CVE-2021-37708

A serious vulnerability affecting the Linphone Session Initiation Protocol (SIP) client suite can allow malicious actors to remotely crash applications, industrial cybersecurity firm Claroty warned on Tuesday. SIP is a signaling protocol designed for initiating, maintaining and terminating communication sessions. The protocol is often used for voice, video, instant messaging, and other types of applications….

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Fraud Risk Management Group Used Fresh Tactic to Target South Korea Doug Olenick (DougOlenick) • April 21, 2021     The form Lazarus uses to lure in its victims (Source: Malwarebytes) Malwarebytes researchers report the North Korean advanced persistent threat group Lazarus rolled out a…

Account Takeover Fraud , Card Not Present Fraud , Cybercrime Cybercriminals Using Web Shells to Control Retailers’ Servers Doug Olenick (DougOlenick) • April 9, 2021     Visa’s Payment Fraud Disruption team reports that cybercriminals are increasingly using web shells to establish command and control over retailers’ servers during payment card skimming attacks. See Also:…

Four individuals behind a “bulletproof hosting” site have pleaded guilty to US racketeering charges, the Department of Justice (DoJ) has announced. The service, designed to accommodate criminal activities and help clients evade detection, was founded by Russians Aleksandr Grichishkin and Andrei Skvortsov. The other two parties are Lithuanian Aleksandr Skorodumov and Estonian Pavel Stassi, who…

MOSCOW: Tensions between Moscow and Prague spiralled on Sunday (Apr 18) with Russia ordering out 20 diplomats, a day after the Czech Republic accused the suspects in the Skripal poisoning of being behind a deadly 2014 explosion on its soil. Czech authorities on Saturday announced they were expelling 18 Russian diplomats identified as secret agents…

Crypto hacker offered reward after $600m heist