A zero-day flaw in the Zimbra Collaboration email server proved to be a bonanza for hackers as four distinct threat actors exploited the bug to steal email data and user credentials, says Google. Most of the exploit activity occurred after Zimbra had posted a hotfix on July 5.
U.S. federal prosecutors unsealed an indictment against three foreign nationals for allegedly participating in a $48 million fraud scheme. The alleged reshipping scheme operated between 2013 and 2018 while the three defendants lived in Russia.
Days after announcing a security compromise, cloud-based identity and authentication management provider Okta said that an unknown threat actor had accessed files of 134 customers after an employee signed in to a personal Google profile on the Chrome browser of an Okta-managed laptop.
North Korean hackers are spreading malware through known vulnerabilities in legitimate software. In a new campaign spotted by Kaspersky researchers, the Lazarus group is targeting a version of an unnamed software product for which vulnerabilities have been reported and patches are available.
Social media single sign-on standard OAuth has an implementation weakness that hackers could exploit to obtain unauthorized access, say researchers. "We expect that 1,000s of other websites are vulnerable to the attack," wrote Salt Security, "putting billions of additional internet users at risk."
A financially motivated hacking group is becoming more aggressive, leading Microsoft to dub it "one of the most dangerous financial criminal groups." Octo Tempest is the rare English-speaking affiliate of Russian-speaking ransomware group BlackCat.
Threat actors are exploiting another zero-day flaw in Cisco's IOS XE software to implant a malicious backdoor. The IOS XE operating system runs on a wide range of Cisco networking devices, including routers, switches, wireless controllers, access points and more.
North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool - a high-risk development, especially in light of Pyongyang hackers' recent track record of supply chain hacks.
Cybercriminals are disguising malware as phony browser updates on compromised websites. Fraudulent updates for Chrome, Firefox and Edge browsers are luring unsuspecting users into downloading malware that can steal data, take over devices or deploy ransomware.
Microsoft fixed three zero-days under actively exploitation in its patch dump for the month of October: A disclosure flaw in WordPad that can be exploited to obtain hashed passwords, a bug in Skype for Business and a patch to fix exposure to the Rapid Reset exploit.
Cisco has released urgent fixes to a critical vulnerability affecting an emergency communication system used to track callers' location in real time. A developer inadvertently hard-coded credentials in Cisco Emergency Responder software, opening a permanent backdoor for unauthenticated attackers.
Microsoft says it spotted an unusual hacking campaign in which hackers attempted to move laterally through the Azure cloud after compromising a virtual SQL server. It marks the first time that computing giant defenders have seen a lateral movement attempt with SQL Server as the starting point.
Researchers discovered an undocumented backdoor being used by the North Korean Lazarus Group to target a Spanish aerospace company. The attacker masqueraded as a Meta recruiter and tricked the victim into downloading and executing malicious files on a company device.
Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero-day in the company's MOVEit file transfer software in a hacking campaign affecting tens of millions.
Android banking Trojan Xenomorph has resurfaced in a new campaign targeting cryptocurrency wallets and various financial institutions. The malware has been actively targeting users in Europe and is now focused on institutions in the United States, Canada, Spain, Italy, Portugal and Belgium.