Researchers spotted a new cyberespionage group, dubbed FamousSparrow, that used ProxyLogon exploits to target hotels worldwide. Researchers from ESET discovered a new cyberespionage group, tracked as FamousSparrow, that has been targeting hotels worldwide around the world since at least 2019. The group also hit higher-profile targets such as law firms, g

Apple has addressed three zero-day vulnerabilities exploited by threat actors in attacks in the wild to take over iPhones and Macs. Apple has released security updates to address three zero-day vulnerabilities exploited in attacks in the wild to compromise iPhones and Macs running vulnerable iOS and macOS versions. Apple confirmed that at least one of

Image: Marten BjorkA newly discovered cyberespionage group has been targeting hotels worldwide around the world since at least 2019, as well as higher-profile targets such as governments, international organizations, law firms, and engineering companies.Slovakian internet security firm ESET spotted the hacking group (dubbed FamousSparrow) and

VMware is urging users of vCenter server to patch no fewer than 19 problems affecting its products. These updates fix a variety of security vulnerabilities, but and one of them is particularly nasty. That would be CVE-2021-22005, a critical file upload vulnerability with a CVSS score of 9.8 out of 10. It’s so bad the company is advising users to

Two ColdFusion vulnerabilities patched by Adobe more than a decade ago have been exploited by threat actors in a recent attack, according to cybersecurity firm Sophos.Sophos recently investigated an attack where an unknown threat actor deployed the Cring ransomware on the systems of an unnamed services company. The attack started with the attacker scanning t

The Mirai botnet starts exploiting the recently disclosed OMIGOD vulnerability to compromise vulnerable systems exposed online. Threat actors behind a Mirai botnet starts exploiting a critical Azure OMIGOD vulnerability, tracked as CVE-2021-38647, a few days after Microsoft disclosed them. Recently released September 2021 Patch Tuesday securi

Threat actors started actively exploiting the critical Azure OMIGOD vulnerabilities two days after Microsoft disclosed them during this month's Patch Tuesday.The four security flaws (allowing privilege escalation and remote code execution) were found in the Open Management Infrastructure (OMI) software agent silently installed by Microsoft on more than

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Coast Guard Cyber Command (CGCYBER) have sounded the alarm over in-the-wild attacks targeting a recently disclosed vulnerability in Zoho’s ManageEngine ADSelfService Plus product.Tracked as CVE-2021-40539 and rated critical severity (CVSS scor

Microsoft on Thursday published additional guidance on addressing recently disclosed vulnerabilities in the Open Management Infrastructure (OMI) framework, along with new protections to resolve the bugs within affected Azure Virtual Machine (VM) management extensions.Microsoft’s guidance was published just as researchers noticed that one of the vulnerabiliti

In a joint advisory the FBI, the United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security Agency (CISA) warn that advanced persistent threat (APT) cyber-actors may be exploiting a vulnerability in ManageEngine’s single sign-on (SSO) solution. The vulnerability Publicly disclosed computer security flaws

Summary Last week, Microsoft reported the remote code execution vulnerability CVE-2021-40444 in the MSHTML browser engine. According to the company, this vulnerability has already been used in targeted attacks against Microsoft Office users. In attempt to exploit this vulnerability, attackers create a document with a specially-crafted object. If a user opens

The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn of state-sponsored attacks that are actively exploiting CVE-2021-40539 Zoho flaw. The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn that nation-state APT groups are actively exploiting a critical vulnerability, tracked as CVE-2021-40539, in the Zoho ManageEngine ADSelfService

Image: Samueljjohn (CC BY-SA 4.0)The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) today warned that state-backed advanced persistent threat (APT) groups are actively exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021.Zoho's customer list includes "three out of five Fortune 500 comp

Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444). Microsoft warns of multiple threat actors, including ransomware operators, that are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444) in attacks against o

Microsoft says multiple threat actors, including ransomware affiliates, are targeting the recently patched Windows MSHTML remote code execution security flaw.In the wild exploitation of this vulnerability (tracked as CVE-2021-40444) began on August 18 according to the company, more than two weeks before Microsoft published a security advisory with a partial