API Security Best Practices

Organizations face the constant need to protect these APIs from attacks so they can protect organizational data. Organizations are rapidly opening their ecosystem through Application Programming Interfaces (API) by... Read more »

SeaFlower campaign distributes backdoored versions of Web3 wallets to steal seed phrases

Chinese cybercriminals are using SeaFlower backdoored versions of iOS and Android Web3 wallets to steal users’ seed phrase. Researchers from Confiant have uncovered a sophisticated malware campaign, tracked as... Read more »

Experts spotted Syslogk, a Linux rootkit under development

Experts spotted a new Linux rootkit, dubbed ‘Syslogk,’ that uses specially crafted “magic packets” to activate a dormant backdoor on the device. Researchers from antivirus firm Avast spotted a new... Read more »

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Ukraine’s Computer Emergency Response Team (CERT) warns that the Russia-linked Sandworm APT group may exploit the Follina RCE vulnerability. Ukraine’s Computer Emergency Response Team (CERT) is warning that the... Read more »

GALLIUM APT used a new PingPull RAT in recent campaigns

China-linked Gallium APT employed a previously undocumented RAT, tracked as PingPull, in recent cyber espionage campaign targeting South Asia, Europe, and Africa. China-linked Gallium APT (aka Softcell) used a... Read more »

HelloXD Ransomware operators install MicroBackdoor on target systems

Experts observed the HelloXD ransomware deploying a backdoor to facilitate persistent remote access to infected hosts. The HelloXD ransomware first appeared in the threat landscape on November 30, 2021, it... Read more »

Using WiFi connection probe requests to track users

Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track. A group of academics at the University of Hamburg (Germany) demonstrated that it... Read more »

Security Affairs newsletter Round 369 by Pierluigi Paganini

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. If you want to... Read more »

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code... Read more »

HID Mercury Access Controller flaws could allow to unlock Doors

Experts found vulnerabilities in HID Mercury Access Controllers can be exploited by attackers to remotely unlock doors. Researchers from security firm Trellix discovered some critical vulnerabilities in HID Mercury... Read more »
Subscribe to our Newsletter