More than 20 vulnerabilities have been identified by Cisco’s Talos research and threat intelligence unit in a Lantronix Wi-Fi module designed for critical industrial and commercial applications.
New ‘SharkBot’ Android Banking Malware Hitting U.S., UK and Italy Targets
A new Android banking trojan has been found, targeting international banks from the United Kingdom and Italy (including in the U.S.). and five different cryptocurrency services. Twenty-two instances have been discovered, but more are expected.
Supply Chain Security Fears Escalate as Iranian APTs Caught Hitting IT Services Sector
Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking into IT services shops in India and Israel and using that access to hit the real targets.
New ETW Attacks Can Allow Hackers to ‘Blind’ Security Products
Researchers have described two new attack methods that can be used to “blind” cybersecurity products that rely on a logging mechanism named Event Tracing for Windows (ETW).
Microsoft Informs Users of High-Severity Vulnerability in Azure AD
Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD).
FBI Warns of Actively Exploited FatPipe Zero-Day Vulnerability
The Federal Bureau of Investigation (FBI) this week sounded the alarm on a zero-day vulnerability in FatPipe products that has been under active exploitation since at least May 2021.
Cloud Data Protection Startup Laminar Closes $32M Funding Round
Public cloud data protection provider Laminar on Wednesday emerged from stealth with $32 million in Series A funding. To date, the startup has raised $37 million in venture capital investments.
The new investment round was led by Insight Partners. Meron Capital, SentinelOne, and TLV Partners also participated.
U.S., U.K. and Australia Warn of Iranian APTs Targeting Fortinet, Microsoft Exchange Flaws
Netgear Patches Code Execution Vulnerability Affecting Many Products
A vulnerability in Netgear small office/home office (SOHO) devices can be exploited by an attacker on the local area network (LAN) to execute code remotely with root privileges, GRIMM security researchers warn.
CISA Releases Incident and Vulnerability Response Playbooks
In response to an executive order signed by President Biden in May, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released two cybersecurity playbooks focusing on incident response and vulnerability response.
