New critical vulnerability discovered in open-source office suites

A security researcher recently published a proof of concept exploit for open-source office software LibreOffice and OpenOffice. Will this new vulnerability be used in the wild?

Read more

Improved Fallout EK comes back after short hiatus

The Fallout exploit kit is back with some noteworthy improvements.

Read more

Ryuk ransomware attacks businesses over the holidays

Over the holiday, a little-known ransomware family called Ryuk caused serious damage to numerous organizations. The attacks leave a lot of questions unanswered. What do we know so far?

Read more

Vidar and GandCrab: stealer and ransomware combo observed in the wild

Threat actors combine new stealer Vidar and GandCrab ransomware in one-two punch.

Read more

New Flash Player zero-day used against Russian facility

An APT group is using a new Flash Player zero-day that was used a lure targeting a Russian-based clinic

Read more

Fake browser update seeks to compromise more MikroTik routers

Threat actors are social engineering users with a fake update that, once installed, will scan the Internet in an attempt to exploit vulnerable MikroTik routers.

Read more

Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT

A threat actor implements a newer vulnerability exploited in Internet Explorer to serve up the Quasar RAT and diversify the portfolio of attacks.

Read more

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign.

Read more

Use TeamViewer? Fix this dangerous permissions bug with an update

A potentially dangerous permissions bug in TeamViewer grants unauthorised access to either the client or the server—and patches may take up to a week to fully roll out.

Read more

Fake IRS notice delivers customized spying tool

Threat actors leverage a Microsoft Office exploit to spy on their victims. In this blog post, we will review its delivery mechanism and analyze the malware we observed, a modified version of a commercial Remote Administration Tool (RAT).

Read more

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language