Eskenzi PR ad banner Eskenzi PR ad banner

Cyber Bites

Microsoft Latest Patch Fixes New Windows Zero-Day With No Patch for Exchange Server Bugs

Recent news reports show that Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively exploited zero-day flaw in the wild. It appears that out of the 85 bugs, 15 are rated Critical, 69 are rated Important, and one is rated Moderate in severity. The update, however, does not include mitigations for the actively exploited ProxyNotShell flaws in Exchange Server. Notably, the patches come alongside updates to resolve...

Read more
Google Merges Recent Acquisitions Under New Cloud Security

Earlier this week, following Google’s acquisition of cybersecurity groups Siemplify and Mandiant, the US tech giant has sought to bring all of its cloud capabilities under one roof with the launch of Chronicle Security Operations. Further to this, Google’s Cloud Next division unveiled the cloud-born software suite on October 11, 2022, which it said can “better enable cybersecurity teams to detect, investigate, and respond to threats with the speed, scale, and intelligence of Google.” In...

Read more
German Cybersecurity Chief Accused of Russian Contact Faces Sacking

Last week, German Interior Minister Nancy Faeser could dismiss Arne Schoenbohm, president of the Federal Office for Information Security (BSI) due to possible contact with Russian security agents, German media reported on Sunday, October 9, 2022, citing government sources. Schoenbohm, a founder of the Cyber Security Council of Germany, an industrial consortium, is alleged to have had contacts with people from one of the association’s members, a German subsidiary of a Russian cybersecurity firm founded...

Read more
Pro-Russian KillNet Group Accused of DDoS Attacks on US Airports

Earlier today, the pro-Russian hacktivist group 'KillNet' is claiming large-scale distributed denial-of-service (DDoS) attacks against websites of several major airports in the U.S., making them unaccessible. It's been reported that the DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport services. It's important to note examples of airport websites that are currently unavailable including the...

Read more
Newly Discovered Android Spyware ‘RatMilad’ Targets Enterprise Devices in Iran

Earlier this week, a newly discovered Android spyware family dubbed 'RatMilad' has been observed trying to infect an enterprise device in the Middle East. It appears that the discovery comes from security researchers at Zimperium, who said the original variant of the previously unknown RatMilad spyware hid behind a VPN and phone number spoofing app called Text Me. In recent news, after identifying the RatMilad spyware, the Zimperium team also uncovered a live sample of the...

Read more
Meta Law Suit Against Chinese Devs Over WhatsApp Malware Plot

Earlier today, WhatsApp parent company Meta announced that they are suing three Chinese developers for allegedly tricking users into downloading fake versions of the app that harvested their login details. It appears that WhatsApp and Meta are listed as plaintiffs in the case, filed in the US District Court for the Northern District of California this week, against Hong Kong’s Rockey Tech HK and Beijing Luokai Technology, and Taiwan’s ChitChat Technology. Reports have said the...

Read more
New CIISec Initiative Aims to Strengthen UK’s Nuclear Cybersecurity Posture

Earlier this morning, Chartered Institute of Information Security (CIISec) announced the launch of a new initiative aimed at attracting talent, developing skills and encouraging best practices in the UK’s nuclear industry. Reports have said that the Nuclear Sector Hub will be led by Mark Kendrew, CISO of the National Nuclear Laboratory, and is set to focus on the key challenges which may be exposing the sector to unnecessary cyber risk. The new initiative will look...

Read more
Phishing Campaigns Target Major Fast Food Chains in Saudi Arabia, UAE, Singapore

Earlier this week, KFC and McDonald's customers were targeted via phishing campaigns across Saudi Arabia, UAE and Singapore, with payment details of some of them successfully stolen by attackers. Security researchers at CloudSEK were the first to spot that these campaigns worked via a domain impersonating the Google Play Store and displaying a malicious, browser–based application for Chrome. They found that after landing on the malicious URL and clicking on the download button, the text...

Read more
New Microsoft Update To Let Office 365 Users Report Teams Phishing Messages

Earlier last week, Microsoft announced that they are working on updating Microsoft Defender for Office 365 to allow Microsoft Teams users to alert their organization's security team of any dodgy messages they receive. As of now, Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection or Office 365 ATP) protects organizations from malicious threats from email messages, links, and collaboration tools. It appears that this in-development feature aims to allow admins to filter...

Read more
LA Unified School District Warns Of Hackers Posting Stolen Data Online

Earlier today, the second largest school district in the US has warned that hackers have begun posting data they claim to have stolen from the institution last month In early September. the Los Angeles Unified School District (LAUSD), which serves over 600,000 students from kindergarten to twelfth grade, was compromised by the Vice Society group. For now, it’s unclear exactly how much or what type of data may now have been exposed by the group, although...

Read more
Page 3 of 262 1 2 3 4 262