VMware Ships Urgent Patch for Authentication Bypass Security Hole
Virtualization technology giant VMware on Tuesday shipped an urgent, high-priority patch to address an authentication bypass vulnerability in its Workspace ONE Access, Identity Manager and vRealize Automation products.
Microsoft Connects USB Worm Attacks to ‘EvilCorp’ Ransomware Gang
Cybersleuths at Microsoft have found a link between the recent ‘Raspberry Robin’ USB-based worm attacks and EvilCorp, a notorious Russian ransomware operation sanctioned by the U.S. government.
Malicious Macro-Enabled Docs Delivered via Container Files to Bypass Microsoft Protections
Threat actors are embedding macro-enabled Office documents in container files such as archives and disk images to circumvent a recently rolled-out macro-blocking feature in Microsoft Office.
Calls Mount for US Gov Clampdown on Mercenary Spyware Merchants
Cybersecurity professionals from Google’s threat hunting unit and the University of Toronto’s Citizen Lab are upping the pressure on mercenary hacking firms selling high-end surveillance spyware with fresh calls for the U.S. government to urgently clamp down on these businesses.
Crackdown on BEC Schemes: 100 Arrested in Europe, Man Charged in US
Authorities in Hungary have arrested close to a hundred individuals as part of two operations meant to crack down on invoice fraud, Europol announced this week.
Microsoft: Attackers Increasingly Using IIS Extensions as Server Backdoors
Microsoft has warned of an increase in malicious Internet Information Services (IIS) extensions used as backdoors on Exchange servers.
Microsoft Catches Austrian Company Exploiting Windows, Adobe Zero-Days
Malware hunters at Microsoft have caught an Austrian hack-for-hire company exploiting zero-day flaws in Windows and Adobe software products in “limited and targeted attacks” against European and Central American computer users.
IBM Security: Cost of Data Breach Hitting All-Time Highs
A study commissioned by IBM Security says the global average cost of a data breach reached an all-time high of $4.35 million and warned that the absence of zero trust principles at studied organizations are pushing those costs even higher.
European Lawmaker Targeted With Cytrox Predator Surveillance Spyware
A security audit by the European Parliament has unearthed attempts to plant high-end surveillance software on the phone of a Greek lawmaker and there are fresh reports linking the hack attempt to a known North Macedonia spyware vendor.
