Daily Cyber Brief
Israeli spyware Candiru used to spy on journalists, Evilnum APT is targeting crypto and commodities platforms, and the new Redeemer ransomware is being promoted on hacker forums...
Cybersecurity
After some five months of war raging in Eastern Europe, feared Russian ranks of hackers have had an underwhelming impact on Ukrainian networks and critical infrastructure in the U.S. and other nations. The question is: why? “With regard to the Russian use of cyber and our…
A threat actor is promoting a new version of their free-to-use 'Redeemer' ransomware builder on hacker forums, offering unskilled threat actors an easy entry to the world of encryption-backed extortion attacks. According to its author, the new version 2.0 release was written…
The Israeli spyware vendor Candiru was found using a zero-day vulnerability in Google Chrome to spy on journalists and other high-interest individuals in the Middle East with the 'DevilsTongue' spyware. The flaw tracked as CVE-2022-2294 is a high-severity heap-based…
Atlassian is warning its customers and partners about three different critical vulnerabilities affecting Confluence Server, Confluence Data Center as well as several other products from Bamboo, BitBucket, Fisheye and Jira. On Thursday, Atlassian warned that…
Google Search and Drive are erroneously flagging links to Association for Computing Machinery (ACM) research papers and websites as malware. BleepingComputer has successfully reproduced the issue, first reported by researcher Maximilian Golla…
The advanced persistent threat (APT) actor tracked as Evilnum is once again exhibiting signs of renewed activity aimed at European financial and investment entities. "Evilnum is a backdoor that can be used for data theft or to load additional payloads," enterprise security…
Details have emerged on how the Conti ransomware gang breached the Costa Rican government, showing the attack's precision and the speed of moving from initial access to the final stage of encrypting devices. This is the last attack from the Conti ransomware…
A never-before-seen Linux malware has been dubbed a "Swiss Army Knife" for its modular architecture and its capability to install rootkits. This previously undetected Linux threat, called Lightning Framework by Intezer, is equipped with a plethora of features, making it one…
Recent Windows 11 builds come with the Account Lockout Policy policy enabled by default which will automatically lock user accounts (including Administrator accounts) after 10 failed sign-in attempts for 10 minutes. The account brute forcing process commonly requires…
Would-be cybercriminals can easily buy advanced tools, common exploits, and stolen credentials on underground markets for a few dollars — a low barrier to entry for novices, according to a study of 33,000 Dark Web marketplaces. According to new analysis from…