Users To Make & Receive Calls          *
Attackers Distributing Phishing Mails Using Open Redirect Links          *
Researchers Warn Users About Four Emerging Ransomware Groups          *
FIN8 Threat Group Targeting Financial Institutions Using Sardonic Backdoor          *
U.S. Based Computer Retail Company Targeted by New SideWalk Backdoor          *
Critical F5 BIG-IP Vulnerability Affects Customers in Sensitive Sectors          *
VMware Fixes Four High Severity Flaws in vRealize Operations Manager API          *
Microsoft Power App Leaks 38 Million Sensitive Data Records Via Misconfigured Tables          *
Threat Actors Actively Exploiting 15 Vulnerabilities to Hack Linux Systems          *
Microsoft Warns Customers of Azure Critical Cosmos DB Vulnerability          *
Cisco Patched a Critical Flaw in its APIC Software          *
Boston Public Library Suffers System Wide Outage          *
Cyber Criminals Deploying BazaLoader Malware via Fake DDoS Notifications          *
Emsisoft Releases Free Decryptor for SynAck Ransomware Victims          *
Compromised WhatsApp Mod Distributing Malicious Payloads Via Supply Chain Attack          *
Threat Actors Discreetly Marketing ShadowPad Malware Among Chinese Espionage Groups          *
NSO Group Deploying Pegasus Spyware Via New Zero-click iPhone Exploit          *
OpenSSL Vulnerabilities May Be Exploited For Multiple Cyber Attacks          *
ACROS Security Releases a Micro Patch to Address PetitPotam Flaw          *
Mozi, an IoT Botnet Targets Network Gateways and IoT Devices          *
Threat Actors Actively Exploiting Newly Disclosed Realtek SDK Vulnerabilities in the Wild          *
AT&T Denies Data Breach Post Attacker Auctions 70 Million User Database          *
Google Discloses Information of Unpatched Windows AppContainer Vulnerability          *
Cloudflare Thwarts the Largest DDOS Attack Ever Recorded          *
Microsoft Exchange Servers Under Attack By New LockFile Ransomware          *
SAC Wireless, A Nokia Subsidiary Discloses Data Breach Post Conti Ransomware Attack          *
Phishing Campaign Used a XSS Flaw in UPS Website to Distribute Malware          *
Vulnerable Microsoft Exchange Servers Under Attack Via ProxyShell Vulnerabilities          *
Attackers Hacked US Census Bureau Servers Using Citrix Vulnerability          *
Critical Vulnerability Discovered in the Universal Plug-and-Play (UPnP) Service of Multiple Cisco Routers          *
BadAlloc Flaw Affects BlackBerry's QNX Real-Time Operating System (RTOS)          *
Chase Bank Suffers Data Leak Via Technical Glitch          *
Data Exfiltration Attacks Can Bypass Cisco Safety Products          *
Ransomware Attacks Hit Maine's Rural Sewage Treatment Plants          *
Memorial Health System, Florida Suffers Ransomware Attack          *
Attackers Targeting Multiple Users in Mexico via Neurevt Trojan          *
Adobe Patches Critical Photoshop Security Flaws          *
Critical Flaw in ThroughTek's Point-to-Point (P2P) SDKs Impacting Million IoT Devices          *
Fortinet Delays Patching a Zero-day Bug in its Web Application Firewall (WAF)          *
Multiple Realtek Related Flaws Affecting its Wi-Fi SDKs; Impacting Nearly a Million IoT Devices          *
Tokio Marine's Singapore Branch Suffers Ransomware Attack          *
Threat Actors Selling Ficker Info Stealer Malware as a Malware-as-a-Service (MaaS)          *
Iranian Government-linked Hacker Groups Conducting Cyber Espionage Activities in Israel          *
Attackers Use 'CAPTCHA' Images to Trick Users into Bypassing Browser Warnings          *
Brazilian National Treasury Suffers Ransomware Attack          *
Threat Actors may use Middleboxes Related Flaws for TCP Reflected Amplification          *
Threat Actors Distributing WarzoneRAT via Compromised WordPress Sites          *
TA505 Threat Group Installing ServHelper RAT Using New Techniques          *
Multiple STARTTLS Related Bugs Found in Popular Email Clients          *
Trend Micro Addresses Wild Zero-Day Vulnerabilities          *
T-Mobile Suffers Massive Data Breach; 100 Million Customers Data Stolen          *
The Infamous AlphaBay Darknet Market Has Reopened for Business          *
Microsoft Spotted Hackers Using Morse Code in Phishing Campaigns to Evade Detection          *
Threat Actors Employing CAPTCHA Protected Phishing Campaigns          *
Scammers Impersonating FINRA in an Ongoing Phishing Campaign          *
Multiple Flaws in Wodify Fitness Platform Allow Hackers to Take Control          *
New AdLoad Malware Variant Escapes through Apple's XProtect Defence          *
Ford Flaw Exposed Sensitive Information from Internal Systems          *
Attackers Can Now Spy On DNS Traffic via Bugs in Managed DNS Services          *
Intel Releases Patches for High-Severity Flaws in NUC 9 Extreme Laptops, Ethernet Linux Drivers          *
Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising          *
One Million Stolen Credit Cards Data Leaked on Carding Marketplace          *
Gigabyte Suffers RansomEXX Ransomware Attack          *
Microsoft Confirms another Zero-Day Bug in Windows Print Spooler          *
Accenture Hit by LockBit Ransomware Attack          *
Attackers Stole Cryptocurrency worth of $600 Million          *
Researchers Revealed eCh0raix Ransomware Targeting Both NAP and Synology NAS Devices          *
Microsoft Patch Tuesday Security Advisory - August 2021          *
Adobe Patched Several Critical Vulnerabilities in its Products          *
Russian Federal Executive Authorities Targeted by Chinese Threat Actors          *
Chinese Threat Actors Targeting Prominent Southeast Asian Telecom Firms          *
Joplin City Suffers from Ransomware Attack          *
FatalRAT Trojan Exploiting Telegram          *
New FlyTrap Malware Compromises Thousands of Facebook Accounts          *
New Chinese Spyware Used in Widespread of Cyber Espionage Attacks          *
VMware Patches Security Vulnerabilities in Workspace ONE Access and Identity Manager          *
INFRA:HALT Flaws Affect Embedded TCP/IP Stack Widely Used in OT Devices          *
Cisco: Firewall Manager RCE Flaw is a Zero-day, Patch Incoming          *
Go & Rust Languages Affected by Critical IP Address Validation Flaw in "net" Library          *
New York City Public School's Info Leaked; Officials Confirm          *
Threat Actors are Actively Exploiting Vulnerable Home Routers          *
Solarmarker Malware Targeting Healthcare and Education Sectors          *
Attacker Scanning Microsoft Exchange Servers for ProxyShell Vulnerability          *
New APT Threat Group Targeting Microsoft IIS Servers          *
Google Fixed Several High-Severity Security Flaws in Android OS          *
Linux Variant of BlackMatter Ransomware Encrypting VMware ESXi Machines          *
New Android Malware Vultur Abuses Accessibility Services          *
Energy Group ERG Reports Minor Interruptions Post Ransomware Attack          *
Google Patches Several Chrome Vulnerabilities          *
New Cobalt Strike DoS Vulnerability Allows Takedown of Attackers’ Servers          *
Advanced Technology Ventures Discloses a Data Breach Attack          *
Cisco Patches Pre-Auth Security Flaws in its VPN Routers          *
Romania Cryptojacking Attackers Targeting Linux Devices          *
Multiple TransLogic Firmware Vulnerabilities Discovered; Major Impact on North America Hospitals          *
Italy's Lazio Region Suffers Ransomware Attack          *
New Meteor Malware Used in Iranian Railway Attack          *
Multiple Vulnerabilities Patched in WordPress Download Manager          *
Node.js Patched Severe HTTP Vulnerability          *
Russians Attackers Compromised Federal Prosecutors Email Accounts          *
New Vulnerabilities could let Attackers to Compromise Zimbra Server via Email          *
Researchers Discovered New Haron Ransomware Gang          *
A New .Stolen Ransomware Deleting Disc Shadow Copies Post Encrypting Disc Drives          *
LockBit 2.0 Ransomware Uses Group Policies to Encrypt Windows Domains          *
Attackers Compromised Chipotle’s Marketing Account to Deliver Phishing Emails          *
Multiple Flaws Discovered in 3 Open-Source Software          *
DarkSide Ransomware Gang Returns as New BlackMatter Ransomware          *
Attackers Installing PlugX Malware Variant on Compromised MS Exchange Servers          *
Northern Ireland Suspends COVID Certificate Service Post Data Breach          *
Attackers Posed as Aerobics Instructors to Target Employees          *
APT Attackers Distributed Android Trojan via Syrian E-Government Portal          *
UC San Diego Health Suffers Data Breach Post Phishing Attack          *
Oracle Fixes Critical Flaws in its Products          *
LemonDuck Malware Targeting Windows and Linux Systems          *
Signal Patches a Critical Flaw in its Android Versions          *
Apple Patches a Zero-day Flaw Exploited in the Wild          *
XCSSET MacOS Malware Targets Telegram Accounts and Google Chrome Data          *
Researchers Disclose 3 Zero-day Flaws in Kaseya Unitrends Backup Solution          *
Kaseya Gets Universal Decryptor Tool to Help Victims          *
Critical Security Flaws Reported in Etherpad          *
Law Firm Campbell Conroy & O'Neil Suffered Ransomware Attack          *
Malicious NPM Package Steals Chrome Passwords on Windows via Recovery Tool          *
Federal Agencies Say China Breached Dozens of Pipeline Companies between 2011 and 2013          *
Akamai Suffers DNS Outage; Prominent Websites and Online Services Across the Globe Impacted          *
Dell Patches 3 Critical Vulnerabilities in OpenManage Enterprise Service          *
Atlassian Patches Critical Vulnerability in its Jira Data Center and Jira Service Management Data Center Products          *
