Oktacron - Cyber Security RSS Feeds History

KnowBe4 Issues IPO to Drive Global Expansion, New Automation Features

cyware Apr 24, 2021 Companies to Watch

Security awareness company KnowBe4 successfully debuted on the NASDAQ, with its initial public offering bringing in more than $150 million to fund the company's international expansion and a focus on new automation and machine learning features.

Phishing impersonates global recruitment firm to push malware

cyware Apr 24, 2021 Threat Intel & Info Sharing

An ongoing phishing campaign is impersonating Michael Page consultants to push Ursnif data-stealing malware capable of harvesting credentials and sensitive data from infected computers.

Twitter alarms users with messages that resembled phishing emails

cyware Apr 24, 2021 Social Media Threats

Twitter sparked panic among users that they were the subjects of a phishing attack in what was instead an accidental mass email. The message sent to some Twitter users went out asking them to confirm their email addresses by clicking on a button.

Unsecured Kubernetes Instances Could Be Vulnerable to Exploitation

cyware Apr 24, 2021 Threat Intel & Info Sharing

Kubernetes clusters can and should be configured for greater security, but when left unsecured, these clusters can be accessed anonymously by anyone who knows their IPs, ports, and APIs.

New QNAP NAS Flaws Exploited In Recent Ransomware Attacks - Patch It!

cyware Apr 24, 2021 Malware and Vulnerabilities

A new ransomware strain called "Qlocker" is targeting QNAP network-attached storage (NAS) devices as part of an ongoing campaign and encrypting files in password-protected 7zip archives.

Researchers say enterprise password manager hit in supply chain attack

cyware Apr 24, 2021 Breaches and Incidents

The firm claimed to have digital evidence that Australian company ClickStudios suffered a breach, sometime between April 20 and April 22, which resulted in the attacker dropping a corrupted update to its password manager Passwordstate.

Biden administration unveils plan to defend electric sector from cyberattacks

cyware Apr 24, 2021 Govt., Critical Infrastructure

The Biden administration is buckling down on cyber threats to U.S. power infrastructure. The Department of Energy (DOE) announced a 100-day plan to help shore up the U.S. electric power system against cyber threats.

XCSSET Malware is Now Targeting Apple's M1 Chip

cyware Apr 24, 2021 Malware and Vulnerabilities

A Mac malware has been re-engineered and being used in a campaign aimed at Apple’s new M1 chips to eventually steal data associated with popular applications including Evernote, WeChat, and more.

Prometei: Yet Another Malware Weaponizing Proxylogon Vulnerabilities

cyware Apr 24, 2021 Malware and Vulnerabilities

The Prometei variant used in the recent attack was found to provide the attackers with a stealthy and sophisticated backdoor that supported a wide range of tasks, along with harvesting credentials.

NitroRansomware Demands Discord Gift Codes

cyware Apr 24, 2021 Malware and Vulnerabilities

A new ransomware strain dubbed NitroRansomware is encrypting victim's files and then asking for a $9.99 Discord Nitro gift code to decrypt files. It gives a .givemenitro extension to encrypted files.

We Lost Dan Kaminsky Yesterday

packetstormsecurity Apr 24, 2021 headline,hacker,dns,conference

Worm.Win32.Busan.k Insecure Transit

packetstormsecurity Apr 24, 2021 Feed

Worm.Win32.Busan.k malware suffers from an insecure transit vulnerability.

Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs

thehackernews Apr 24, 2021 Feed

Click Studios, the Australian software company behind the Passwordstate password management application, has notified customers to reset their passwords following a software supply chain attack. The Adelaide-based firm said a bad actor used sophisticated techniques to compromise the software's update mechanism and used it to drop malware on user computers. The breach is said to have occurred

Critical RCE Bug Found in Homebrew Package Manager for macOS and Linux

thehackernews Apr 24, 2021 Feed

A recently identified security vulnerability in the official Homebrew Cask repository could have been exploited by an attacker to execute arbitrary code on users' machines that have Homebrew installed. The issue, which was reported to the maintainers on April 18 by a Japanese security researcher named RyotaK, stemmed from the way code changes in its GitHub repository were handled, resulting in a

Cyber security aggregator - feeds history

KnowBe4 Issues IPO to Drive Global Expansion, New Automation Features

Phishing impersonates global recruitment firm to push malware

Twitter alarms users with messages that resembled phishing emails

Unsecured Kubernetes Instances Could Be Vulnerable to Exploitation

New QNAP NAS Flaws Exploited In Recent Ransomware Attacks - Patch It!

Researchers say enterprise password manager hit in supply chain attack

Biden administration unveils plan to defend electric sector from cyberattacks

XCSSET Malware is Now Targeting Apple's M1 Chip

Prometei: Yet Another Malware Weaponizing Proxylogon Vulnerabilities

NitroRansomware Demands Discord Gift Codes

We Lost Dan Kaminsky Yesterday

Worm.Win32.Busan.k Insecure Transit

Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs

Critical RCE Bug Found in Homebrew Package Manager for macOS and Linux

202020212022202320242025