US Cyber Command has disclosed 20 new strains of malware among the numerous software nasties and cyberattacks being used against Ukrainian targets over the last few months. In an alert this week, the Pentagon's cyberspace wing made public indicators of compromise (IOC) associated with various malware strains that were found in Ukrainian networks by the country's security service. READ MORE...
On Thursday, Ukrainian media group TAVR Media confirmed that it was hacked to spread fake news about President Zelenskiy being in critical condition and under intensive care. According to the State Service of Special Communications and Information Protection of Ukraine (SSCIP), the network operates nine major Ukrainian radio stations, including Hit FM, Radio ROKS, KISS FM, Radio RELAX, Melody FM, Nashe Radio, Radio JAZZ, Classic Radio, and Radio Bayraktar. READ MORE...
Atlassian this week announced patches for two critical Servlet Filter vulnerabilities that impact multiple products across its portfolio. Servlet Filters are pieces of Java code designed to intercept and process HTTP requests sent between a client and a backend. Servlet Filters may offer security mechanisms such as auditing, authentication, logging, or authorization. READ MORE...
Drupal developers have announced the release of updates that patch several vulnerabilities in the open source content management system (CMS). Drupal has released four advisories that describe four types of vulnerabilities. One of them has been rated "critical" and the other three "moderately critical." Drupal uses the NIST Common Misuse Scoring System to rate vulnerabilities - instead of CVSS - with flaws being rated "less critical," "moderately critical," "critical" and "highly critical." READ MORE...
A previously unknown macOS spyware has surfaced in a highly targeted campaign, which exfiltrates documents, keystrokes, screen captures, and more from Apple machines. Interestingly, it exclusively uses public cloud-storage services for housing payloads and for command-and-control (C2) communications - an unusual design choice that makes it difficult to trace and analyze the threat. READ MORE...
The Israeli spyware vendor Candiru was found using a zero-day vulnerability in Google Chrome to spy on journalists and other high-interest individuals in the Middle East with the 'DevilsTongue' spyware. The flaw tracked as CVE-2022-2294 is a high-severity heap-based buffer overflow in WebRTC, which, if successfully exploited, may lead to code execution on the target device. READ MORE...