Blog - Cyber Security Informer

Heimdal® Threat Prevention Recognized in GetApp’s Category Leaders Cybersecurity Report

Heimadal Security

DECEMBER 8, 2022

Copenhagen, December 8th, 2022 – Heimdal® Threat Prevention has been placed on GetApp’s newly released Category Leaders Report for Cybersecurity, a free online service that helps organizations find the right software. Category Leaders are designed to help small businesses evaluate which software products may be right for them.

Small Business

Small Business Cybersecurity Software

Quick Threat Model Links October 2019

Adam Shostack

OCTOBER 9, 2019

Trail of Bits released a threat model for Kubernetes. Continuum has a blog and a spreadsheet on threat modeling lambdas (as a category, not specific to Amazon Lambda), and also a post on threat modeling with CAPEC. Omada Health has released an interesting threat model (“INCLUDES NO DIRT”) for medical device modeling.

Flaw Impacting LibreOffice & OpenOffice Enables Attackers to Spoof Signed Documents

Heimadal Security

OCTOBER 12, 2021

LibreOffice and OpenOffice have released fixes to tackle an issue that allows hackers to make documents look as if they were signed by a trustworthy source. Even though the vulnerability is not placed in the ‘High’ severity category being rated as moderate, the consequences could be disastrous.

Cybersecurity

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Webroot top performer among security products in PassMark® Software testing

Webroot

JULY 29, 2021

In taking the highest score in the category for 2021, Webroot beat out competitors including BitDefender , McAfee® and ESET® endpoint security solutions. Webroot stood out in several categories in addition achieving the best overall score. Some categories were won by a wide margin. Consider installation time for instance.

Software

Software Government Mobile

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

Security Affairs

MAY 28, 2022

Researchers at 360 Qihoo observed a wave of DDoS attacks launched by Russia-linked APT-C-53 (aka Gamaredon) and reported that the threat actors also released as open-source the code of a DDoS Trojan called LOIC. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Pierluigi Paganini.

DDOS

DDOS Malware Phishing Hacking

Cisco fixed a critical Bypass Authentication flaw in Cisco ESA and Secure Email and Web Manager

Security Affairs

JUNE 16, 2022

.” Below are the impacted software releases: Cisco AsyncOS Release First Fixed Release 11 1 and earlier Migrate to fixed release. 12 Migrate to fixed release. Migrate to fixed release. Cisco AsyncOS Release First Fixed Release Earlier than 11 1 Migrate to fixed release.

Authentication

Authentication Hacking Software Cybersecurity

Legit Security ASPM Platform Update: Accelerating AppSec Efficiency and Effectiveness

Security Boulevard

AUGUST 21, 2023

However, introducing additional siloed tools leads to new operating complexities without delivering the comprehensive visibility, relevant deep context and operational streamlining that application security teams really need, prompting the need for a new solutions category known as Application Security Posture Management (ASPM).

Software

Software Risk

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Security Affairs

JUNE 6, 2022

The gang plans to release the stolen files on 06 June, 2022 at 22:35:00. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:?

Hacking

Hacking Ransomware Cybersecurity Cybercrime

Mozilla Releases Annual Privacy Guide to Holiday Shopping

Adam Levin

DECEMBER 5, 2018

The Mozilla Foundation has released the second installation of *Privacy Not included, the organization’s annual privacy guide to internet-connected gifts. It released the guide to educate consumers about privacy and tech, by providing a list of connected devices ranked by privacy and security. Read the guide here.

Internet

Internet Internet Education Mobile

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

Security Affairs

JUNE 12, 2022

Proof-of-concept exploits for the CVE-2022-26134 vulnerability have been released online, Bleeping Computer reported that starting from Friday afternoon, a proof-of-concept exploit for this issue was publicly shared. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Ransomware

Ransomware Encryption Malware Hacking

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security Affairs

MAY 26, 2022

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook.

Authentication

Authentication Healthcare Education Cybersecurity

Security Affairs newsletter Round 369 by Pierluigi Paganini

Security Affairs

JUNE 12, 2022

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). I ask you to vote for me again (even if you have already done it), because this vote is for the final.

Ransomware

Ransomware DNS Cybercrime Hacking

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

Security Affairs

MAY 26, 2022

Zyxel has released security updates to address multiple vulnerabilities affecting multiple products, including firewall, AP, and AP controller products. The vendor has already released security patched to address the flaws for most of the affected models. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook.