Ecuador's State-run CNT Telco Suffers Ransomware Attack          *
Juniper Fixed Multiple Flaws in its Products          *
Attackers Distributing Remcos RAT via Visual Basic          *
Microsoft Seizes Homoglyph Domains used in BEC Campaign          *
Saudi Aramco Suffers Data Breach; 1 TB Stolen Data for Sale          *
16-Year-Old Bug Impacts Millions of HP, Samsung, Xerox Printers          *
Bug discovered in Fortinet lets Attackers to run Code as Root          *
WIFIDemon Leading to Remote Code Execution Attacks on iOS Devices          *
Magecart Attackers Using Unique Techniques to Avoid Detection          *
Cisco Patches High Severity Flaw in its ASA & FTD Software Versions          *
Pegasus Spyware Infecting Prominent Personnel's Mobile Devices Across the Globe          *
WildPressure APT Targeting Windows and macOS Systems via New Malware Variant          *
Google Patches Zero-Day Vulnerability in its Chrome Browser          *
D-Link Fixes Multiple Security Bugs in its DIR-3040 Router Version v1.13B03          *
Scammers Target Comparis Group Users Post Ransomware Attack          *
Multiple Vulnerabilities in NuGet Packages Affect .NET Platform          *
Microsoft Patched Windows Hello Authentication Bypass Vulnerability          *
Recent ZLoader Malware Attacks Adopt New Macro-Related Delivery Method          *
Sage X3 Patched Multiple Security Flaws in its Enterprise Resource Planning (ERP) Product          *
Attackers Spreading BazarBackdoor Malware via Nested RAR and ZIP Archives          *
SonicWall Warns of Imminent Ransomware Attacks Targeting SMA 100 & SRA VPN Appliances          *
VMware Fixed Flaws In ESXi and ThinApp Applications          *
Chinese Hackers Utilizing SolarWinds Zero-Day to Target US Defense Companies          *
New BIOPASS RAT Live Stream Victim's Computer Screen          *
Kaspersky Password Manager Generated Passwords used in Brute Force Attacks          *
Adobe Patch Tuesday Security Advisory - July 2021          *
Microsoft Patch Tuesday Security Advisory - July 2021          *
Kaseya Fixed Multiple VSA Bugs Exploited in REvil Ransomware Attack          *
Flaws in Cisco BPA and WSA could lead to Privilege Escalation Attacks          *
Mitsubishi Electric Fixed Bugs in Air Conditioner Control Systems          *
Fashion Retailer Guess Suffers Data Breach Post Ransomware Attack          *
SolarWinds Patches a Zero-day Flaw Exploited in the Wild          *
Insurance Firm CNA Suffers Data Breach After Ransomware Attack          *
Mint Mobile Suffers Data Breach; Hackers Port Victims Phone Numbers          *
Morgan Stanley Reports Data Breach After Vendor Reports Accellion Hack          *
Nobelium Hacking Group Reportedly Accessed Microsoft's Customers Support Tools          *
Crypto Mining Scams Targeting Victims via Fraudulent Android Apps          *
Malspam Campaign Deploying Cobalt Strike Payloads Posing as Kaseya VSA Security Update          *
Microsoft Addresses Critical Edge Bug Leading to UXSS Attacks          *
CISA Discloses 15 Vulnerabilities Affecting Philips Vue Healthcare Products          *
Pro-Trump Social Media Site "GETTR" Suffers Data Breach          *
QNAP Patches Critical Flaw in NAS Backup and Disaster Recovery Solution          *
Insurance Giant AJG Reports Data Breach post a Ransomware Attack          *
Threat Actor Group Wizard Spider Linked to a New Ransomware 'Diavol'          *
NETGEAR Patches 3 Critical Bugs in DGN-2200v1 Series Routers          *
Microsoft Urges Azure Users to Update their PowerShell Tool          *
Threat Actors Hacked Mongolian Certificate Authority to Deploy Backdoors          *
Threat Actors Targeting Unpatched Cisco ASA Devices Aggressively Post the PoC Release          *
Kaseya Suffers Massive Ransomware Attack; Hundreds of Companies around the Globe Affected          *
Retail Giant Coop Shuts Down 500 Stores Post Kaseya Ransomware Attack          *
Microsoft Releases Emergency Patch for Windows Zero-day PrintNightmare Vulnerability          *
Attackers Target Microsoft's Halo Development Servers via Dependency Hijacking          *
Law Enforcement Officials Seize DoubleVPN Service's Servers          *
WD Storage Devices Vulnerable to Ongoing Cyber-Attacks          *
LinkedIn Suffers Data Breach, 700 Million Users Data Exposed          *
DarkRadiation Ransomware Gang Targeting Linux & Docker Instances          *
Threat Actors using WIM Files to Bypass Security Solutions via Phishing Emails          *
Microsoft Signs a Rootkit Malware Disguised as Windows Driver          *
Unpatched Flaws in PlingStore Apps may Lead to Supply-Chain Attacks          *
Scammers Impersonating FINRA Support in a New Phishing Campaign          *
Fortinet Patches 2 Vulnerabilities in its Web Application Firewall (WAF)          *
High Severity Flaws Found in Vulnerable NVIDIA Jetson Chipsets          *
Spam Campaign Hides "handwritten" Links in Tinder Profile Images          *
Pakistan Hackers are Targeting Indian Power Company with ReverseRat          *
Mercedes-Benz Suffers Data Breach          *
Multiple Bugs in Dell SupportAssist; Impacts 30 Million PCs          *
Researchers Discovered Security Vulnerability in 2G Mobile Data Encryption Standard          *
Conti Ransomware Gang Leaked Tulsa City's Police Citation Documents          *
Covid-19 tracking app ‘MassNotify’ Auto-installed on Massachusetts Android Phones          *
VMware Fixed Critical Vulnerability in Carbon Black App Control          *
A Partially Fixed Bug in SonicWall Affecting 800K Firewalls          *
Vulnerabilities in Open Design Alliance's SDK Impacting Multiple Vendors          *
Nuclear Research Agency of South Korea was Hacked Using VPN Flaw          *
Multiple Vulnerabilities Discovered in Schneider PowerLogic Devices          *
Zephyr RTOS Patched Multiple Bugs in its Bluetooth LE Stack          *
Healthcare Giant Grupo Fleury Suffers Ransomware Attack          *
Palo Alto Networks Fixed Critical Vulnerability in Cortex XSOAR          *
Microsoft Patched High-Pitched Noise Bug in Windows 10          *
Threat Actors are Sending Fake Extortion Emails by Impersonating DarkSide Gang          *
Supermarket Chain Wegmans Suffers Data Breach          *
Andariel Hacking Group Targeted South Korean Industries with New Malware Campaign          *
Poland Officials Targeted in Russian Cyber Attacks          *
Russian Consumer Watchdog Bans VyprVPN & Opera VPN Services          *
Gelsemium Hackers Target NoxPlayer with Supply Chain Attack          *
Reproductive Biology Associates Clinic Suffers Ransomware Attack          *
Critical Flaw in ThroughTek Allows Millions of Cameras to Spy          *
Newly Discovered iPhone Bug can Disable iPhone's Wi-Fi Functionality          *
Researchers Warn of SolarMarker Malware Deployed via SEO Poisoning          *
Attackers Bypass Office 365 MFA in BEC Attacks          *
Attackers can Access Victim Information via Vulnerability found in Microsoft Power Apps          *
Instagram Bug Allows Attacker to View Private Accounts Details of the User          *
Propane Service Provider AmeriGas Discloses Data Breach          *
Cake Box Suffers Data Breach; Credit Card Numbers of Customers Exposed          *
Clop Ransomware Gang Suspects are Arrested in Ukraine          *
Google Patched Zero-Day Bug in Chrome Web Browser          *
Scammers are Sending Fake Ledger Devices to Steal Cryptocurrency          *
Thousands of VMWare vCenter Servers are Still Vulnerable to Remote Code Execution Attacks          *
Apple has Fixed 2 Zero-Day Flaws in iOS Devices          *
Hackers can Spy on Samsung Mobile Users using Pre-installed Applications          *
Interpol Removed Multiple Fake Online Pharmaceutical Websites          *
Spain's Ministry of Labor and Social Economy Suffers Cyberattack          *
Avaddon Ransomware Group Shuts Down          *
Food Supply Giant Edward Don Shuts Down Temporarily Due to Ransomware Attack          *
7-Year-Old Privilege Escalation Polkit Flaw Affecting Linux Devices          *
McDonald's Discloses Data Breach; Customers and Employee Information Exposed          *
Audi and Volkswagen Suffers Data Breach; 3.3 Million Customers Affected          *
Food Giant JBS Pays $11 million to REvil Ransomware Group          *
Famous Video Game Company Electronic Arts Suffers Data Breach          *
WAGO Controller Flaws Could Lead to Industrial Process Disruptions          *
Stolen Login Credential Marketplace Slilpp is Seized by Law Enforcement          *
Fastly CDN Outage Impacted Multiple Websites          *
Latest Necro Python Malware has New Exploits and Crypto Mining Capabilities          *
Phishing Campaign Targets U.S. Financial Industry Regulatory Authority (FINRA)          *
Memory & Storage Manufacturing Giant ADATA Suffers Ransomware Attack          *
Microsoft Patched Vulnerability In MSGraph Component          *
PuzzleMaker Threat Actors Targeting Windows 10 Systems using Chrome Zero-days          *
STUN Servers Abused for DDoS Attacks          *
New Siloscape Malware Targets Windows Containers to Access Vulnerable Kubernetes Clusters          *
Attackers are Actively Targeting Vulnerable VMware vCenter Servers          *
Google Fixed Multiple Critical Bugs In Latest Android Security Updates          *
Adobe Patches 41 Vulnerabilities in 10 Products          *
Intel Fixes 73 Security Vulnerabilities          *
Microsoft Patch Tuesday Security Advisory - June 2021          *
EvilCorp Cybercrime Gang Mimics PayloadBIN to Evade US Sanctions          *
US Truck Manufacturer Navistar Discloses Data Breach          *
Cisco Patches High-Risk Security Flaws in its Multiple Products          *
Open Source Application "Have I Been Pwned" Used to Expose Stolen Credentials          *
