The United States Cybersecurity and Infrastructure Security Agency (CISA) and the Coast Guard Cyber Command (CGCYBER) have issued a joint advisory to warn organizations that threat actors continue to exploit the Log4Shell vulnerability in VMware Horizon and Unified Access Gateway (UAG) servers.
Sophisticated Android Spyware ‘Hermit’ Used by Governments
Security researchers at Lookout have analyzed a sophisticated Android spyware family that appears to have been created to serve nation-state customers.
Windows Updates Patch Actively Exploited ‘Follina’ Vulnerability
Microsoft has fixed roughly 50 vulnerabilities with its June 2022 Patch Tuesday updates, including the actively exploited flaw known as Follina and CVE-2022-30190.
Chinese Cyberespionage Group Starts Using New ‘PingPull’ Malware
A Chinese state-sponsored threat actor known as Gallium has been using new malware in recent attacks that have been targeting organizations in the telecommunications, financial, and government sectors, Palo Alto Networks reports.
Chinese Hackers Adding Backdoor to iOS, Android Web3 Wallets in ‘SeaFlower’ Campaign
Cybercriminals likely operating out of China are distributing backdoored versions of iOS and Android Web3 wallets in an effort to steal users’ seed phrase.
Cybercriminals, State-Sponsored Threat Actors Exploiting Confluence Server Vulnerability
A recently patched Confluence Server vulnerability is being exploited by multiple cybercrime and state-sponsored threat groups, according to Microsoft.
Chinese Cyberspy Group ‘Aoqin Dragon’ Targeting Southeast Asia, Australia Since 2013
SentinelOne security researchers have analyzed the operations of a Chinese cyberespionage group that has been actively targeting education, government, and telecommunication organizations in Australia and Southeast Asia since at least 2013.
Highly-Evasive Linux Malware ‘Symbiote’ Infects All Running Processes
Security researchers with BlackBerry and Intezer have shared details on a new Linux malware that “parasitically” infects all running processes on a target machine.
‘Follina’ Vulnerability Exploited to Deliver Qbot, AsyncRAT, Other Malware
Several malware families are being delivered using the recently disclosed Windows vulnerability identified as Follina and CVE-2022-30190, which remains without an official patch.
Threat Actors Start Exploiting Meeting Owl Pro Vulnerability Days After Disclosure
Threat actors have already started exploiting a severe vulnerability that Owl Labs addressed in its video conferencing devices earlier this week.