Our news
-
FBI Releases PIN on Iranian Cyber Group Emennet Pasargad
Original release date: January 27, 2022 The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) that provides a historical overview of Iran-based cyber company Emennet Pasargad’s tactics, techniques, and procedures to enable readers to identify and defend against the group’s malicious cyber activities. CISA encourages users and administrators to review FBI
-
Apple Fixes 2 Zero-Day Security Bugs, One Exploited in the Wild
iOS 15.3 & iPadOS 15.3 fix the Safari browser flaw that could have spilled users’ browsing data, plus a zero day IOMobileFrameBuffer bug exploited in the wild.
-
New Year, New Threats: 4 Tips to Activate Your Best Cyber-Defense
Need a blueprint for architecting a formidable cyber-defense? Kerry Mandiant, senior director at Mandiant, shares hers in this detailed breakdown.
-
Linux Bug in All Major Distros: ‘An Attacker’s Dream Come True’
The 12-year-old flaw in the sudo-like polkit’s pkexec tool, found in all major Linux distributions, is likely to be exploited in the wild within days.
-
Segway Hit by Magecart Attack Hiding in a Favicon
Visitors who shopped on the company’s eCommerce website in January will likely find their payment-card data heisted, researchers warned.
-
New MacOS Malware ‘DazzleSpy’ Used in Watering-Hole Attacks
A pro-democracy Hong Kong site was used to launch watering-hole attacks that planted a powerful macOS backdoor that researchers dubbed DazzleSpy.
-
AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover
A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users.
-
Vulnerability Summary for the Week of January 17, 2022
Original release date: January 24, 2022 High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info adobe — acrobat_dc Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in
-
Linux Servers at Risk of RCE Due to Critical CWP Bugs
The two flaws in Control Web Panel – a popular web hosting management software used by 200K+ servers – allow code execution as root on Linux servers.
-
Surge in Malicious QR Codes Sparks FBI Alert
QR codes have become a go-to staple for contactless transactions of all sorts during the pandemic, and the FBI is warning cybercriminals are capitalizing on their lax security to steal data and money, and drop malware.