Nantucket Steamship Authority Suffers Ransomware Attack          *
Researchers Disclosed Critical Bug In Realtek Wi-Fi Module          *
Threat Actors Deploying SkinnyBoy Malware using Malicious MS Word Documents          *
Threat Actors Bypassing Ransomware Defense in Antivirus Solutions via Whitelisted Applications          *
Huawei Fixed Privilege Escalation Bug in its USB LTE Dongle          *
FUJIFILM Suffers Ransomware Attack          *
North Korean Hacking Operation Targeting South Korea Government Units          *
Multiple Products from Cisco, Akamai & Linux affected by Vulnerability in Lasso Library          *
Multiple Vulnerabilities Reported in Industrial Switches from Several Vendors          *
Swedish Health Agency Shuts Down SmiNet's Database after Multiple Intrusion Attempts          *
Attackers Exploiting Critical Zero-day Flaw in WordPress Plugin          *
Researchers Disclosed Two New Attack Techniques which Modifies Certified PDF Document Content          *
New Phishing Campaign Targeting Walmart Users Discovered          *
Two Domains Used In Nobelium Phishing Campaign Seized          *
Food Giant JBS Shuts down Temporarily due to Cyberattack          *
BazaLoader Campaign Spreading Phishing Emails to Compromise Users Windows System          *
FBI Reports Attackers are Exploiting Unpatched Fortinet Devices          *
Researchers Warn of Facefish Backdoor Infecting Linux Devices          *
New VSCode Extensions Bugs may Lead To Supply Chain Attacks          *
Siemens Patches a High-severity Memory Protection Bypass in its PLCs          *
Canada Post Reports Data Breach Post Supplier Ransomware Attack          *
Threat Actors Distributing Trojanized AnyDesk Installer via Malvertising Campaign          *
SolarWinds Hackers Deploying New 'NativeZone' Backdoor via a New Supply Chain Attack          *
Klarna Mobile Application's Technical Bug Leaking Users Data          *
New Epsilon Red Ransomware Abusing Unpatched Microsoft Exchange Servers          *
Threat Actors Actively Exploiting a Command Injection Flaw in SonicWall's NSM On-Premises Products          *
TPG Shutdown the Legacy TrustedCloud Service Post Data Breach          *
Threat Actors Deploying Data Wiper Malware Disguised as Ransomware          *
Checkbox Survey Patches Arbitrary Code Execution Flaw Being Exploited in the Wild          *
Attackers Impersonating Devices via Newly Disclosed Bluetooth Bugs          *
HPE Patches Critical Zero-day Flaw in Systems Insight Manager (SIM)          *
Office 365 Bug Sending Exchange Online, Outlook Emails to Junk Folder          *
Malware Attack Knocks out Siegfried Group’s Network          *
Multiple Japanese Agencies Suffer Data Breaches in a Supply Chain Attack          *
Hackers Sent Racist Registration Emails Pretending to be from Walmart          *
Zeppelin Ransomware Back in Operation with an Updated Malware          *
Apple Patches a Zero-day Flaw in TCC Framework          *
Japan’s Omiai Dating App Data Breach; Over 2 Million Users Data Exposed          *
VMware Patches Critical Remote Code Execution Flaw in vCenter          *
CryptoCore Campaign Hacking Cryptocurrency Exchanges Globally          *
Scheme Flooding Vulnerability Enables Hackers in Identifying Users          *
Florida Water Treatment Plant Suffered a Cyber Incident Prior to the Poisoning Attack          *
Ivanti Addresses a High-Severity Vulnerability in Pulse Connect Secure VPN          *
Electronic Giant Bose Reports Data Breach Post Ransomware Attack          *
Trend Micro Patches 3 Vulnerabilities in Home Network Security Devices          *
Threat Actor Behind Infamous UPMC Breach Gets Verdict; Faces 7 Years in Prison          *
Apple Patches 3 Zero-days Affecting macOS & tvOS Devices          *
Microsoft Releases a Simulated Tool for Attack Scenarios          *
23 Misconfigured Android Applications Leaking Users Personal Data          *
Google Fixes Chrome Browser Crash on Windows 10 and Linux Platforms          *
Google Patches Heap-based Buffer Overflow Vulnerability in Chrome          *
CNA Financial Paid $40 Million Ransom to Evil Corporation          *
FBI Warns Organizations about Conti Ransomware          *
E-commerce Giant Mercari Suffers Massive Data Breach in Codecov Incident          *
QNAP Warns Organizations about Qlocker Ransomware Impacting Vulnerable HBS Devices          *
Stolen Dominos India Data Up for Sale on Dark Web          *
Air India Hacked; 4.5 Million Passengers Information Leaked          *
Android Releases Patches for 4 New Zero-day Vulnerabilities          *
New Malware Campaign Delivers Fake Ransomware          *
Slack Messaging Application Suffers Massive Outage          *
Over 600,000 WordPress Sites Impacted by a Vulnerability in WP Statistics Plugin          *
Magecart Hackers Deploying PHP-based Backdoor via Website Favicons          *
New Banking Trojan Bizzaro Targeting European and South American Banks          *
Experts Warn About Ongoing AutoHotkey-Based Malware Attacks          *
FBI Warns of a Spear Phishing Campaign Delivering Advanced Malware          *
Student Insurance Provider Guard[.]me Suffers a Data Breach          *
Insurance Giant AXA Hit by Ransomware Attack          *
Threat Actors Deploying Lizar Malware under the Disguise of Ethical Hacking Tool          *
APT36 Group Mimicking Legitimate Indian Military and Defense Organizations          *
Monday[.]com Source Code Accessed by Codecov Hackers          *
Toshiba's Subsidiary Unit Struck by DarkSide Ransomware Group          *
Cisco Patches a Zero-day Bug in Cisco AnyConnect Client          *
Rapid7 Source Code Accessed in Codecov Supply-chain Attack          *
AMD Patches Two Flaws Bypassing AMD's SEV Protection System          *
Snip3 Crypter Service Deploying Multiple RAT Variants          *
Hackers Delivering Malware via Microsoft Build Engine Files          *
Citrix Patches Vulnerability in Workspace Application for Windows          *
New Cryptocurrency Phishing Scam Stealing Recovery Phrases via Twitter          *
Colonial’s Pipeline Hack; $5 Million Ransom Paid          *
QNAP warns of Zero-day Bug in Roon Servers          *
Herff Jones Suffers Data Breach          *
New Lorenz Ransomware Affecting Multiple Organizations Globally          *
Brenntag Hack; $4.4 Million Ransom Paid          *
DarkSide Ransomware Servers Seized Post-Colonial Pipeline Attack          *
Lemon Duck Cryptominer Strikes Again          *
Ireland’s Health Services Reports Ransomware Attack; $20 million Ransom Demanded          *
Threat Actor Leaks Stolen Data Post D.C. Police Columbia Hack          *
FBI and ACSC Warns of Avaddon Ransomware Attacks          *
VideoLan Patches Auto-updater Bug in VLC Media Player          *
Ransomware Attack on the City of Tulsa, USA          *
All Wi-Fi Devices are Vulnerable to FragAttacks          *
A New Qualcomm Vulnerability Impacting Android-based Mobile Devices          *
Over 25% of Tor Exit Relays Spied on Users Dark Web Activities          *
Google Patches 19 Bugs in Chrome 90.0.4430.212          *
Twitter's New Feature Tip Jar Exposing Sensitive Information          *
Cuba Ransomware Partners With Hancitor for Spam-Fueled Attacks          *
Law Firm Jones Day Hit by Data Breach          *
Attackers are Exploiting Authoritative DNS Servers via TsuNAME DNS Bug          *
NatWest Bank Scheduled Payments Bug May Cost Customers Money          *
Russian Hackers Are Allegedly Exploiting 12 Vulnerabilities in the Wild          *
New Stealthy Rootkit Targeting High-Profile Organizations          *
Twilio & HashiCorp Reports Cyber Attacks Post Codecov Supply Chain Hack          *
UNC2529 Threat Group Delivers Three New Malware Strains via Phishing Emails          *
Six Unpatched Critical Flaws Detected in Remote Mouse Application          *
Foxit Patches Remote Code Execution (RCE) Vulnerability in Foxit Reader          *
Colonial Pipeline Suffers from Alleged Ransomware Attack          *
Microsoft Edge Crashes while Playing YouTube          *
Scammers Impersonate "SNL in Elon Musk" Show in a Cryptocurrency Scam          *
VMware Patches Critical Flaw in vRealize Business for Cloud Virtual Appliance          *
HP Enterprise Fixes Critical Bug In Edge Platform Tool          *
New Windows Malware 'Pingback' Using ICMP for C2 Operations          *
N3TW0RM Ransomware Targeting Israel-based Companies          *
Alaska Court System Went Offline Amid Cyber Attack          *
Critical 21Nails Exim bugs Affecting Vulnerable Linux Servers          *
Network Solution and Reports DNS Outage          *
Tesla Car Hacked Remotely using Drones          *
Dell Fixes a 12-year-old Bug in DBUtil BIOS Driver          *
Insight Global's Insider Threat Leaks COVID-19 Information          *
Complexcodes is Selling Subscription based Commodity Malware "WeSteal"          *
Chinese Attackers Hacked Russia's Largest Nuclear Submarine Designer          *
A New Malspam Campaign Distributing Rust-based Buer Malware Variant          *
Intel and AMD Chips are Vulnerable to Spectre Side-Channel Attacks          *
Pulse Secure Addresses VPN Zero-Day Vulnerability          *
LuckyMouse Targets Multiple Organizations via Sys-update Toolkit          *
Critical IP Address Validation Vulnerability found in Python          *
Mount Locker Ransomware Uses New Tricks to Evade Detection          *
ISC Patches Several BIND Vulnerabilities in DNS Servers          *
Researchers Expose a New Iranian State-Sponsored Ransomware Campaign          *
SolarMarket RAT Uses Google SEO Tactics to Lure Victims          *
First Horizon Bank Hacked; $1 Million Stolen          *
2 iOS Zero-day Vulnerabilities fixed by Apple          *
Chinese Hackers Attacking Military Organizations in South-East Asia          *
