Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Malware and Vulnerabilities

Google Project Zero disclosed that, in H1 2022, around half of zero-day exploitations were related to old flaws which were not fixed properly. Around four of the zero-days are variants of 2021 in-the-wild zero-day vulnerabilities. To properly fix zero-day vulnerabilities, researchers suggest security teams invest   show more ...

more time and effort in root cause analysis, patch analysis, variant analysis, and exploit technique analysis.

 Malware and Vulnerabilities

Microsoft has addressed the ShadowCoerce vulnerability that could be abused to target Windows servers by pulling off NTLM relay attacks. A Microsoft spokesperson told Bleepingcomputer that no public announcement was made but ShadowCoerce was mitigated with CVE-2022-30154.

 Malware and Vulnerabilities

Cisco on Wednesday rolled out patches for 10 security flaws spanning multiple products, one of which is rated Critical in severity and could be weaponized to conduct absolute path traversal attacks.

 Malware and Vulnerabilities

Researchers captured three different samples active in the threat campaign. The first sample is an Excel file with Excel 4.0 macros. The second is an LNK file (Windows shortcut file). The third sample is an ISO file (optical disk image).

 Govt., Critical Infrastructure

The Office of Management and Budget is developing a system that generates trust scores for users before allowing them to access its network or applications, according to the CISO of its Management and Operations Division.

 Trends, Reports, Analysis

The first samples of Nokoyawa ransomware found by FortiGuard researchers were gathered in February 2022 and contain significant coding similarities with Karma, a ransomware that can be traced back to Nemty via a long series of variants.

 Malware and Vulnerabilities

An NPM supply-chain attack campaign, dubbed IconBurst, has been seen leveraging several malicious NPM modules to infect hundreds of systems. Researchers have observed similarities between the domains used to exfiltrate information implying that the different modules used in this campaign are controlled by a single threat actor.

 Feed

In what's being described as an "unprecedented" twist, the operators of the TrickBot malware have resorted to systematically targeting Ukraine since the onset of the war in late February 2022. The group is believed to have orchestrated at least six phishing campaigns aimed at targets that align with Russian state interests, with the emails acting as lures for delivering malicious software such

 Feed

LockBit ransomware attacks are constantly evolving by making use of a wide range of techniques to infect targets while also taking steps to disable endpoint security solutions. "The affiliates that use LockBit's services conduct their attacks according to their preference and use different tools and techniques to achieve their goal," Cybereason security analysts Loïc Castel and Gal Romano said.

 Feed

Five months after announcing plans to disable Visual Basic for Applications (VBA) macros by default in the Office productivity suite, Microsoft appears to have rolled back its plans. "Based on feedback received, a rollback has started," Microsoft employee Angela Robertson said in a July 6 comment. "An update about the rollback is in progress. I apologize for any inconvenience of the rollback

 Feed

Progress powers technology forward. But progress also has a cost: by adding new capabilities and features, the developer community is constantly adjusting the building blocks. That includes the fundamental languages used to code technology solutions. When the building blocks change, the code behind the technology solution must change too. It's a challenging and time-consuming exercise that

 Feed

A malicious browser extension with 350 variants is masquerading as a Google Translate add-on as part of an adware campaign targeting Russian users of Google Chrome, Opera, and Mozilla Firefox browsers. Mobile security firm Zimperium dubbed the malware family ABCsoup, stating the "extensions are installed onto a victim's machine via a Windows-based executable, bypassing most endpoint security

 Feed

Cybersecurity researchers are drawing attention to an ongoing wave of attacks linked to a threat cluster tracked as Raspberry Robin that's behind a Windows malware with worm-like capabilities.  Describing it as a "persistent" and "spreading" threat, Cybereason said it observed a number of victims in Europe. The infections involve a worm that propagates over removable USB devices containing

2022-07
Aggregator history
Friday, July 08
FRI
SAT
SUN
MON
TUE
WED
THU
JulyAugustSeptember