European venture capital and private equity firm Smartfin on Tuesday announced a deal to acquire Hex-Rays, the Belgian company behind the widely deployed IDA Pro software disassembler.
IDA Pro Owner Hex-Rays Acquired by European VC Firm
Zimbra Patches Under-Attack Code Execution Bug
Messaging and collaboration software maker Zimbra has rushed out patches to provide cover for a code execution flaw that has already been exploited to plant malware on target machines.
Zoom for macOS Contains High-Risk Security Flaw
Video messaging technology powerhouse Zoom has rolled out a high-priority patch for macOS users alongside a warning that hackers could abuse the software flaw to connect to and control Zoom Apps.
New ‘Prestige’ Ransomware Targets Transportation Industry in Ukraine, Poland
A new ransomware family has been observed targeting transportation and related logistics organizations in Ukraine and Poland, Microsoft warns.
New ‘Black Lotus’ UEFI Rootkit Provides APT-Level Capabilities to Cybercriminals
A threat actor is promoting on underground criminal forums a vendor-independent UEFI rootkit that can disable security software and controls, cybersecurity veteran Scott Scheferman warns.
Seven ‘Creepy’ Backdoors Used by Lebanese Cyberspy Group in Israel Attacks
ESET has published an analysis of the seven backdoors that Lebanese advanced persistent threat (APT) actor Polonium has been using since September 2021 in attacks targeting Israeli organizations.
New Chinese Cyberespionage Group WIP19 Targets Telcos, IT Service Providers
A newly identified cyberespionage group operating out of China has been targeting IT services providers and telecommunications companies with signed malware.
Chinese Cyberspies Targeting US State Legislature
A China-linked cyberespionage group was recently observed targeting a state legislature in the United States, Symantec warns.
QBot Malware Infects Over 800 Corporate Users in New, Ongoing Campaign
More than 800 corporate users have been infected in a new QBot malware distribution campaign since September 28, Kaspersky warns.
Microsoft Warns of New Zero-Day; No Fix Yet For Exploited Exchange Server Flaws
Microsoft on Tuesday released software fixes to address more than 90 security defects affecting products in the Windows ecosystem and warned that one of the vulnerabilities was already being exploited as zero-day in the wild.