Stealthy Backdoor Infecting Linux Systems          *
FBI Shares 4 Million Emotet Botnet Stolen Email Addresses          *
PHP Composer Bug Ends Up in a Widespread Supply-Chain Attacks          *
Hotbit Cryptocurrency Exchange Down Post Cyberattack          *
ParkMobile Stolen Customers Data Exposed Online          *
Whistler Resort Municipality Suffers Ransomware Attack          *
Microsoft Uncovered Critical Code Execution Bugs In IoT, OT Devices          *
DigitalOcean Data Breach Exposes Customer Billing Information          *
Brazil's Rio Grande Do Sul Court System Suffers Ransomware Attack          *
Attackers are exploiting SonicWall Zero-day for Ransomware Attacks          *
F5 Discloses KDC Spoofing Vulnerability in BIG-IP Consoles          *
UnitingCare, Queensland Systems Taken Down          *
UK Rail Network Merseyrail Hit by Lockbit Ransomware          *
Google Patches Critical RCE Vulnerability in Chrome          *
MangaDex Stolen Database Leaked Online          *
NTLM Relay Attack Abuses Windows RPC Protocol Vulnerability          *
Guilderland Central Schools Hit With Malware Attack          *
Apple iCloud Mail Server Outage          *
Fake Microsoft DirectX 12 Deploying Crypto-Stealing Malware          *
D.C. Police Columbia Hacked; Ransom Demanded          *
Oilfield Services Giant Gyrodata Discloses Data Breach          *
Microsoft Teams Suffers Outage          *
Attackers Spreading FluBot Malware via Android Devices          *
Prometei Botnet Operators Exploiting Obscure Microsoft Exchange Servers          *
New Cryptomining Malware Turning Vulnerable Windows, Linux Devices into Bots          *
Hacker Leaks 20 million BigBasket's Data for Free          *
Critical RCE Bug Reported in Homebrew Package Manager          *
Hackers Exploiting PulseSecure to Deploy SUPERNOVA Malware          *
Qlocker Malware Encrypting QNAP Devices Using 7zip          *
Twitter Mistakenly Sends Spam Emails          *
ToxicEye Trojan Abusing Telegram to Steal Data          *
PasswordState is Latest Victim of Supply Chain Attack          *
WhatsApp Pink Malware Auto Replies to Skype, Signal and other Messengers          *
Exchange Online Down; Microsoft 365 Outage Affects Email Delivery          *
Pareto Android Botnet Attacks Smart TV Ads          *
1.3 Million Windows RDP Servers Login Credentials found in Hacker Forum          *
Multiple Vulnerabilities in Google Chrome Patched          *
Microsoft Partially Fixes Windows 7 and Server 2008 R2 Vulnerability          *
Attackers Infecting Google Play Store via Fake Applications          *
Eversource Energy Reported Data Breach          *
Attackers Actively Exploiting 4 Pulse Secure Vulnerabilities          *
Attackers Target Multiple Networks in a Supply Chain Attack Post Codecov's Data Breach          *
Revil Gang Attempted to Extort Apple via Alleged Quanta Hack          *
Zero-day Vulnerabilities Patched in SonicWall Email Security          *
Remote Code Execution Vulnerabilities Discovered in Cosori Smart Air Fryer          *
Malvertising Campaign "Tag Barnakle" Compromised 120 Ad Servers          *
Attackers Hacking Android Devices Remotely via WhatsApp Flaws          *
Lazarus APT Using BMP Images to Distribute Trojan          *
Geico Suffers Data Breach; Policyholders' Driver's License Numbers Stolen          *
Researchers Found Campaign Mimicking Microsoft Store, Spotify Sites, and Chess Application          *
WordPress Patches XXE Flaw in PHP 8          *
Domino's India Database Hacked; 10 Lakh Credit Card Details Leaked          *
Critical Remote Code Execution Vulnerability in Juniper Devices Discovered          *
Attackers Exploiting Critical Flaw in Facebook's Live Videos Feature          *
Multiple Vulnerabilities Reported in EtherNet/IP Stack for Industrial Systems          *
Malware Spreading via Xcode Projects; Infecting Apple's M1-based Macs          *
Attackers Stealing Credentials via Operation "Overtrap"          *
Fortinet Discloses a New FormBook Variant          *
Hackers Gained Access via Vulnerable VPN Device in Capcom Ransomware Attack          *
Critical Zero-day Vulnerability Found in Desktop Window Manager (DWM)          *
Swinburne University, Australia Suffers Data Breach          *
Twitter Suffering Worldwide Outage          *
Google Released Chrome 90          *
Cyberattack on The University of Hertfordshire, UK          *
Tata Communications Data Breached via Route Mobile          *
Over 100 Million Devices Vulnerable to DNS Vulnerabilities          *
Attackers Tampering Popular App Stores to Distribute Malicious Apps          *
Researchers Disclosing Second Chrome Zero-day Exploit          *
SAP Fixes Critical Flaws in SAP Commerce, NetWeaver & Business Client          *
Spying Android RAT "BRATA" Strikes Back          *
New Phishing Campaign Delivering Fake Antivirus Billing Notices          *
Malware hidden in Fake Browserify NPM package          *
Adobe Fixes 10 Vulnerabilities in Multiple Products          *
QBot Operators Using QBot & IcedID Malware as Final Payload          *
Malicious Facebook Ads Dropping Malware on Systems          *
Bakker Logistiek Suffers Ransomware Attack          *
Microsoft Office 365 Phishing Campaign Evades Detection with Malicious Javascript Code          *
10 Malicious Applications in App Gallery Infected with Joker Malware          *
Microsoft Patch Tuesday Security Advisory - April 2021          *
New Malware "Saint Bot" Snatching User Passwords          *
IcedID Malware Delivered via Contact Forms          *
Swarmshop Hacked; Over 600,000 Stolen Records Exposed          *
Pharmaceutical Giant "Pierre Fabre" Suffers REvil Ransomware Attack          *
Multiple Gigaset Android Smartphones are Infected with Malware          *
New Android Malware Auto-spreads to Devices using WhatsApp Auto-replies          *
Lazarus Hacking Group Strikes Back with Vyveva Backdoor          *
Rockwell Automation Addresses 9 Critical Vulnerabilities in FactoryTalk AssetCentre          *
VISA Warns of Increasing Web Skimming Attacks          *
LinkedIn Data Breach; 500 Million Users Data Posted On Dark Web          *
Unpatched Fortinet VPN devices are exploited by Cring Ransomware          *
Cisco Patches Cisco SD-WAN vManage Software Vulnerabilities          *
Chinese Hackers Attacks Government & Military of Vietnam          *
A New Spear-Phishing Campaign Deploying Malware Using Voice Changing Software          *
Attackers Targeting Firms Using new Banking Trojan "Janeleiro"          *
Hackers Deploying 'more_eggs' Malware via Fake LinkedIn Job Offers          *
European Commission and EU Organizations Suffer Cyber Attack          * Fined $560,000 by DPA          *
VMware Fixes Critical RCE Flaw in Carbon Black Cloud Workload          *
Data of Over 279 "Only Fans" Accounts Posted Online          *
TU Dublin and National College of Ireland Suffers from Ransomware Attack          *
Attackers Actively Exploiting Unpatched SAP Applications          *
Hackers Exploiting Windows OS "BITS" Component          *
New Bugs Bypass Spectre Attack Mitigations on Linux Systems          *
$38M Worth of Gift Cards Sold by Cybercriminal on Russian Hacking Forum          *
Outlook "Cannot send this item" Error Patched by Microsoft          *
Clop Ransomware Gang Leaks Multiple Universities Sensitive Data Online          *
Attackers are targeting Japan Industries with Multiple Backdoors          *
Fake jQuery Plugin Deploying Malware on Systems          *
Electronics Manufacturer "Asteelflash" Suffers REvil Ransomware Attack          *
Brown University Suffers Cyberattack          *
US DOJ Warns of Fake Covid-19 Vaccine Survey Phishing Campaign          *
FBI and CISA Warns of Exploits Against Unpatched Fortinet FortiOS Servers          *
Threat Actors Attempt to Extort Ubiquiti Post Data Breach          *
Researchers Report Spike in Ransom DDoS Attacks          *
Bogus Pen-Test Company "SecuriElite" Targeting Security Professionals          *
Facebook Data Breach; 533 Million Users Data Exposed          *
Citrix Addresses Multiple Vulnerabilities in Hypervisor          *
SolarWinds Patches Four Vulnerabilities in Orion Platform          *
Attackers Hacked PHP's Git Server to add Backdoors          *
Malicious “System Update” Android Malware is Compromising Devices          *
German Parliament Members Targeted by Spear-Phishing Attack          *
BazarCall Malware Infecting Systems via Malicious Phone Calls          *
New 5G Security Flaw allows Denial-of Service Attacks & Data Access          *
Campaigns Spotted Targeting Gamers via Malware hidden in Game Cheats and Mods          *
Fat Face Discloses Data Breach; Pays $2 Million Ransom          *
VMware Fixes Two Critical Flaws in vRealize Operations Manager          *
Harris Federation Hit by Ransomware Attack          *
Slack Disables New Feature Amid Security Related Concerns          *
npm Fixes a Critical Networking Vulnerability in "netmask" Library          *
OpenSSL fixes Two High Severity Vulnerabilities          *
Microsoft Patches Windows 10 Secure Boot Vulnerability          *
Weintek Patches Remote Code Execution Flaws in its Product Range          *
Evil Corporation Employs Hades Ransomware to Evade Detection          *
Two Critical Vulnerabilities Patched in a WordPress Plugin          *
FBI Warns of Mamba Ransomware          *
Mobikwik Data Breach; Over 5 Million Users Data Exposed          *
Threat Actors Exploiting Critical Flaws in GE's Universal Relay Products          *
Apple Patches Webkit Browser Engine's Zero-day Vulnerability          *
Backblaze Reports Data Breach; 9,245 Users' Metadata Exposed          *
New Cloudflare's Page Shield Feature notifies Malicious JavaScript Dependencies          *
