Internet Security

VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root

April 20, 2023 add comment
VMware fixed two severe flaws, tracked as CVE-2023-20864 and CVE-2023-20865, impacting the VMware Aria Operations for Logs product. The virtualization giant VMware released security updates to address two critical... Read more »

Lazarus APT group employed Linux Malware in recent attacks and was linked to 3CX supply chain attack

April 20, 2023 add comment
North Korea-linked APT group Lazarus employed new Linux malware in attacks that are part of Operation Dream Job. North Korea-linked APT group Lazarus is behind a new campaign tracked as Operation... Read more »

Experts disclosed two critical flaws in Alibaba cloud database services

April 20, 2023 add comment
Researchers disclosed two critical flaws in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL. Researchers from cloud security firm Wiz discovered two critical flaws, collectively dubbed BrokenSesame,... Read more »

Google TAG warns of Russia-linked APT groups targeting Ukraine

April 20, 2023 add comment
The researchers from Google TAG are warning of Russia-linked threat actors targeting Ukraine with phishing campaigns. Russia-linked threat actors launched large-volume phishing campaigns against hundreds of users in Ukraine... Read more »

Trigona Ransomware targets Microsoft SQL servers

April 20, 2023 add comment
Threat actors are hacking poorly secured and Interned-exposed Microsoft SQL servers to deploy the Trigona ransomware. Threat actors are hacking into poorly secured and public-facing Microsoft SQL servers to... Read more »

Russian national sentenced to time served for committing money laundering for the Ryuk ransomware operation

April 19, 2023 add comment
Russian national Denis Mihaqlovic Dubnikov has been sentenced to time served for committing money laundering for the Ryuk ransomware operation. Russian national Denis Dubnikov (30) has been sentenced to time... Read more »

Google fixed the second actively exploited Chrome zero-day of 2023

April 19, 2023 add comment
Google rolled out emergency security patches to address another actively exploited high-severity zero-day flaw in the Chrome browser. Google rolled out emergency fixes to address another actively exploited high-severity... Read more »

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

April 19, 2023 add comment
UK and US agencies are warning of Russia-linked APT28 group exploiting vulnerabilities in Cisco networking equipment. Russia-linked APT28 group accesses unpatched Cisco routers to deploy malware exploiting the not patched CVE-2017-6742 vulnerability... Read more »

Iran-linked Mint Sandstorm APT targeted US critical infrastructure

April 19, 2023 add comment
An Iran-linked APT group tracked as Mint Sandstorm is behind a string of attacks aimed at US critical infrastructure between late 2021 to mid-2022. Microsoft has linked the Iranian Mint Sandstorm APT... Read more »

PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022

April 19, 2023 add comment
Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance... Read more »
Subscribe to our Newsletter