Firewall

Firewall VPN Authentication Cyber Attacks

Cisco will not address critical RCE in end-of-life Small Business RV routers

Security Affairs

JUNE 20, 2022

Cisco announced that it will not release updates to fix the CVE-2022-20825 flaw in end-of-life Small Business RV routers. Cisco will not release updates to address the CVE-2022-20825 RCE flaw in end-of-life Small Business RV routers and encourage upgrading to newer models. The vulnerability, which received a CVSS severity rating of 9.8

Small Business

Small Business Authentication Software Hacking

Threat Trends: DNS Security, Part 2

Cisco Security

MARCH 23, 2021

In our Threat Trends blog series , we attempt to provide insight into the prevalent trends on the threat landscape. This is what we covered in part one of this Threat Trends release on DNS Security, using data from Cisco Umbrella , our cloud-native security service. Part 2: Industry trends.

DNS

DNS Financial Services Manufacturing Healthcare

US man sentenced to 4 years in prison for his role in Infraud scheme

Security Affairs

MAY 29, 2022

” reads the press release published by DoJ. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). To nominate, please visit:?. Pierluigi Paganini.

Cybercrime

Cybercrime Hacking Malware Cybersecurity

Anonymous: Operation Russia after 100 days of war

Security Affairs

JUNE 4, 2022

JUST IN: #Anonymous released a terabyte of data and emails from Rustam Kurmaev and Partners (RKP Law), a Russian law firm that works with major banking, media, oil and industrial firms and state interests, including American companies. JUST IN: The #Anonymous collective released via #DDoSecrets 1.5 Pierluigi Paganini.

Banking

Banking Government Media Hacking

LockBit ransomware attack impacted production in a Mexican Foxconn plant

Security Affairs

JUNE 2, 2022

The LockBit ransomware gang claimed responsibility for an attack and announced that it will release the stolen data by 11 June, 2022 18:01:00 if the company will not pay the ransom. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Manufacturing Cybersecurity Hacking

Russia-linked Fronton botnet could run disinformation campaigns

Security Affairs

MAY 23, 2022

The group released sensitive documents and contracts about an IoT botnet, codename Fronton, built by the contractor 0day Technologies. This release noted that DDoS “is only one of the many capabilities of the system.” Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

DDOS

DDOS Media Hacking Engineering

Threat Trends: DNS Security, Part 1

Cisco Security

MARCH 11, 2021

Part 1: Top threat categories. Our Threat Trends blog series takes a look at the activity that we see in the threat landscape and reports on those trends. After examining topics such as the MITRE ATT&CK framework , LOLBins , and others, this release will look at DNS traffic to malicious sites.

DNS

DNS Phishing Ransomware Internet

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

Security Affairs

MAY 26, 2022

“ We recommend that you stop using Tails until the release of 5.1 (May This vulnerability will be addressed with the release of Tails 5.1 Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. The maintainers confirmed that Tor Browser in Tails 5.0 To nominate, please visit:?.

Surveillance

Surveillance Passwords Hacking Encryption

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

Security Affairs

JUNE 3, 2022

At the end of August 2021, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise collaboration product. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Follow me on Twitter: @securityaffairs and Facebook.

Internet

Internet Internet Authentication Hacking

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

Security Affairs

JUNE 5, 2022

Proof-of-concept exploits for the critical CVE-2022-26134 flaw, affecting Atlassian Confluence and Data Center servers, have been released. Atlassian on Friday released security fixes to address the CVE-2022-26134 vulnerability in the following versions of the software: 7.4.17 Follow me on Twitter: @securityaffairs and Facebook.

VPN

VPN IoT Cybersecurity Engineering

0Patch released unofficial security patch for new DogWalk Windows zero-day

Security Affairs

JUNE 8, 2022

0patch researchers released an unofficial security patch for a Windows zero-day vulnerability dubbed DogWalk. 0patch released an unofficial security patch for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT) dubbed DogWalk. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Internet

Internet Internet Hacking Cybersecurity

Security Affairs newsletter Round 367 by Pierluigi Paganini

Security Affairs

MAY 29, 2022

Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). I ask you to vote for me again (even if you have already done it), because this vote is for the final.