Purple Fox Operators are Targeting Vulnerable Windows Systems          *
Two Dozen Malicious Chrome Extensions are distributing Malware Globally          *
Microsoft Patches Privilege Elevation Flaw in PSExec          *
Multiple Security Vulnerabilities discovered in Cisco Jabber          *
Adobe Fixes Critical Vulnerability in ColdFusion          *
CISA and FBI warn about Phishing Attack spreading TrickBot Malware          *
Colorado & Miami Universities Suffers Data Breach due to Vulnerable Accellion FTA Servers          *
High Availability Server Manufacturer Stratus Suffers Ransomware Attack          *
Shell Suffers Data Breach due to usage of Vulnerable Accellion FTA Servers          *
Attackers Exploiting Vulnerable Qualcomm Graphic Components on Android Devices          *
CNA Insurance Firm Suffers Ransomware Attack; New Malware Family Used          *
IoT maker "Sierra Wireless" Reports Ransomware Attack; Site Taken Offline          *
Attackers are taking Control of Vulnerable Apache OFBiz ERP via RCE Vulnerability          *
Phishing Campaigns Bypassing Secure Email Gateways          *
Phishing Mails containing fake COVID-19 Relief Checks downloads Dridex Trojan          *
Threat Actors Hacked Windows, iOS, Android Users via Zero-day Attacks          *
Mirai Botnet Exploiting Critical Flaws in Network Security Devices          *
MangaDex Taken Offline Post Cyberattack          *
Black Kingdom Ransomware Exploits Zero-day Flaws in Microsoft Exchange Servers          *
Road Ministry warns Multiple Indian Government Organizations post Cyber-Attack Threats          *
Fake Telegram Desktop Application downloads AZORult Malware          *
CISA releases CHIRP Tool for SolarWinds Malicious Activity Detection          *
CopperStealer Malware is Hijacking Social Media Accounts          *
DDoS-as-a-Service exploits Citrix Devices          *
New Malware XcodeSpy Targets iOS & macOS Developers          *
Acer Suffers Ransomware Attack; $50 million Ransom Demanded          *
Zoom Screen-sharing Bug is exposing Sensitive Data to Unauthorized Users          *
Post Microsoft Outage files are missing from SharePoint          *
Phishing Campaign Targets US Taxpayers          *
Pysa Ransomware is Targeting US & UK Educational Institutions          *
Twitter Image can be abused to hide Malicious Files          *
Hackers Exfiltrating Stolen Data via JPG Files          *
Mimecast Says SolarWinds Hackers Accessed Some Source Code          *
Ransomware Attack on Pune District Smart City Costs Project Operators 50 Million Dollars          *
RTM & Quoter Ransomware are Targeting Russian Finance and Transport Organizations          *
A Time Zone Bug Crashing iOS Clock Application          *
Microsoft Releases Mitigation Tool for Exchange Servers Affected in ProxyLogon Hack          *
WeLeakInfo Hacker Site Hacked          *
Phishing Domains can now Detect Virtual Machines using JavaScript          *
Blender Software Developer Reports Cyber Attack          *
Researchers Discovered Nim based Malware Exploiting Devices          *
Microsoft Suffers Outage; Multiple Services Affected          *
Metamorfo Banking Trojan abuses AutoHotKey to steal User Information          *
Threat Actors Exploiting Avira Antivirus to Deliver Banking Trojans via DLL Side Loading Attack          *
New ZHtrap Botnet Malware is turning Infected Targets to Honeypots          *
Three Privilege Escalation Vulnerabilities fixed in Linux Kernel          *
Threat Actors Exploiting Linux based Systems with new RedXOR Malware          *
A New Zero-day WordPress Vulnerability enables Site Takeover          *
Google Patches Zero-day Vulnerability in Chrome          *
Mozilla Addresses Linux Crashes, Apple Silicon Hangs in Firefox 86.0.1          *
Molson Coors Reports an Outage          *
Windows 10 Emergency Updates fixes Printing Crashes          *
Researchers Disclose New and Powerful Version of BADHATCH PoS Malware          *
Spanish Government Labor Agency Suffers Ransomware Attack          *
New DEARCRY Ransomware Exploiting Vulnerable Microsoft Exchange Servers          *
OVH Data Center Reported Massive Outage          *
Second Cyber Attack on Norway's Parliament          *
Maryland Attorney Seizes 5th Domain Used in COVID-19 Vaccine Phishing Attacks          *
Hackers Accessed Verkada's Live Surveillance Cameras          *
iPhone Call Recorder App Exposes People's Conversations          *
F5 BIG-IP issued patches for Critical Remote Code Execution Vulnerabilities          *
Microsoft Discloses 3 New Malware Strains in SolarWinds Hack          *
Microsoft Patch Tuesday Security Advisory - March 2021          *
GitHub Users were forcibly Signed out to patch a Security Bug          *
9 Android Application on Google Play Store found to be distributing Malware Dropper          *
Researchers Disclose Side-Channel Attacks on Vulnerable Intel CPUs          *
Global Aviation Industry Tech Supplier "SITA" Suffers Massive Data Breach          *
Apple Addresses Remote Code Execution Vulnerability in WebKit          *
Adobe Patches Flaws in Creative Cloud, Connect & Frame-maker          *
Researchers Disclose New Tor based Malware "gafgyt"          *
New Sarbloh Ransomware Encrypting Victim Files through Political Agenda          *
Flagster Bank Suffers Data Breach due to usage of Vulnerable Accellion FTA Servers          *
Google Chrome Blocks Port 554 as a Counter to NAT Slipstreaming Attacks          *
European Banking Authorities Exchange Servers Hacked          *
Microsoft Themed Phishing Attack Stealing User Credentials          *
Over 15 Schools in UK Suffered Cyberattack          *
Multiple Cisco Products Exposed to DoS Attack due to Snort Vulnerability          *
Microsoft Releases a Tool for ProxyLogon Security Verification on Exchange Servers          *
Microsoft Outlook Breached; Over 20,000 Organisations Affected Globally          *
Supermicro, Pulse Secure Patches Vulnerabilities in BIOS & UEFI Products          *
Attackers Hiding ObliqueRAT Trojan in Image Files via Steganography          *
GRUB2 Patches Multiple High Severity Vulnerabilities in Boot Loader          *
Over 6,700 VMware Servers Exposed post Exploit Code Release          *
Hackers Deploying Malware on Compromised Websites via SEO Techniques          *
Over 100 Italian Banks Targeted via Ursnif Trojan          *
VMware Patches Remote Code Execution Vulnerability in View Planner          *
Attackers Targeting Investors via BEC Campaigns          *
CompuCom Suffers Malware Attack Leading to Service Outage          *
Botnet Campaigns Abusing Bitcoin Blockchains & Deploying Skidmap Malware          *
AOL Phishing Campaign Reported Stealing User Credentials          *
Researchers Disocvered DoS Vulnerability in Eclipse Jetty          *
Qualys Suffered Data Breach due to Zero-day Vulnerability in Accellion FTA Server          *
PrismHR Suffers Massive Outage          *
Malaysia Airlines Discloses a Data Breach          *
Chinese Cybercriminals Exploiting 4 Zero-day Vulnerabilities in Microsoft Exchange          *
Universal Health Services lost $67 Million by Ryuk Ransomware Attack          *
Google Patches Zero-day Vulnerability in Chrome          *
Dependency Confusion Vulnerability Exploited to steal Linux/Unix Password Files          *
Ransomware Attack on Aviation Giant Bombardier          *
Dutch e-Ticketing Platform Ticketcounter Suffers Data Breach          *
Chinese Hackers Targeting Indian Power Grids & Seaports          *
World's Leading Dairy Products Group Lactalis Hit by Cyber Attack          *
Drive Corruption Vulnerability in Windows 10          *
LazyScripter Actors Target Airlines with Remote Access Trojans          *
New Variant of Ryuk Ransomware Observed Self-propagating in Local Network          *
Cisco Patches Critical Severity Authentication Bypass Vulnerability in Cisco ACI MSO          *
Sequoia Capital Suffers Data Breach post a Failed BEC Attack          *
FriarFox Browser Extension Targeting Tibetan Organizations          *
Windows 10 BSOD Issues Resolved via Intel Wireless Driver Updates          *
Online Dating Application Gaper Vulnerable to Multiple Critical Zero-day Flaws          *
US Federal Reserve Suffers Massive Outage Nationwide          *
Researchers Discloses Potential Code Injection Flaw in NodeJS Library "systeminformation"          *
TD Bank Recovering from Systemwide Banking Outage          *
XBOX Live Suffers Global Outage          *
Accellion Vulnerability Exposes Pharmacy & Employee Data in Kroger Data Breach          *
Keybase Patches a Bug that Exposes Deleted Sensitive Media to Attackers          *
Threat Actors Deploying New Variants of MINEBRIDGE RAT via Word Documents          *
Powerhouse Management Suffers from Large Scale DDoS Attacks          *
WACUP Patches Several Bugs in Winamp Media Player          *
Over 8 Million COVID-19 Test Results Leaked          *
TietoEVRY IT Services Suffers Ransomware Attack          *
Microsoft Begins Windows 10 21H1 Beta Testing          *
VMware Patches Critical RCE Bug in vCenter          *
Python Software Foundation Addresses Two Vulnerabilities          *
US Shares Information on AppleJeus Malware          *
LinkedIn Suffers Global Outage for Two Hours          *
Fake Adobe Flashplayer Update Installs Adware Bundle          *
Brave Browser's "Tor Mode" Leaks Onion Queries in DNS Traffic          *
Certification Giant Underwriters Laboratories (UL) Suffers from Ransomware Attack          *
Magecart Hackers Stealing Credit Card Information via Google Apps Script          *
Attackers Targeting Apple's M1 Chip via Malicious Adware Extension          *
Cuba Ransomware Triggers Data Breaches In US Cities & Agencies          *
