Threat actors from three countries—China, Russia, India—are using a new method, RTF (Rich Text Format) template injection, to plant malware in targeted systems. “RTF template injection is a novel technique that is ideal for malicious phishing attachments because it is…
Mozilla released patches for vulnerabilities in its cross-platform Network Security Services (NSS) cryptographic library. The vulnerability can be exploited for crashing an application or executing arbitrary code remotely. The vulnerability labelled CVE-2021-43527 plagues earlier NSS versions before 3.73 ESR. the…
A small but potent ransomware campaign has been carrying out attacks, and these cyberattacks, for the most part, have gone undetected mainly because of their size and new methods. Mandiant stated that the campaign labelled UNC2190 or “Sabbath,” launched in…
A new class of malware plagues at least 9.3 million Android devices. The malware camouflages as arcade, shooter, and strategy games on Huawei’s AppGallery marketplace to obtain device details and victim’s mobile numbers. Doctor Web classifies the trojan as “Android.…
An unknown malware attack has been identified targeting cryptocurrency, non-fungible token (NFT), and Defi aficionados. The attack uses discord channels to plant a crypter named “Babadeda”, which can evade antivirus programs. “This malware installer has been used in a variety…
VMware released updates to plug two loopholes in vCenter Server and Cloud Foundation that can be exploited to obtain sensitive information. The acute vulnerability relates to an arbitrary file in the vSphere Web Client. The bug, labelled as CVE-2021-21980, has…
The Israeli government has cut down on the number of countries that can buy software, cyber tools from Israeli firms. Now the list has only 37 countries, cyber export down from 102 countries. The new cyber export list, obtained by…
Researchers have found a new type of DDoS attack targeting internet-linked printers. The printers that are not updated or regularly configured are vulnerable to the attack. The attack is known as Printjack. Many printers are publicly accessible, which leaves them…
A threat actor who has targeted the Middle East in the past has developed its Android mobile Spyware. The advanced Android mobile spyware is more stealthy and lethal: stealthy as the mobile spyware comes under the wrap of a benign…
Godaddy reported its third data breach since 2018. The latest data breach entailed unauthorized data access of 1.2 million active and inactive customers. In a filing with the U.S. Securities and Exchange Commission (SEC), the world’s largest domain registrar, Godaddy…