InfoSec

InfoSec Spyware DDOS Firewall

Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina

Security Affairs

MAY 31, 2022

Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. Microsoft has released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as CVE-2022-30190 (CVSS score 7.8), in the Microsoft Office productivity suite.

Cybersecurity

Cybersecurity Hacking Accountability Information Security

Critical flaw in Ninja Forms WordPress Plugin actively exploited in the wild

Security Affairs

JUNE 19, 2022

The flaw was addressed with the release of Ninja Forms versions 3.0.34.2, Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). ” added the researchers.

Hacking

Hacking Cybersecurity Information Security

Internationa police operation led to the arrest of the SilverTerrier gang leader

Security Affairs

MAY 25, 2022

” reads the press release published by Interpol. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). To nominate, please visit:?. Pierluigi Paganini.

Cybercrime

Cybercrime Healthcare Cybersecurity Phishing

Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign

Security Affairs

JUNE 10, 2022

Multiple Proof-of-concept (PoC) exploits for the CVE-2022-26134 flaw have been released online. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. I ask you to vote for me again (even if you have already done it), because this vote is for the final. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Malware Hacking Cybersecurity

New White House Announcement on the Vulnerability Equities Process

Schneier on Security

NOVEMBER 17, 2017

The White House has released a new version of the Vulnerabilities Equities Process (VEP). You can read the new policy or the fact sheet , but the best place to start is Cybersecurity Coordinator Rob Joyce's blog post. The details of these categories are outlined in Annex C, which is classified. Improved transparency is critical.

Government

Government Cybersecurity Accountability Software

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Security Affairs

MAY 27, 2022

The source code of Cerberus was released in September 2020 on underground hacking forums after its operators failed an auction. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. The ERMAC Android banking trojan version 2.0 To nominate, please visit:?. Pierluigi Paganini.

Banking

Banking Malware Cybercrime Phishing

Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

Security Affairs

JUNE 5, 2022

The company on Friday released security fixes to address the CVE-2022-26134 critical security flaw. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. According to Atlassian, the patches fixed the issue in the following versions of the software: 7.4.17 Pierluigi Paganini.

Internet

Internet Internet IoT Software

Security Roundup May 2024

BH Consulting

MAY 15, 2024

This category is where the user unwittingly causes a breach by making a mistake or falling for a phishing email. He said this could mean prioritising security above releasing new features or supporting legacy systems. Among the key takeaways were: vulnerability exploits rose 180 per cent compared to the previous year.

Data breaches

Data breaches Phishing Ransomware Data privacy

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

The Last Watchdog

JUNE 20, 2022

Data collections released after ransomware attacks. Ransomware attacks hit indiscriminately across business categories, from private corporations to government agencies, including schools and universities, hospitals and healthcare providers, financial institutions, and everything in between. Databases with critical IP and/or PII.

Ransomware

Ransomware Marketing Data collection VPN

US dismantled and seized SSNDOB cybercrime marketplace

Security Affairs

JUNE 8, 2022

” reads the press release published by DoJ. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Cybercrime

Cybercrime Cryptocurrency Marketing Advertising

Researchers disclosed a remote code execution flaw in Fastjson Library

Security Affairs

JUNE 16, 2022

The vulnerability was addressed with the release of version 1.2.83 on May 23, 2022. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). Pierluigi Paganini.

Hacking

Hacking Cybersecurity Information Security

Second malware strain primed to attack Apple’s new M1 chip identified

SC Magazine

FEBRUARY 18, 2021

Noted Mac security researcher Patrick Wardle published a blog Feb. Along with the Pirrit Mac adware, researchers from Red Canary posted a blog Thursday about a different malware strain – Silver Sparrow – that differs from the one found by Wardle.

Malware

Malware Adware VPN Architecture

Let’s give a look at the Dark Web Price Index 2022

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. The document updates the information provided in the Dark Web Index 2022 report.

Identity Theft

Identity Theft Accountability DDOS Cybercrime

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Security Affairs

JUNE 6, 2022

Ukraine’s main cybersecurity incident response team released a list of the five most persistent hacking groups and malware families attacking Ukraine’s critical infrastructure. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Follow me on Twitter: @securityaffairs and Facebook.