Dutch Research Council (NWO) Suffered Cyberattack          *
RIPE NCC Suffers Credential Stuffing Attack          *
OpenSSL Project Releases A New Patch For Three New Vulnerabilities          *
VMware Patches Vulnerability in vSphere Replication Software          *
Windows 10 Secure Boot Patch Exposes BitLocker Recovery Key          *
Kia Motors USA Suffers Massive IT Outage          *
EMSISOFT Exposes Internal Log Data Generated by their Test Products          *
EXMO Cryptocurrency Exchange Suffers DDoS Attack          *
Researchers Discloses Unpatched Vulnerabilities in SHAREit for Android OS          *
Yandex Insider Threat Compromises 4887 Customer Accounts          *
Telegram's "Super-Secret" Feature Exposes Self-Destructing Media Files to Attackers          *
Siemens Patches Multiple Vulnerabilities in Virtualization Software          *
PayPal Patches XSS Vulnerability in Currency Converter Feature          *
Over 30 Mobile Health Apps Exposing Records of Millions of Users          *
Fortinet Patches Multiple Vulnerabilities In SSL, VPN & Web Firewall Products          *
Critical XSS Vulnerabilities Fixed In WordPress Plugin "NextGen Gallery"          *
Windows Kernel Escalation of Privilege Zero Day Bug is Fixed in Microsoft Patch Tuesday          *
CISA Warns of High-Severity Vulnerabilities in Fuji Electric Products          *
Researchers Discloses Multiple Vulnerabilities in YouPHPTube and AVideo          *
Dairy Farm Suffers REvil Ransomware Attack          *
C-Level Executives Targeted via Phishing Attack          *
Over 3 Million Cook County Court's Sensitive Data Records Exposed          *
Mozilla Enhances Firefox Security Against Super Cookies & Disables Adobe Flash Support          *
Microsoft Azure Function Vulnerable to Privileges Escalation & Docker Escape          *
Apple Patched iOS, iPadOS & tvOS Multiple Vulnerabilities          *
Law Enforcement Agencies around the Globe takes Down Emotet Ransomware Gang          *
Oscorp - Credential Stealing Android Malware          *
Lebanese Cedar APT Targeted Telecoms, Hosting, ISPs Worldwide          *
North Korean Hackers Attacking Security Researchers          *
Cisco Discloses Multiple Vulnerabilities in Small Business Routers          *
Researchers Discloses Critical Vulnerabilities in F5 BIG-IP Products          *
Well-known Religious Services "The Temple" Suffers a DoS Attack          *
Linux Systems Under Attack via FreakOut Malware          *
QNAP Warns Users of Dovecat Crypto Miner Malware          *
Microsoft Discloses Methods used by SolarWinds Hacker Group to Avoid Detection          *
1.9 Million Pixlr Users Stolen Data Available on Free Forums          *
Adult Social Media Platform Fleek Leaking Users Explicit Data          *
4.1 Million AnyVan Users Data Compromised via Data Breach          *
VLC Media Player Patches Several Remote Code Execution Vulnerabilities          *
Cisco Fixes PreAuth Remote Code Execution Vulnerabilities          *
Crypto Exchange LiveCoin Shutting Down Post Cyber Attack          *
Microsoft Enabling Full Automation Support for Microsoft Defender AV          *
Cisco Fixes Windows DLL Injection Vulnerability in Cisco AnyConnect Secure Mobility Client          *
Raindrop Malware Observed in SolarWinds Hack          *
FireEye Releases Tool to Detect SolarWinds Hack Techniques          *
SolarWinds Malware "Raindrop" Hiding in Modified 7Zip Source Code          *
Oracle Releases Quarterly Critical Patches          *
Multiple Twitter Accounts Hacked in "Elon Musk" Crypto Scam          *
Malwarebytes Breached by SolarWinds Threat Actors          *
Apple Removes Vulnerable MacOS Features in MacOS 11.2 Beta 2          *
Cybercriminals Blunder Exposes Stolen Credentials in Plain Sight          *
Threat Actors Bypassing Two-Factor Authentication for Several Cloud Services Accounts          *
Microsoft Patches Zero Day Vulnerability in Defender Antivirus          *
Google Bans 164 Offending Android Applications from Play Store          *
Mozilla Releases Security Updates for Thunderbird          *
Scammers Blackmailing Coinmama Users via Porn Backlinks          *
Windows 10 Bug Corrupts Hard Drive via Single Line Command          *
NSA Urges Organizations Not to Use Third Party DNS Resolvers          *
Bitdefender Releasing Free Decryptor for DarkSide Ransomware Victims          *
Scottish Environment Protection Agency (SEPA) Suffering Conti Ransomware Attack          *
Microsoft Announces Windows Zerologon Flaw ‘Enforcement Mode’          *
Threat Actors Compromising Mimecast's SSL Certificates          *
Researchers Exposes United Nations Data Breach          *
Linux Mint OS Patches ScreenSaver Bypass Vulnerability          *
UK's Nohow International Cloud Data Breached          *
Threat Actors Exploiting Windows "Finger Command" via Phishing Campaign          *
Large Scale Data Breaches Targeting Russian Federation in Year 2020          *
Over 390,000 Users Data Compromised in Capcom Data Breach          *
DoS Vulnerability in RockWell Automation RSLinx Classic Software          *
Breached COVID-19 Vaccine Data Leaked Online via Hacker Forums          *
Fake Trump Scandal Video Distributing QNode Malware          *
SolarWinds Threat Actors Accessing Department of Justice's Email Servers          *
FBI Warns Organizations on Egregor Ransomware          *
Pysa Ransomware Hits Hackney Council & Leaked Data Up for Sale          *
FIN7 Hacking Group Leveraging JSSLoader Malware          *
Indian Government Websites Leaking COVID-19 Patient's Test Results          *
Earth Wendigo Campaign Exfiltrating Emails via JavaScript Backdoor          *
British Airways Plans £3bn Breach Settlement          *
North Korean Hacking Group Supply Chain Attack Targeting Stock Investors          *
Multiple Vulnerabilities in Fortinet FortiWeb WAF Leading to Arbitrary Code Execution          *
Phone and Email Scammers Impersonating as ACSC          *
Ransomware Attack Knocks Out Funke Media Group          *
ElectroRAT Malware Drains Funds from 6,500 Digital Wallets          *
Lake Regional Healthcare Suffers Ransomware Attack          *
NameSouth's Data Breached by NetWalker Ransomware Group          *
Sabre Corporation's 2017 Data Breach LawSuit Verdict          *
Microsoft’s Windows Core Polaris Leaked Online          *
10,000 American Express Credit Card Holder's Data Breached          *
Vodafone's ho. Mobile Suffers Data Breach Impacting 2.5m User Records          *
Hackers Launch Swatting Attacks by Exploiting Smart Home Devices          *
SolarWinds Supply Chain Attack Led Hackers Access to Microsoft Source Code          *
Secret Backdoor Account Detected in Several Zyxel Firewall & VPN Products          *
CISA Releases Sparrow.ps1 Tool for Azure/M365          *
Japanese Aerospace Firm Kawasaki Warns of Data Breach          *
Japanese Game Developer Koei Tecmo Suffers Data Breach          *
FreePBX Developer Sangoma Technologies Hit by Conti Ransomware          *
Authentication Bypass Vulnerability in SolarWinds Orion API          *
Whirlpool Hit by Nefilim Ransomware Attack          *
Adobe Flash Player Reaches End-Of-Life (EOL)          *
Phishing Campaign Using Chase Banking Security Notice Emails          *
Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability          *
Smart Doorbell Devices Easily targeted by Hackers          *
Cybercriminal's Bulletproof VPN Service Shuts Down          *
Authentication Bypass Vulnerability in Bouncy Castle          *
Chinese APT Group Operation StealthyTrident          *
Critical Security Vulnerabilities Reported in Dell Wyse Thin Clients          *
Ransomware Threat Actors Using 'SystemBC' Malware as Backdoor          *
QNAP Fixes High Severity Vulnerabilities in NAS Devices          *
CrowdStrike Launches Reporting Tool to Audit Azure AD Permissions          *
Chinese Mobile Giant Xiaomi Recording Millions of Users Private Web & Phone Usage          *
Al Jazeera Journalists Targeted via Pegasus Spyware          *
VMware Vulnerability Exploited in SolarWinds Supply Chain Attack          *
Credential Stealer Malware Targeting Financial Institutions          *
Clop Ransomware Attack Detected on Symrise          *
Microsoft Defender Blocking Known Malicious SolarWinds Binaries          *
Mozilla Releases Security Fixes for Multiple Security Vulnerabilities          *
Sextortion Campaign Targeting iOS, Android Users via Goontact Spyware          *
New Windows Trojan Steals Browser Credentials, Outlook Files          *
5G Network Architecture Multiple Vulnerabilities Discovered          *
Contact Form 7 WordPress Plugin Emergency Patch Released          *
MoleRats APT Variant Stealing Sensitive Data          *
Unauthenticated Command Injection Flaw Exposes D-Link VPN Routers to Attacks          *
Iranian Rana Android Malware Snooping on Instant Messenging Platforms          *
Samsung Fixes Critical Android Bugs          *
Adobe Releases Security Updates          *
COVID-19 Vaccine Data Leaked          *
Ransomware Attack on Netgain Technologies          *
70 Lakh Indian Cardholders Data Leaked on Dark Web          *
FireEye's Red Team Security Testing and Assessment Tools Stolen by State-Sponsored Hackers          *
Microsoft Patch Tuesday Security Advisory - December 2020          *
Ransomware Attack on Television Production Company - Banijay Group SAS          *
Maze Ransomware Attack on Canon          *
DeathStalker APT Group Offers Hack For Hire Service          *
Security Researchers Accidentally Discovers Windows Zero-Day          *
Bandook Malware Targeting Multiple Sectors          *
Windows 10 20H2 Update Fixes Broken In-Place Upgrade Feature          *
Microsoft Office Products Non-Security Updates November 2020          *
