Cyber Security

CISA Warns Patched Pulse Secure VPNs Could Still Expose

The United States Cybersecurity and Infrastructure Security Agency (CISA) yesterday issued a fresh advisory alerting organizations to change all their Active Directory credentials as a defense against cyberattacks trying to leverage a known remote code execution (RCE) vulnerability in Pulse Secure VPN servers—even if they have already patched it. The warning comes three months after […]

Cyber Security

The Week in Ransomware – April 17th 2020

There was not a lot of new ransomware variants released this week, but some pretty interesting news about operations changing their tactics to remain more profitable and to evade law enforcement. Sodinokibi/REvil is phasing out support for Bitcoin ransom payments in favor of Monero to make it harder for law enforcement to trace them. Finally, […]

Cyber Security

Over 700 Malicious Typosquatted Libraries Found On RubyGems

As developers increasingly embrace off-the-shelf software components into their apps and services, threat actors are abusing open-source repositories such as RubyGems to distribute malicious packages, intended to compromise their computers or backdoor software projects they work on. In the latest research shared with The Hacker News, cybersecurity experts at ReversingLabs revealed over 700 malicious gems […]

Cyber Security

Nemty Ransomware shuts down public RaaS operation, goes

The Nemty Ransomware is shutting down its public Ransomware-as-a-Service (RaaS) operation and switching to an exclusive private operation where affiliates are hand-selected for their expertise. Nemty has historically been a public RaaS, which is a service where ransomware operators are in charge of developing the ransomware and payment site, and affiliates join to distribute and […]

Cyber Security

Intel April Platform Update fixes high severity security

Intel addressed nine security vulnerabilities with the April 2020 Platform Update, all of them being high and medium severity security flaws impacting multiple software products, firmware, and platforms. The security issues patched today were detailed in the 6 security advisories issued by Intel on its Product Security Center, delivered to customers through the Intel Platform Update (IPU) process. Vulnerabilities […]