Malware hunters at Volexity are raising the alarm for a Chinese threat actor seen exploiting a zero-day flaw in the Zimbra email platform to infect media and government targets in Europe.
Volexity Warns of ‘Active Exploitation’ of Zimbra Zero-Day
Ransomware Attack Disrupts Manufacturing at KP Snacks
British snacks producer Kenyon Produce (KP) Snacks has fallen victim to a ransomware attack that caused some disruptions to its manufacturing and distribution operations.
The German-owned company says it became aware of the attack on January 28, and that it immediately took the necessary steps to contain the incident.
Ransomware Often Hits Industrial Systems, With Significant Impact: Survey
Ransomware attacks in many cases hit industrial control systems (ICS) or operational technology (OT) environments, and impact is often significant, according to a report published on Thursday by IoT and industrial cybersecurity company Claroty.
Walmart Dissects New ‘Sugar’ Ransomware
The cyber threat team at retail giant Walmart has dissected a new ransomware family dubbed Sugar, which is available to cybercriminals as a ransomware-as-a-service (RaaS).
Over 100 Million Android Users Installed ‘Dark Herring’ Scamware
More than 105 million Android users downloaded and installed scamware from Google Play and third-party app stores, according to mobile security firm Zimperium.
Attack Surface Management Play Censys Scores $35M Investment
The jostling for space in the attack surface management space intensified this week with Michigan startup Censys banking a new $35 million funding round to fuel growth and expansion.
Apple Patches ‘Actively Exploited’ iOS Security Flaw
Apple late Wednesday pushed out an urgent iOS update with fixes for 11 documented security flaws and warned that one of the vulnerabilities “may have been actively exploited.”
In a barebones advisory, Apple acknowledged the zero-day took aim at a memory corruption issue in IOMobileFrameBuffer, an oft-targeted iOS kernel extension.
New macOS Malware ‘DazzleSpy’ Used in Hong Kong Attacks
A recent campaign targeting individuals in Hong Kong has leveraged at least two pieces of malware designed to target macOS systems.
UK’s NCSC Pushes NMAP Scanner Scripts to Fill Defender Gap
The U.K. government’s cybersecurity agency has announced plans to ship a collection of well-tested, reliable scanning scripts to help defenders find and fix high-priority software security vulnerabilities.
PrinterLogic Patches Code Execution Flaws in Printer Management Suite
PrinterLogic has released security updates to address a total of nine vulnerabilities in Web Stack and Virtual Appliance, including three security defects that carry “high severity” ratings.
