Daily Cyber Brief
Norway accuses Russian hackers of launching DDoS attacks, CISA warns of PwnKit Linux vulnerability, and Ukraine arrested a cybercrime gang operating over 400 phishing sites...
Cybersecurity
Lithuania’s defense chief said the Baltic nation has come under an unprecedented cyber attack this week after the government announced it would start blocking the transit of sanctioned goods to the Russian enclave of Kaliningrad. “This cyber war has been ongoing…
Britain said it would bolster Georgia's resistance to cyber attacks from Russia on Wednesday, and announced additional security support for the country at the North Atlantic Treaty Organization summit. “The people of Georgia live every day on the frontline of Russian…
American retailer Walmart has denied being hit with a ransomware attack by the Yanluowang gang after the hackers claimed to encrypt thousands of computers. In a statement to BleepingComputer, Walmart has said that their "Information Security team is monitoring…
Amazon patched a high severity vulnerability affecting the Amazon Photos Android app in December after researchers notified them of the issue, the company disclosed Tuesday. Researchers at cybersecurity firm Checkmarx said they discovered a bug in the app that…
A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path…
Three defendants who allegedly sold over $88 million worth of software licenses belonging to Avaya Holdings Corporation have been charged in Oklahoma, U.S., facing 14 counts of wire fraud and money laundering. The defendants are accused of stealing software…
Norway’s National Security Authority (NSM) accused pro-Russian hackers of launching several distributed denial-of-service (DDoS) attacks at a number of critical organizations in the country. The NSM did not respond to requests for comment but the organization’s…
The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Linux vulnerability known as PwnKit to its list of bugs exploited in the wild. The security flaw, identified as CVE-2021-4034, was found in the Polkit's pkexec component used by all major…
Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has been dubbed…
The Ukrainian cyberpolice force arrested nine members of a criminal group that operated over 400 phishing websites crafted to appear like legitimate EU portals offering financial assistance to Ukrainians. The threat actors used forms on the site to steal visitors' payment…