Conti ransomware targeted Intel firmware for stealthy attacks
Researchers analyzing the leaked chats of the notorious Conti ransomware operation have discovered that teams inside the Russian cybercrime group…
New Windows Search zero-day added to Microsoft protocol nightmare
A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by…
Windows MSDT zero-day now exploited by Chinese APT hackers
Chinese-linked threat actors are now actively exploiting a Microsoft Office zero-day vulnerability (known as 'Follina') to execute malicious code remotely…
New Microsoft Zero-Day Attack Underway
"Follina" vulnerability in Microsoft Support Diagnostic Tool (MSDT) affects all currently supported Windows versions and can be triggered via specially…
Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions
Costa Rica’s national health service was hacked sometime earlier this morning by a Russian ransomware group known as Hive. The…
New Microsoft Office zero-day used in attacks to execute PowerShell
Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute malicious PowerShell…
EnemyBot malware adds exploits for critical VMware, F5 BIG-IP flaws
EnemyBot, a botnet based on code from multiple malware pieces, is expanding its reach by quickly adding exploits for recently…
‘There’s No Ceiling’: Ransomware’s Alarming Growth Signals a New Era, Verizon DBIR Finds
Ransomware has become so efficient, and the underground economy so professional, that traditional monetization of stolen data may be on…
Multiple Governments Buying Android Zero-Days for Spying: Google
An analysis from Google TAG shows that Android zero-day exploits were packaged and sold for state-backed surveillance.
Fake Windows exploits target infosec community with Cobalt Strike
A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. [...]