OMIGOD vulnerabilities / Apple fixed newest 0-day / Windows Subsystem for Linux

Welcome to Security Center – our weekly update on the most devastating cyberattacks, high-severity vulnerabilities, and biggest data leaks – precisely selected by our editors.

Don’t miss it out! Sign up now and have it delivered to your inbox each Monday to start a week safe and sound. Additionally, you will receive a portion of the hottest company news and access to selected technical articles written by our experts with advice and tricks for more effective protection of your IT infrastructure.

In the meantime, let’s check what happened in the cyber-world last week.

Read more

Fortinet FortiGate VPN credentials leak / The newest 0-days: Office 365, and Ghostscript

Welcome to Security Center – our weekly update on the most devastating cyberattacks, high-severity vulnerabilities, and biggest data leaks – precisely selected by our editors.

Don’t miss it out! Sign up now and have it delivered to your inbox each Monday to start a week safe and sound. Additionally, you will receive a portion of the hottest company news and access to selected technical articles written by our experts with advice and tricks for more effective protection of your IT infrastructure.

In the meantime, let’s check what happened in the cyber-world last week.

Read more

BrakTooth flaws / LockFile ransomware / Malware hides in AMD, NVIDIA GPUs

Welcome to Security Center – our weekly update on the most devastating cyberattacks, high-severity vulnerabilities, and biggest data leaks – precisely selected by our editors.

Don’t miss it out! Sign up now and have it delivered to your inbox each Monday to start a week safe and sound. Additionally, you will receive a portion of the hottest company news and access to selected technical articles written by our experts with advice and tricks for more effective protection of your IT infrastructure.

In the meantime, let’s check what happened in the cyber-world last week.

Read more

VMware vRealize Operations patched / Malicious WhatsApp / MS Power App data leak

Welcome to Security Center – our weekly update on the most devastating cyberattacks, high-severity vulnerabilities, and biggest data leaks – precisely selected by our editors.

Don’t miss it out! Sign up now and have it delivered to your inbox each Monday to start a week safe and sound. Additionally, you will receive a portion of the hottest company news and access to selected technical articles written by our experts with advice and tricks for more effective protection of your IT infrastructure.

In the meantime, let’s check what happened in the cyber-world last week.

Read more

Linux glibc security glitch / Fortinet 0-day / New AdLoad malware variant

Welcome to Security Center – our weekly update on the most devastating cyberattacks, high-severity vulnerabilities, and biggest data leaks – precisely selected by our editors.

Don’t miss it out! Sign up now and have it delivered to your inbox each Monday to start a week safe and sound. Additionally, you will receive a portion of the hottest company news and access to selected technical articles written by our experts with advice and tricks for more effective protection of your IT infrastructure.

In the meantime, let’s check what happened in the cyber-world last week.

Read more

Biggest ever cryptocurrency theft / StealthWorker botnet / ProxyShell

Great thefts stir the imagination like no others. The famous D B Cooper’s case, the United California Bank robbery, or the Great Train Robbery from 1963. Do “electronic” thefts stir the same amount of emotions? It’s hard to say, but when over 600 million dollars disappears from one of the financial platforms, it will bring a lot of hype. But let’s keep our feet on the ground and ask really important questions. Namely, how does it happened, was there a way to prevent the theft, is there any chance to get the money back, and what about the victims – BinanceChain, Ethereum, and Polygon miners?

Read more

Critical VMware vulnerabilities / LockBit 2.0. recruits insiders / Super Duper Secure Mode in Microsoft Edge

Critical VMware vulnerabilities are not the only problem faced by this virtualization software vendor last week. Do you remember the BlackMatter group that proclaimed itself to be the successor of REvil we warned you against in the last issue? It already has an encryption program targeting VMware ESXi. Today we also describe a unique business model of the new LockBit 2.0. and a cyberespionage campaign targeting the largest telecoms. For the sake of balance, we are describing a new project from Microsoft – with “Super Duper Secure Mode” the company wants to change the landscape of exploits and increase the cost of attacks.

Read more

BlackMatter & Haron – newborns or rebirths? / Apple urgent update / UBEL is the NEW Oscorp

Last week, the industry media reported on spectacular debuts or rebirths in the cybercriminal world. Do you remember our news from two weeks ago about the end of REvil? Well, we advised you to hold on with popping the champagne … The celebration was interrupted by the news about the emergence of two ransomware groups on the market – BlackMatter and Haron, which may turn out to be successors of REvil and Avaddon. And it’s not the end of big returns – Oscorp Android malware stealing data and funds from banking apps came back even stronger in a form of UBEL botnet. 

What else? If Apple calls for urgent updating of most devices just one week after a series of patches, know something is happening. In addition – a critical Hyper-V vulnerability, which received the infamous rating of 9.9 on a ten-grade threat scale!

Read more

Print driver with a 16-year-old bug / Sequoia / MosaicLoader / Malicious ChromePass

Today’s Security Center edition will make the temperature rise not only outside the window … but also among the owners of hundreds of millions of printers. A 16-year-old security bug found in HP, Xerox, and Samsung printers driver allows attackers to gain admin rights. But that’s not the end of the privilege escalation bugs. Other news should be of interest to Linux and Windows users, including all those waiting for the release of Windows 11 – this system has also been found vulnerable to a bug called Sequoia. What else? MosaicLoader malware and SEO poisoning attacks, and some interesting facts about ChromePass credential theft.

Read more

Joker malware / The end of REvil / New Windows Print Spooler vulnerability

There are a few disturbing “returns” in this Security Center release. Let’s start with Joker malware that has appeared again in Google Play. So far, 1,800 malicious applications have been removed from the marketplace. The new variant much more effectively avoids various types of security mechanisms – built into the device and Play Protect scanners as well. So be careful when installing new applications. Another interesting news … Media all over the world are wondering if this is the end of REvil. In recent days, the world’s largest ransomware gang has mysteriously disappeared from the web. The next weeks will show if it’s for good. As it turns out, the Windows Print Spooler problem is still up to date – this time with even worse repercussions. A new vulnerability – which Microsoft is warning about – could be exploited to perform unauthorized actions on the system. You can find the details below.

Read more