Security researchers at Trend Micro have identified a new ransomware family that is being delivered as a fake Google Software Update application.
New ‘HavanaCrypt’ Ransomware Distributed as Fake Google Software Update
OpenSSL Patches Remote Code Execution Vulnerability
OpenSSL has issued an urgent advisory to warn of a memory corruption vulnerability that exposes servers to remote code execution attacks.
The vulnerability, tracked as CVE-2022-2274, was introduced in OpenSSL 3.0.4 and could potentially allow malicious hackers to launch remote code attacks on unpatched SSL/TLS server side devices.
US: North Korean Hackers Targeting Healthcare Sector With Maui Ransomware
US government agencies this week issued a joint advisory to warn of North Korean threat actors using the Maui ransomware in attacks targeting the healthcare and public health sector.
As Cybercriminals Recycle Ransomware, They’re Getting Faster
Apple Adds ‘Lockdown Mode’ to Thwart .Gov Mercenary Spyware
Faced with a surge in state-sponsored mercenary spyware attacks targeting its flagship iOS platform, Apple plans to add a new ‘Lockdown Mode’ that significantly reduces attack surface and adds technical roadblocks to limit sophisticated software exploits.
Researchers Flag ‘Significant Escalation’ in Software Supply Chain Attacks
Security researchers at ReversingLabs are warning of a “significant escalation in software supply chain attacks” after discovering more than two dozen malicious NPM packages siphoning user data from mobile and desktop applications.
DoD Launches ‘Hack US’ Bounties for Major Flaws in Publicly Exposed Assets
The United States Department of Defense (DoD) has launched a one-week bug bounty program to reward researchers who find high- and critical-severity vulnerabilities in publicly accessible assets owned by the DoD.
Security Automation Firm Swimlane Closes $70 Million Funding Round
Security automation startup Swimlane on Wednesday announced it has raised $70 million in a Series C funding round that brings the total investment in the company to $170 million.
Evasive Rust-Coded Hive Ransomware Variant Emerges
A new variant of the Hive ransomware written using the Rust programming language is more evasive and provides attackers with flexibility, courtesy of support for command-line parameters.
North Korea Lazarus Hackers Blamed for $100 Million Horizon Bridge Heist
The infamous North Korean Lazarus hacking group is the prime suspect in the $100 million hack of Harmony’s Horizon Bridge, according to new data and research from blockchain analytics firm Elliptic.