Government

Government DDOS Cyber Attacks Hacking

Stop Ransomware in its Tracks With CipherTrust Transparent Encryption Ransomware Protection

Thales Cloud Protection & Licensing

APRIL 16, 2024

Stop Ransomware in its Tracks With CipherTrust Transparent Encryption Ransomware Protection madhav Wed, 04/17/2024 - 05:22 Our last blog Ransomware Attacks: The Constant and Evolving Cybersecurity Threat described the ever dangerous and evolving cybersecurity threat of ransomware. This can model ransomware behavior for brief moments.

Encryption

Encryption Ransomware Antivirus Government

Another nation-state actor exploits Microsoft Follina to attack European and US entities

Security Affairs

JUNE 6, 2022

On May 31, Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as CVE-2022-30190 (CVSS score 7.8), in the Microsoft Office productivity suite. “On Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Pierluigi Paganini.

Phishing

Phishing Government Cybersecurity Hacking

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The message was stored as cleartext in earlier samples, new samples were released with the message encoded with an XOR operation using a multiple-byte key. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Upon installing the threat, the bot drops a file in /tmp/.pwned

Malware

Malware DDOS IoT Cybercrime

Threat Trends: DNS Security

Cisco Security

MARCH 11, 2021

Our Threat Trends blog series takes a look at the activity that we see in the threat landscape and reports on those trends. After examining topics such as the MITRE ATT&CK framework , LOLBins , and others, this release will look at DNS traffic to malicious sites. Organizations and malicious DNS activity. Cryptomining.

DNS

DNS Phishing Ransomware Internet

CVE-2024-21378 — Remote Code Execution in Microsoft Outlook

NetSpi Technical

MARCH 11, 2024

This blog will cover how we discovered CVE-2024-21378 and weaponized it by modifying Ruler , an Outlook penetration testing tool published by SensePost. In late 2015, Nick Landers, Co-Founder of Dreadnode, published a blog on the abuse of Outlook Rules for RCE. Feb 13, 2024 – Fix for CVE-2024-21378 is released and case is closed.

Authentication

Authentication Penetration Testing Technology Phishing

Heimdal® Threat Prevention Recognized in GetApp’s Category Leaders Cybersecurity Report

Quick Threat Model Links October 2019

Webinars

Trending Sources

Flaw Impacting LibreOffice & OpenOffice Enables Attackers to Spoof Signed Documents

Webinars

Webroot top performer among security products in PassMark® Software testing

Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks

Cisco fixed a critical Bypass Authentication flaw in Cisco ESA and Secure Email and Web Manager

Legit Security ASPM Platform Update: Accelerating AppSec Efficiency and Effectiveness

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Mozilla Releases Annual Privacy Guide to Holiday Shopping

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw

Security Affairs newsletter Round 369 by Pierluigi Paganini

Zyxel addresses four flaws affecting APs, AP controllers, and firewalls

Cisco will not address critical RCE in end-of-life Small Business RV routers

Threat Trends: DNS Security, Part 2

US man sentenced to 4 years in prison for his role in Infraud scheme

Anonymous: Operation Russia after 100 days of war

LockBit ransomware attack impacted production in a Mexican Foxconn plant

Russia-linked Fronton botnet could run disinformation campaigns

Threat Trends: DNS Security, Part 1

Do not use Tails OS until a flaw in the bundled Tor Browser will be fixed

Alert! Unpatched critical Atlassian Confluence Zero-Day RCE flaw actively exploited

PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online

0Patch released unofficial security patch for new DogWalk Windows zero-day

Security Affairs newsletter Round 367 by Pierluigi Paganini

Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina

Critical flaw in Ninja Forms WordPress Plugin actively exploited in the wild

Internationa police operation led to the arrest of the SilverTerrier gang leader

Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign

New White House Announcement on the Vulnerability Equities Process

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild

Security Roundup May 2024

GUEST ESSAY: Threat hunters adapt personas, leverage AI to gather intel in the Dark Web

US dismantled and seized SSNDOB cybercrime marketplace

Researchers disclosed a remote code execution flaw in Fastjson Library

Second malware strain primed to attack Apple’s new M1 chip identified

Let’s give a look at the Dark Web Price Index 2022

Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies

Stop Ransomware in its Tracks With CipherTrust Transparent Encryption Ransomware Protection

Another nation-state actor exploits Microsoft Follina to attack European and US entities

EnemyBot malware adds new exploits to target CMS servers and Android devices

Threat Trends: DNS Security

CVE-2024-21378 — Remote Code Execution in Microsoft Outlook

Stay Connected