Category Security

February 6, 2023Rabbi LakshmananCyber ​​Attack / Endpoint Security South Korean and US e-commerce industries are on the receiving end of the ongoing GuLoader malware campaign, cybersecurity firm Trellix revealed late last month. The malspam campaign is notable for moving from…

VMware customers are urged to patch the ESXi hypervisor vulnerabilities first disclosed in 2021 to mitigate the impact of the ongoing ransomware campaign. Cybersecurity experts in governments in France, Singapore and elsewhere have sounded alarm bells following reports of compromised…

When SaaS applications started to grow in popularity, it was unclear who was responsible for protecting data. Most security and IT teams today understand the shared responsibility model, where the SaaS vendor is responsible for securing applications and the organization…

Developers of several stalkerware apps have been fined around $500,000 and told to change their software. A consortium of 16 companies owned by Patrick Hinchy created the snooping apps Auto Forward, Easy Spy, DDI Utilities, Highster Mobile, PhoneSpector, Surepoint and…

February 6, 2023Rabbi LakshmananMalvertising / data security An ongoing malvertising campaign is being used to distribute a virtualized .NET loader designed to deploy FormBook information-stealing malware. SentinelOne researchers Aleksandar Milenkoski and Tom Hegel said in a technical lightup: Google’s move…

A new Android banking Trojan uses the PIX payment platform to trick Brazilian financial institutions into fraudulent activities. Italian cybersecurity company Clafy, which discovered the malware in late 2022 and early 2023, is tracking it under the name PixPirate. “PixPirate…

February 4, 2023Rabbi LakshmananEnterprise Security / Ransomware The VMware ESXi hypervisor is the target of a new attack designed to deploy ransomware on compromised systems. “These attack campaigns appear to be exploiting CVE-2021-21974 for which a patch has become available…

February 4, 2023Rabbi LakshmananZero-day / Vulnerability A zero-day vulnerability affecting Fortra’s GoAnywhere MFT managed file transfer application is being actively exploited in the wild. Details of the flaw were first published by Mastodon security reporter Brian Krebs. There are no…

Security researchers have discovered a malicious campaign targeting organizations in the Middle East using new backdoor malware. Describe the activity in Thursday’s recommendation, trend micro Researchers Mohamed Fahmy, Sherif Magdy, and Mahmoud Zohdy believe the Advanced Persistent Threat (APT) group,…

Cybersecurity is becoming one of the most important growth drivers for managed service providers (MSPs). This is the main insight from a recent study by Lumu. In North America, more than 80% of MSPs cite cybersecurity as a key growth…