CISA Urges Orgs to Patch Actively Exploited Windows SeriousSAM Bug The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks. CISA’s warning about these vulnerabilities serves as a wake-up call to all system administrators that they need Read more…
Microsoft Fixes Defender Flaw Letting Hackers Bypass Antivirus Scans Microsoft has recently addressed a weakness in the Microsoft Defender Antivirus on Windows that allowed attackers to plant and execute malicious payloads without triggering Defender’s malware detection engine. This security flaw [1, 2] affected the latest Windows 10 versions, and threat attackers could Read more…
Microsoft: Support for Windows 10 20H2 ending in May 2022 Microsoft reminded customers today that multiple editions of Windows 10, version 20H2 and Windows 10, version 1909 are quickly approaching the end of servicing (EOS). In a support document updated today, Microsoft stated that Windows 10 20H2 (also known as the October 2020 Update) Read more…
Microsoft Starts Killing off WMIC in Windows, will Thwart Attacks Microsoft is moving forward with removing the Windows Management Instrumentation Command-line (WMIC) tool, wmic.exe, starting with the latest Windows 11 preview builds in the Dev channel. WMIC.exe is a built-in Microsoft program that allows command-line access to the Windows Management Read more…
Hacking Group ‘ModifiedElephant’ Evaded Discovery for a Decade For a decade, an advanced persistent threat (APT) actor tracked as ModifiedElephant has been using tactics that allowed it to operate in utmost secrecy, without cybersecurity companies connecting the dots between attacks. This particular group of hackers employs readily-available trojans through spear-phishing, and Read more…
Apple Patches New Zero-day Exploited to Hack iPhones, iPads, Macs Apple has released security updates to fix a new zero-day vulnerability exploited in the wild by attackers to hack iPhones, iPads, and Macs. The zero-day patched today is tracked as CVE-2022-22620 [1, 2] and is a WebKit Use After Free issue that could Read more…
Qbot, Lokibot Malware Switch Back to Windows Regsvr32 Delivery Malware distributors have turned to an older trick known as Squiblydoo to spread Qbot and Lokibot via Microsoft Office document using regsvr32.exe. A report from the threat research team at security analytics platform Uptycs shows that the use of regsvr32.exe has been spiking Read more…
FTC says Americans Lost $547 million to Romance Scams in 2021 The US Federal Trade Commission (FTC) said that Americans reported record high losses of $547 million to romance scams in 2021, up almost 80% compared to 2020 and over six times compared to losses reported in 2017. Financial losses Read more…
FritzFrog Botnet Grows 10x, Hits Healthcare, Edu, and Govt Systems The FritzFrog botnet that’s been active for more than two years has resurfaced with an alarming infection rate, growing ten times in just a month of hitting healthcare, education, and government systems with an exposed SSH server. Discovered in August 2020, Read more…
Spain Dismantles SIM Swapping Group Who Emptied Bank Accounts Spanish National Police has arrested eight suspects allegedly part of a crime ring who drained bank accounts in a series of SIM swapping attacks. They presumably spoofed the targets’ bank in phishing messages via email, SMS, or direct messages on social media platforms, according Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
