Tripwire’s June 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, BIND and Oracle.Up first on the Patch Priority Index this month are patches for Microsoft, BIND and Oracle for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits for BIND (CVE-2020-8617), Oracle

VMware addressed 10 vulnerabilities affecting its ESXi, Workstation and Fusion products, including critical and high-severity code issues on the hypervisor.VMware has addressed 10 vulnerabilities affecting ESXi, Workstation and Fusion products, including critical and high-severity issues that can be exploited by attackers to execute arbitrary code on the

Over a period of two years, a threat actor sold access to the compromised networks of 135 organizations in 44 countries and likely made over $1.5 million, Group-IB says.Using the online moniker Fxmsp, the individual started selling access to company networks on October 1, 2017, and seized all activity in September 2019, several months after he came to fame f

The threat actor behind the Sodinokibi ransomware was observed scanning the victim networks for credit card or point of sale (POS) software.Sodinokibi, Symantec’s security researchers reveal, was found on the networks of three organizations that had been previously infected with the Cobalt Strike commodity malware.An off-the-shelf tool, Cobalt Strike is empl

Government-mandated Internet shutdowns occur far more regularly than you might expect. Since the death of George Floyd at the hands of Minneapolis law enforcement on May 25, millions of people worldwide have taken to the streets to protest police violence. But one oft-used government tactic in some countries to limit the ability

I fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. It's been 105 days since I've been on an airplane -- longer than any other time in my adult life -- and I have no future flights scheduled. This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flyi

A soldier in the US Army has been charged with terrorism offenses after conspiring with extremist groups to arrange a deadly ambush of his own unit.An indictment unsealed on June 22 in a Manhattan federal court accuses Ethan Melzer of passing sensitive information about the location, movements, and security of his unit to Al-Qaeda and to members of

byPaul DucklinHere’s a SophosLabs technical paper that should tick all your jargon boxes!Our experts have deconstructed a strain of malware called Glupteba that uses just about every cybercrime trick you’ve heard of, and probably several more besides.Like a lot of malware these days. Glupteba is what’s known a zombie or bot (short for softw

The CryptoCore hacker group that is believed to be operating out of Eastern Europe has stolen around $200 million from online cryptocurrency exchanges.Experts from ClearSky states that a hacker group tracked as CryptoCore,which is believed to be operating out of Eastern Europe, has stolen around $200 million from cryptocurrency exchanges.The Crypto

In this article, we will find an answer to a Capture the Flag (CTF) challenge published on VulnHub by the author yunaranyancat. As per the information given by the author, the difficulty level of this CTF is hard and there is one intended way to get the low privilege user, but there are two different ways to get the root access of this CTF.To complete

Security researchers came across a new ransomware family called “CryCryptor” that masqueraded as a Canadian COVID-19 tracing app.CryCryptor emerged just days after the Canadian government announced it would support the development of a national, voluntary tracing app for COVID-19 called “COVID Alert.”That official app had not yet ente

Sensitivity of customer information and time-to-detection determine financial blowback of cybersecurity breaches.The authors of the "Trends in Cybersecurity Breach Disclosures" report from Audit Analytics reviewed 639 cybersecurity breaches at public companies since 2011 and discovered that, on average, each cyber breach costs $116 million.The report found t

In spite of everything happening in the world right now—the 2020 tax season is about to come to an end, and taxes are due.Americans got a reprieve back in March when the US Treasury Department and Internal Revenue Service (IRS) announced they were pushing back the federal income tax filing due date from April 15 to July 15, 2020. Fast forward three month

The threat actor behind the Dridex Trojan has released a new ransomware following months of development, Fox-IT researchers (part of NCC Group) reveal.Referred to as Evil Corp, the threat actor is mainly known for attacks involving the Dridex banking Trojan and the Locky ransomware, but has used other malware as well, including ransomware families such as Ba

VMware informed customers on Tuesday that it addressed a total of 10 vulnerabilities affecting its ESXi, Workstation and Fusion products, including critical and high-severity flaws that can be exploited for code execution on the hypervisor.The most serious of the vulnerabilities is CVE-2020-3962, a critical use-after-free bug related to the SVGA device. An a