An actively exploited Chrome zero-day that Google patched on July 4 has been linked to an Israeli spyware company and used in targeted attacks aimed at entities in the Middle East.
Google, EU Warn of Malicious Russian Cyber Activity
Russia-linked Turla threat actor spotted using Android malware for first time
Google and the European Union have issued separate warnings this week over Russian cyberattacks and misinformation campaigns.
Belgium Says Chinese APTs Targeted Interior, Defense Ministries
Belgium on Monday accused Chinese state-sponsored hackers of launching cyberattacks against its interior and defense ministries.
Belgium noted in a statement that it has detected cyber intrusions from hacking groups tracked as APT27, APT30, APT31, and Gallium.
Huntress Acquires Security Awareness Training Startup Curricula for $22M
Managed detection and response (MDR) platform provider Huntress has shelled out $22 million to acquire Curricula, a startup in the growing security awareness business.
Huntress, based in Ellicott City, Maryland, said the deal adds a fun, story-based security awareness training platform to its stable of cybersecurity offerings.
Moussouris: U.S. Should Resist Urge to Match China Vuln Reporting Mandate
A prominent cybersecurity executive is calling on the U.S. government to resist the urge to match China’s reported mandates around early vulnerability disclosure, warning that such a move would “meaningfully and dramatically increase the risk” of zero-day flaws landing in the wrong hands.
Researchers Say Thai Pro-Democracy Activists Hit by Spyware
Cybersecurity researchers reported details Monday of cases where Thai activists involved in the country’s pro-democracy protests had their cell phones or other devices infected and attacked with government-sponsored spyware.
DLL Hijacking Flaw Fixed in Microsoft Azure Site Recovery
Microsoft’s massive Patch Tuesday rollout this month included fixes for multiple high-severity vulnerabilities impacting the Azure Site Recovery service.
Microsoft Releases Open Source Toolkit for Generating SBOMs
Software giant Microsoft has open-sourced its internal tool for generating SBOMs (software bill of materials) as part of a move to help organizations be more transparent about supply chain relationships between components used when building a software product.
Microsoft Patch Tuesday: 84 Windows Vulns, Including Already-Exploited Zero-Day
Microsoft has issued an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system.
Adobe Patch Tuesday: Critical Flaws in Acrobat, Reader, Photoshop
Software maker Adobe has rolled out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented vulnerabilities, some serious enough to cause arbitrary code execution attacks.
