Daily Cyber Brief

New Zerobot malware uses 21 exploits and advanced techniques to propagate and gain access, Apple unveils new cybersecurity measure for iMessage, and Iranian hackers target the diamond industry..

Cybersecurity

New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices

A new Go-based malware named ‘Zerobot’ has been spotted in mid-November using exploits for almost two dozen vulnerabilities in a variety of devices that include F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras. The purpose of the malware…

Apple unveils new cybersecurity measure for iMessage, iCloud and more

Apple announced several new security features designed to better protect users from an array of emerging threats. On Wednesday, the tech giant unveiled three new features: iMessage Contact Key Verification, Security Keys for Apple ID and Advanced Data Protection for…

Iranian hackers accused of targeting diamond industry with wiper malware

Hackers allegedly connected to the Iranian government have been accused of targeting diamond companies in South Africa, Israel and Hong Kong with a wiper malware built to destroy data. Researchers from ESET attributed the wiper tool – named Fantasy – to the…

Taiwan bans state-owned devices from running Chinese platform TikTok

Public sector bans of Chinese platform TikTok on the grounds of national security have arisen in both Taiwan and additional US states following last week’s ban in South Dakota. US FCC Commissioner has praised Taiwan’s move as “smart” and its Ministry of Digital Affairs…

Rackspace Incident Highlights How Disruptive Attacks on Cloud Providers Can Be

A Dec. 2 ransomware attack at Rackspace Technology — which the managed cloud hosting company took several days to confirm — is quickly becoming a case study on the havoc that can result from a single well-placed attack on a cloud service provider. The attack has…

Android Serves Up a Slew of Security Updates, 4 Critical

Android's Framework, Kernel, and Google Play were among components that received security updates this month, but the most severe was a critical bug in the System component that, if exploited, could allow remote code execution (RCE) over Bluetooth, without any…

Google: State hackers still exploiting Internet Explorer zero-days

Google's Threat Analysis Group (TAG) revealed today that a group of North Korean hackers tracked as APT37 exploited a previously unknown Internet Explorer vulnerability (known as a zero-day) to infect South Korean targets with malware. Google TAG was made aware of this…

New Zealand Government Hit by Ransomware Attack on IT Provider

The New Zealand government this week confirmed being impacted by a ransomware attack on managed service provider (MSP) Mercury IT, which has disrupted businesses and public authorities in the country. A small business with only 25 employees, Mercury IT provides…

Fortinet Patches High-Severity Authentication Bypass Vulnerability in FortiOS

Cybersecurity solutions provider Fortinet this week announced patches for multiple vulnerabilities across its products, including a high-severity authentication bypass impacting FortiOS and FortiProxy. Tracked as CVE-2022-35843 (CVSS score of 7.7), the…

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive. Other prominent industry verticals targeted include…

Daily Cyber Brief

New Zerobot malware uses 21 exploits and advanced techniques to propagate and gain access, Apple unveils new cybersecurity measure for iMessage, and Iranian hackers target the diamond industry..

Cybersecurity

Join the conversation

Overt Operator