Advanced Persistent Threat Attack Targeting U.S. Think Tank          *
Huntsville City Schools District Shut Down by Ransomware Attack          *
Ryuk Ransomware Attacks K12 Online School Platform          *
Malicious npm Packages Installing Remote Access Trojans          *
IoT Chip Maker Advantech Hit by Conti Ransomware          *
Gootkit Malware Returns with REvil Ransomware          *
New CursedGrabber Malware          *
Delaware County Hit by DoppelPaymer Ransomware Attack          *
Hackers Targeting COVID Vaccine Maker AstraZeneca          *
Data Breach Attack on Peatix Events Management Organization Inbox          *
LidarPhone Attack Converts Smart Vacuums into Microphones          *
Mercy Iowa City Hospital Data Breach          *
Over 300K Spotify Accounts Hacked          *
Industrial Control System Vendors Warn of Critical Bugs          *
Cisco Webex Ghost Flaw          *
Chinese Sponsored Cyber Criminal Group Attacking Japan-Linked Organizations          *
Cisco Webex Meetings API Cross-Site Scripting Vulnerability          *
Mozilla Released Firefox 83          *
Unprotected Database Exposed a Scam Targeting 100K+ Facebook Accounts          *
Mount Locker Ransomware Targeting TurboTax files          *
Chinese APT Group FunnyDream          *
Supply-Chain Attack Distributing Malware in South Korea          *
APT 'Hackers For Hire' Target Financial, Entertainment Firms          *
Multiple Vulnerabilities in Cisco Security Manager Software          *
New Phishing Campaign Delivering Jupyter Malware          *
Image Inversion Technique to Bypass Office 365          *
Critical Vulnerabilities Discovered in World's Largest Android TV Manufacturer          *
E-Shops Running Vulnerable Version of Magento          *
Source Code of Cobalt Strike Toolkit Shared Online          *
Critical Remote Code Execution Vulnerability in Oracle WebLogic Server          *
Animal Jam Kids Virtual Playground Suffered Data Breach          *
Security Vulnerabilities in Unity Orchestrator SD-WAN          *
High Severity Security Vulnerability in Cisco’s IOS XR Software          *
Chrome Zero-day Vulnerabilities          *
Australian Government Warns Healthcare Sector against Ransomware Attack          *
Mozilla Releases Security Updates          *
xHunt Hackers Attacking Exchange Servers          *
Ransomware Attack on Blackbaud Cloud Software Provider          *
Ransomware Hits E-Commerce Software Platform X-Cart          *
Ubuntu GNOME Display Manager Vulnerability allows Root Access          *
Ransomware Attack on Australian Media Monitoring Company          *
Scammers Impersonating IRS for Payment Fraud          *
Adobe Releases Security Updates          *
WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug          *
Microsoft Teams ‘Fake Updates’ Malware Campaign          *
Critical Security Updates for Multiple Intel Products          *
Ghimob Banking Trojan          *
Ransomware Attack on Italian Liquor Brand - Campari          *
Microsoft Patch Tuesday - November 2020          *
Pay2Key Ransomware          *
True Social Network App Exposed          *
Critical Security Flaws in SaltStack IT Infra Management Solution          *
Phishing Attacks on Russian Industrial Enterprises          *
Cisco AnyConnect Arbitrary Code Execution Vulnerability          *
Multiple Vulnerabilities in Google Android OS          *
Multiple Vulnerabilities in Adobe          *
Folksam Data Breach          *
Bigbasket Suffers Data Breach - Data of 2 Crore Users Now On Sale In Dark Web          *
Apple Fixes Three iOS Zero-Days          *
Capcom Hit by Ragnar Locker Ransomware          *
Dridex Botnet Stealing Banking Credentials          *
VMware Multiple Security Updates          *
Second Hand USB Drives Expose Sensitive Information of Previous Owners          *
New Google Drive Phishing Campaign          *
Cyberattack on Vermont Health Network          *
Alibaba's Online Store RedMart Suffers Data Breach          *
Bank Phone Numbers are being Spoofed to Rob Victims          *
Windows Zero-Day Exploit Publicly Disclosed          *
Nitro Software Massive Data Breach          *
Cryptocurrency Service 'Harvest Finance' Hacked - $24 Million Stolen          *
New Delivery Method of Emotet has been discovered          *
Cyberattacks Hit Schools & Colleges          *
Patients in Finland Blackmailed          *
KashmirBlack Botnet          *
Multiple Vulnerabilities in Fujitsu M12 Servers          *
IT Service Provider Sopra Steria Hit by Ryuk Ransomware          *
High Severity NVIDIA GeForce Experience Vulnerabilities Patched          *
SQL Injection Vulnerability in Rapid7 Nexpose          *
Information Disclosure Vulnerability in Linux Kernel          *
Multiple Security Vulnerabilities Identified in WAGO’s Cloud Connectivity Controllers          *
Browser Locker Scam Campaigns          *
VMware Multiple Security Updates          *
Zero-Click Vulnerabilities Identified in the Linux Bluetooth Software Stack          *
Browser Address Bar Spoofing Vulnerabilities in Multiple Mobile Browsers          *
Multiple Vulnerabilities in HP's Intelligent Management Center (IMC) Software          *
High Severity Router Vulnerability in Cisco IOS XR Software          *
Google Chrome Browser Multiple Security Updates          *
GravityRAT          *
Rise in QR Code Related Scams          *
Latest Release of Chrome and Edge Generating Random Log Files          *
Multiple Vulnerabilities in Magento CMS          *
Multiple Vulnerabilities in SonicWALL Sonic OS          *
Multiple Vulnerabilities in F2FS Toolset          *
Juniper Networks Releases Security Updates          *
Silent Librarian APT          *
Clips from Exposed Home Security Cameras Posted Online          *
Microsoft Disrupts TrickBot Malware Network          *
Double Extortion Ransomware Attack on Software AG          *
Denial-of-Service Vulnerabilities in Allen-Bradley Flex I/O System          *
Adobe Flash Player Application Critical Patch Update          *
Microsoft Patch Tuesday - October 2020          *
Microsoft Patches Critical Remote Code Execution Vulnerabilities          *
Information Disclosure Vulnerability in Apache Tomcat          *
Fitbit Spyware Watch Face          *
MontysThree Malware Used In Targeted Industrial Espionage Attacks          *
Critical Flaws Found In QNAP Helpdesk Leading To Device Takeover          *
New Cryptojacking Variant : Black-T          *
Vulnerability in Apple's T2 Mac Security Chips          *
Google Releases Patches for 50 Android System's Vulnerabilities          *
Trump's Health Email phishing Campaign Delivering BazarLoader Trojan          *
Cisco Patches Multiple Vulnerabilities          *
BAHAMUT : Hack For Hire Service          *
Flaws In Top Antivirus Softwares Leading to Privilege Escalation          *
Facebook Disables Chinese-Sponsored SilentFade Malware Campaign          *
HEH Botnet          *
APT Attack Injects Malware into Windows Error Reporting          *
COVID-19 Clinical Trial Hit by Ransomware          *
Multiple Vulnerabilities in Google Chrome Web Browser          *
Iranian hackers are exploiting the Zerologon vulnerability          *
Indian State Government Massive Data Breach          *
MosaicRegressor Malware Framework UEFI Firmware Bootkit          *
DDoS Attacks by Ransomware Attacker Groups          *
XDSpy APT Group          *
Backdoors in Microsoft 365 & Azure Active Directory using AADInternals PowerShell Module          *
Raccine Ransomware Vaccine          *
Microsoft Office 365 OAuth Access Token Phishing          *
Egregor Ransomware          *
InterPlanetary Storm Botnet Infects 13K Mac and Android Devices          *
Multiple Security Vulnerabilities in Wireshark Packet Analyzer          *
Palmerworm Espionage Campaign          *
Swatch Shuts Down IT Systems to Stop Cyberattack          *
Operation Sidecopy Launches Attack on Defense Forces in India          *
Microsoft Removed 18 Azure AD Applications          *
Microsoft Windows XP Source Code Leaked Online          *
Multiple Vulnerabilities in Apple Products          *
247K Microsoft Exchange Servers Vulnerable for RCE          *
A Bug in Windows Server 2016          *
Magento Credit Card Stealing Malware          *
Federal Agency Hit by Cyber Attack          *
Chalubo DDoS Botnet Targeting Unsecured SSH Servers          *
UHS hospitals Hit By Ransomware Attack          *
Phishing Campaign stating End of Support for Windows 7          *
Microsoft Office 365 Outage Reported in USA & Australia          *
Joker Trojan          *
Taurus Malicious Ad Campaign          *
Cisco Patches Multiple Security Bugs          *
APT-C-43 Steals Military Secrets          *
Microsoft Outlook Squatting Campaign          *
MoDi RAT          *
Heap Buffer Overflow Vulnerability in Instagram          *
Mozilla Firefox 81 Released          *
Automated MEOW Attack          *
RansomExx Ransomware Attack on Tyler Technologies          *
Phishing Campaign Targets AT&T Global Employees          *
TinyCryptor Ransomware          *
Multiple Security Vulnerabilities in Google Chrome Web Browser          *
Mozilla Bug - Hijacking Firefox Android Browsers          *
Maze Attackers adopt Ragnar Locker VM technique          *
Chinese Hackers Targeting U.S. Agencies          *
Multiple Vulnerabilities in Apple Safari          *
ZShlayer Malware          *
APT41 Chinese Hacking Group          *
Phishing Scam using Security Awareness Training Emails          *
MrbMiner Malware          *
MFA Bypass Vulnerability in Microsoft 365          *
Prometei Multi-Modular Botnet          *
Emotet Malware New Spamming Campaign          *
Lemon Duck Cryptominer          *
Qakbot malware          *
Trojan Glupteba
Latest Cyber Security News

