Executive Summary Informations Name CVE-2021-27245 First vendor Publication 2021-03-29 Vendor Cve Last vendor Modification 2021-03-30 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
Researchers have discovered a new information-stealing trojan, which targets Android devices with an onslaught of data-exfiltration capabilities — from collecting browser searches to recording audio and phone calls. While malware on Android has previously taken the guise of copycat apps, which go under names similar to legitimate pieces of software, this sophisticated new malicious app…
March 29, 2021 CSO Online While sophisticated ransomware and nation-state threat actors target US critical infrastructure, the only protection most organizations have against these attacks is tight and effective cybersecurity. These attacks have drawn government attention and sparked calls for liability protection against malicious intrusions. If organizations want this protection, however, lawmakers say they need…
Suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of the Department of Homeland Security and members of the department’s cybersecurity staff whose jobs included hunting threats from foreign countries, The Associated Press has learned. The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is…
Experts spotted a new advanced Android spyware posing as “System Update” | IT Security News 27. March 2021 Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts from security firm Zimperium have spotted a new sophisticated Android spyware that masquerades itself as a System…
Suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of the Department of Homeland Security and members of the department’s cybersecurity staff whose jobs included hunting threats from foreign countries, The Associated Press has learned. The intelligence value of the hacking of then-acting Secretary Chad Wolf and his staff is…
Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Awake Security Finds Connection Between Hafinum Group and Hades Doug Olenick (DougOlenick) • March 29, 2021 Researchers at Awake Security say at least one attack launched by the operators of Hades ransomware has a connection to the China-linked Hafnium group…
Exchange Server Post-Compromise Attack Activity Shared by Microsoft | IT Security News 29. March 2021 In the context of ongoing Exchange Server attacks, Microsoft has shared information detailing post-compromise activity which has infected vulnerable targets with ransomware and a botnet. When Microsoft released a fix for Exchange Server zero-days on March 2nd, organizations around the…
Suspected Russian hackers gained access to email accounts belonging to the Trump administration’s head of the Department of Homeland Security and members of the department’s cybersecurity staff whose jobs included hunting threats from foreign countries, The Associated Press reported Monday, citing sources. From the report: The intelligence value of the hacking of then-acting Secretary Chad…
Cybercrime , Fraud Management & Cybercrime , Ransomware Also, Parliament’s Email System Shut Down After Clumsy Compromise Attempt Jeremy Kirk (jeremy_kirk) • March 29, 2021 A major Australian broadcaster was hit over the weekend by what was likely ransomware, and the country’s federal Parliament was affected by what is described as a clumsy…
