A ransomware attack against an unnamed target used Mitel VoIP equipment as an entry point to execute the code remotely and access the environment. …
General
A serious PHP bug makes QNAP NAS equipment vulnerable to RCE attacks.
Customers of QNAP have been informed today that certain Network Attached Storage (NAS) devices (with non-default configurations) are susceptible to attacks that would take…
Mega says it can’t decrypt your files. New PoC exploit shows otherwise
Mega’s encryption system has been found to have serious weaknesses that allow services to view your data. Mega, a cloud storage service with 250…
NSO admits to the EU committee that Pegasus has been misused by 5 E.U countries
The infamous Israeli surveillance ware vendor NSO Group accepted that five countries used its Pegasus tool. The acceptance was in response to a question…
Researchers claim SmartTub site flaws could disclose Jacuzzi consumers data
According to a security researcher, flaws in the online interface of Jacuzzi’s SmartTub app could have allowed an attacker to view and perhaps change…
Avos ransomware organisation increases its attack capabilities
We recently noticed a month-long AvosLocker promotion during a client engagement. Cobalt Strike, Sliver, and various commercial network scanners were among the tools used…
Magecraft campaign sheds light on the scale of the ongoing campaign
A Magecart skimming campaign, recently discovered, was traced back to an earlier attack in November 2021. Two malware domains have been tracked for hosting…
Flagstar reveals details of a cyberattack that was directed at it
Flagstar Bank is informing 1.5 million customers of a data breach wherein hackers acquired data. The cyberattack happened in December last year. Flagstar, a…
The Android-stealing BRATA malware is becoming a persistent threat
The threat actor responsible for the BRATA banking trojan has refined their tactics and enhanced the malware with data-stealing capabilities. Cleafy, an Italian mobile…
2022 SaaS Security Survey Report: 7 Key Findings
Learn about the emerging threats to SaaS security and how different firms are addressing them. In partnership with CSA, the 2022 SaaS Security Survey…