Cyber Threat Post

Latest Threat

TrickBot Malware Operators Added New Techniques to Elude Detections TrickBot Malware Operators Added New Techniques to Elude Detections

As per researchers, TrickBot, which began as a banking trojan and evolved into a crimeware-as-a-service (CaaS) platform used by a variety of threat actors to deploy further malware...

About Cyber Threat Post

Stay Updated! Stay Secured!

Cyber Threat Post has been launched with an objective to be a prominent source of key information being updated in real-time to protect business-critical assets against cyber attacks and unforeseen cyber risks.

Infoshare Varutra's Managed SOC team at Cyber Defence Center closely works with our Threat Intelligence experts in hunting for vulnerabilities worldwide and publishing security advisories along with easy to implement, real actionable recommendations to help business IT Teams.

Russian Threat Group Targeting Government a...

Russian Threat Group Targeting Government and Defense Industries

Based on similar source code and attack artefacts, threat researchers have lin...

New DeadBolt Ransomware Targets QNAP Device...

New DeadBolt Ransomware Targets QNAP Devices, Demands 50 BTC for Master Key

A new DeadBolt ransomware organization began encrypting QNAP NAS systems globa...

Initial Access Broker Attack VMware Horizon...

Initial Access Broker Attack VMware Horizon Servers in Log4Shell Attacks

Prophet Spider, an initial access broker gang, has been linked to a series of ...

Canadian Government Hit by Cyberattack, Few...

Canadian Government Hit by Cyberattack, Few Services Disrupted

As per reports, a cyberattack targeted the Canadian government's departmen...

Threat Actors Hacked Segway Store to Steal ...

Threat Actors Hacked Segway Store to Steal Customers' Credit Card Data

Segway's online store was found to be infected with a malicious code that ...

Emotet Spam Campaign Using Unconventional I...

Emotet Spam Campaign Using Unconventional IP Address to Evade Security Detections

Security researchers have found that social engineering campaigns that drop Em...

Subscribe To Cyber Threat Post

Be the first to receive the updates on the latest Cyber Threats and the recommendations from our industry leaders to secure your business from such attacks.

Contact us at for more details.