Hackers Switching to alternates since macros are blocked
Once Microsoft blocked the Office Macro for VBA and XLM or XL4, ransomware actors quickly switched tactics to adapt to the new changes. Researchers says that Microsoft's solution to bar…
Ukraine ties hand with U.S. CISA
The CISA has signed an agreement with its counterpart in Ukraine to strengthen collaboration on shared cybersecurity priorities. The MoU shows ties between Ukraine and the U.S are stronger. As…
LofyLife steals Discord tokens
Researchers have discovered an attack campaign named Lofylife that uses malicious npm packages, targeting Discord users to steal Discord tokens and users’ card data. The Python malware is a modified…
Atlassian Confluence Questions Bug exploited in wild
A recently patched critical vulnerability in Atlassian Confluence is now being actively exploited in the wild, researchers are warning. The bug tracked as CVE-2022-26138, is due to a hardcoded password…
Malicious IIS Extensions Backdooring Exchange Servers
Threat actors are exploiting the IIS web servers to install backdoors and steal credentials in their latest campaign. Microsoft 365 Defender Research Team has revealed hackers are now using Microsoft’s…
Open-Xchange fixes for RCE
Open-Xchange, a popular infrastructure provider has released fixes for several security vulnerabilities impacting OX App Suite. A secure email and collaboration software designed for telcos, web hosting firms, and service…
Draft HIPAA Security Rule
The NIST has released an initial draft of HIPAA Security Rule: A Cybersecurity Resource Guide (an update on 2008 NIST Guide) for public comment. This Guide provides guidance on assessing and managing…
DUCKTAIL – Affecting Facebook Business Ads.
Researchers have discovered an operation, named DUCKTAIL, targetting individuals and organizations that operate on Facebook’s Business and Ads. The threat actors target individuals and employees that may have access to…