Daily Cyber Brief
REvil TTPs persist despite dismantling, threat actors are selling new BlackLotus UEFI bootkit, and Zoom for macOS suffers a severe vulnerability...
Cybersecurity
Police have arrested 31 members of an organized crime group in Europe that sold technology allowing thieves to hack and steal keyless entry cars. The arrests include the software developers behind the tools, as well as resellers and the car thieves who used them on the…
New research examining pro-Kremlin edits made to the English-language page for the Russo-Ukrainian war has shed light on how Wikipedia can be manipulated for information warfare. The analysis, from the Institute for Strategic Dialogue (ISD) and the Centre of the Analysis of…
Video messaging technology powerhouse Zoom has rolled out a high-priority patch for macOS users alongside a warning that hackers could abuse the software flaw to connect to and control Zoom Apps. The vulnerability, which carries a CVSS severity score of 7.3/10, is…
A free unofficial patch has been released through the 0patch platform to address an actively exploited zero-day flaw in the Windows Mark of the Web (MotW) security mechanism. This flaw enables attackers to prevent Windows from applying (MotW) labels on files extracted…
Although the REvil ransomware-as-a-service operation appeared to evaporate last October, analysts have found the group's influence is still considerable. Notably, threat researchers from Unit 42 reported finding connections between REvil activities and that of ransomware…
Health insurance provider Medibank has confirmed that a ransomware attack is responsible for last week's cyberattack and disruption of online services. Medibank Private Limited is one of Australia's largest private health insurance providers, covering over 3.7 million people and…
The report "The Quantum Threat to Blockchain: Emerging Business Opportunities" has been added to ResearchAndMarkets.com's offering. This new research report identifies not only the challenges, but also the opportunities in terms of new products and services that arise from…
A threat actor is selling on hacking forums what they claim to be a new UEFI bootkit named BlackLotus, a malicious tool with capabilities usually linked to state-backed threat groups. UEFI bootkits are planted in the system firmware and are invisible to security software…
Woolworths' MyDeal subsidiary has disclosed a data breach affecting 2.2 million customers, with the hacker trying to sell the stolen data on a hacker forum. MyDeal is an Australian retail marketplace that connects online shoppers with local retailers. Retail giant…
A former Wall Street Journal reporter has sued a multinational law firm, some of its attorneys, and others for allegedly stealing his emails and spreading the messages to wrongly discredit him, leading to his firing. In court documents, Jay Solomon, who was the newspaper's chief…