Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Bitter APT Hackers Add Bangladesh to Their List of Targets in South Asia

An espionage-focused threat actor known for targeting China, Pakistan, and Saudi Arabia has expanded to set its sights on Bangladeshi government organizations as part of an ongoing campaign that commenced in August 2021. Cybersecurity firm Cisco Talos attributed the activity with moderate confidence to a hacking group dubbed the Bitter APT based on overlaps in the command-and-control (C2)

The Hacker News
Open in Source
#vulnerability#windows#microsoft#cisco#intel#c++#rce#zero_day#The Hacker News
Novel Phishing Trick Uses Weird Links to Bypass Spam Filters

A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains.

Bitter APT adds Bangladesh to their targets

Cisco Talos has observed an ongoing malicious campaign since August 2021 from the Bitter APT group that appears to target users in Bangladesh, a change from the attackers' usual victims.As part of this, there's a new trojan based on Apost Talos is calling "ZxxZ," that, among other... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Google Will Use Mobile Devices to Thwart Phishing Attacks

In an effort to combat phishing, Google will allow Android phones and iPhones to be used as security keys.

Actively Exploited Zero-Day Bug Patched by Microsoft

Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.

Researchers Warn of Nerbian RAT Targeting Entities in Italy, Spain, and the U.K

A previously undocumented remote access trojan (RAT) written in the Go programming language has been spotted disproportionately targeting entities in Italy, Spain, and the U.K. Called Nerbian RAT by enterprise security firm Proofpoint, the novel malware leverages COVID-19-themed lures to propagate as part of a low volume email-borne phishing campaign that started on April 26, 2022. "The newly

Microsoft Releases Fix for New Zero-Day with May 2022 Patch Tuesday Updates

Microsoft on Tuesday rolled out fixes for as many as 74 security vulnerabilities, including one for a zero-day bug that's being actively exploited in the wild. Of the 74 issues, seven are rated Critical, 66 are rated Important, and one is rated low in severity. Two of the flaws are listed as publicly known at the time of release. These encompass 24 remote code execution (RCE), 21 elevation of

Microsoft Patch Tuesday, May 2022 Edition

Microsoft today released updates to fix at least 74 separate security problems in its Windows operating systems and related software. This month's patch batch includes fixes for seven "critical" flaws, as well as a zero-day vulnerability that affects all supported versions of Windows.

What to Patch Now: Actively Exploited Windows Zero-Day Threatens Domain Controllers

Microsoft's May 2022 Patch Tuesday contains several bugs in ubiquitous software that could affect millions of machines, researchers warn.

CVE-2022-29105

Microsoft Windows Media Foundation Remote Code Execution Vulnerability.