Cybercrime, RansomHouse is a new group just appeared on darkweb
Bleeping Computer cybersecurity experts: Threat Actors, instead using ransomware, seems focused on breaching networks through alleged vulnerabilities to steal data.
Cybersecurity, CISA adds 7 new vulnerabilities in the exploited list
They are: CVE-2022-29464, CVE-2022-26904, CVE-2022-21919, CVE-2022-0847, CVE-2021-41357, CVE-2021-40450 and CVE-2019-1003029. Patch the flaws ASAP!
Cybersecurity, CISA adds 3 new vulnerabilities to the Known Exploited Catalog
They are the CVE-2021-3156, CVE-2021-31166 and CVE-2017-0148. One is linked to Sudo and the other two to Microsoft.
US CISA, 15 new vulnerabilities exploited by cybercrime actors
The cybersecurity experts: The flaws have been added to the Known Exploited Vulnerabilities Catalog as a frequent attack vector.
Cybercrime, CISA: Threat actors are exploiting 15 new vulnerabilities
The flaws have been added to the “Known Exploited Vulnerabilities Catalog”.
Cybersecurity, multiple vulnerabilities in Android OS
CERT-India researchers: An attacker could obtain sensitive information and gain elevated privileges on the targeted system. Update your device now!
Cybersecurity, Microsoft releases a new bunch of security updates
They cover 55 issues in different products. Six of them are critical and have already been exploited by cybercrime actors.
Cybersecurity, Google fixed an Android critical zero-day vulnerability
It’s the CVE-2021-1048, which can be exploited for local escalation of privilege and to gain admin control over a targeted system. The security updates include 38 patches.
Cybersecurity, 4 vulnerabilities in Azure VM management extensions OMI agent
Microsoft: They could allow an attacker to raise their privileges and remote arbitrary code execution. Furthermore, there is a PoC online.
Cybersecurity: here it comes BrakTooth, a bunch of 16 security flaws in Bluetooth stacks
Security Affairs: The vulnerabilities impact 13 chipsets from 11 vendors, and can be exploited to execute arbitrary code and crash the devices via DoS attacks.