Client-side web security provider Jscrambler on Thursday announced that a $15 million Series A financing round led by Ace Capital Partners. Existing investors Sonae IM and Portugal Ventures also participated.The company said the investment will be used to expand marketing and sales initiatives in the United States and across Europe, as well as accelerate pro

Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform.This is the 16th documented in-the-wild zero-day exploitation of security defects in Apple’s iOS and macOS platforms so far this year.“Apple is aware of reports that an exploit for this issue exists in t

Apple has addressed three zero-day vulnerabilities exploited by threat actors in attacks in the wild to take over iPhones and Macs. Apple has released security updates to address three zero-day vulnerabilities exploited in attacks in the wild to compromise iPhones and Macs running vulnerable iOS and macOS versions. Apple confirmed that at least one of

I published the following diary on isc.sans.edu: “Excel Recipe: Some VBA Code with a Touch of Excel4 Macro“: Microsoft Excel supports two types of macros. The legacy format is known as “Excel4 macro” and the new (but already used for a while) is based on VBA. We already cover both formats in many diaries. Yesterday, I spotted an interesting sa

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA have issued a joint alert to warn organizations about an increase in cyberattacks involving the Conti ransomware. The alert comes just as another major farming cooperative confirmed being hit by ransomware.The alert issued by the government agencies says Conti ransomware h

There’s new Mac malware hiding in a terminal emulator app, an interesting Finder vulnerability, and Apple launches iCloud+. We also wonder why Apple isn’t prompting iOS users to upgrade to iOS 15Made in China: OSX.ZuRuRemotely exploitable “inetloc” zero-day vulnerability hits the MacWhy doesn’t Apple want people to upgrade to iOS 15?N

Minnesota-based farming supply cooperative Crystal Valley was hit by a ransomware attack, it is the second attack against the agriculture business in a few days. Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, this is the second farming cooperative that was hit by ransomware operators in a few days. At this time, the

CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang targeting US organizations. CISA, the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) are warning of an increased number of Conti ransomware attacks against US organizations. @CISAgov and @FBI observed over 400 ransomware at

Security researchers disclosed a new zero-day flaw in Apple’s macOS Finder that can allow attackers to run arbitrary commands on Macs. Independent security researcher Park Minchan disclosed a zero-day vulnerability in Apple’s macOS Finder that can be exploited by attackers to run arbitrary commands on Mac systems running any macOS version.

Cloud computing and virtualization technology giant VMWare on Tuesday shipped an urgent security patch for a flaw in its vCenter Server product and warned users to expect public exploit code within minutes of disclosure.“Time is of the essence,” VMWare said in a note calling attention to CVE-2021-22005, a file upload bug in the vCenter Server Analytics servi

Russia-linked cyber espionage group Turla made the headlines again, the APT has employed a new backdoor in a recent wave of attacks Cisco Talos researchers reported that the Russia-linked Turla APT group recently used a new backdoor, dubbed TinyTurla, in a series of attacks against the US, Germany, and Afghanistan. The threat actors are using the backdo

Security researchers at Cisco Talos have identified a new backdoor that Russian cyberespionage group Turla is believed to have been using in attacks since last year.Likely a second-chance backdoor, the malware is simple but capable of maintaining a prolonged stealthy presence on infected machines. Turla used the backdoor in attacks on targets in the United S

Last week, security researcher Patrick Wardle released details of a new piece of malware masquerading as the legitimate app iTerm2. The malware was discovered earlier the same day by security researcher Zhi (@CodeColorist on Twitter), and detailed on a Chinese-language blog. (For those who don’t speak Chinese, Safari seems to do a fair job of translati

U.S. The farmers cooperative NEW Cooperative was hit by Black Matter ransomware gang that is demanding a $5.9 million ransom. BlackMatter ransomware gang hit NEW Cooperative, a farmer’s feed and grain cooperative, and is demanding a $5.9 million ransom. The ransomware gang claims to have stolen 1,000 GB of data including the source code for the soi

Attackers are increasingly targeting a remote code execution vulnerability in the Open Management Infrastructure (OMI) framework that Microsoft released patches for earlier this month.Dubbed OMIGOD and tracked as CVE-2021-38647, this critical vulnerability was found to affect the Linux virtual machines deployed on Azure. In addition to fixes released with it