APT Groups Targeting Healthcare and Essential Services
A joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) was released regarding...
Sophos XG Firewall Zero-Day Hotfixed
Sophos released a security bulletin stating that they have fixed a zero-day pre-auth SQL Injection vulnerability in their XG Firewall that was actively being exploited in the wild.
Agent Tesla used against Oil and Gas Industry in Spear-phishing campaign
In a highly targeted spear-phishing campaign, the . Net-based Agent Tesla malware was deployed against the Oil and Gas Industry.
Google witnessed over 18 Million daily COVID Themed phishing emails
A new blog post from Google presents that Gmail has seen over 18 million attacks per day with COVID-19 themed malware or phishing attempts.
New Microsoft Patch fixes two actively exploited Zero-Days
Included in today’s April Patch Tuesday from Microsoft are patches for CVE-2020-1020 (remote code execution vulnerability for Windows) and CVE-2020-0938 (remote code execution vulnerability for Windows).
Targeted Phishing Campaigns against Zoom Meetings
With the increase of remote work, software that allows remote meetings like Zoom have skyrocketed in popularity.
Marriott International suffers data leak exposing estimated 5.2 million guest's information
Marriott International stated today that it fell victim to a data breach, the second major data breach in the past two years for the organization.
Coronavirus ‘Tracking App’ targets Android Users with Ransomware
A malicious domain (coronavirusapp[. ]site) has been discovered that advertises an Android App that offers ‘real-time tracking’ of Coronavirus outbreaks with heat map visuals.
OpenBSD OpenSMTPD Remote Code Execution Vulnerability (CVE-2020-7247)
A vulnerability in OpenBSD's OpenSMTPD 6. 6 mail server has been discovered, that allows an attacker to execute arbitrary shell commands with elevated privileges.