LockBit ransomware group’s attempt to create a macOS version of their malware has been discovered by researchers. The malware is capable of encrypting files on Mac devices, but it does not seem to pose any real risk. Patrick Wardle, a security expert, has conducted an analysis of the macOS LockBit version and found that the…
Cybersecurity researchers have detailed the tactics of a “rising” cybercriminal gang called “Read The Manual” (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit. The group started off in 2015 as a banking malware targeting businesses in Russia via drive-by downloads, spam, and phishing emails.…
This week, the US Cybersecurity and Infrastructure Security Agency (CISA) published an updated version of its guidance on how to achieve zero trust maturity. Zero trust is an approach to security that assumes that a breach has already occurred and is based on the idea that no user or asset should be trusted. The goal…
Cloud security company Orca has recently revealed an exploitation path involving Azure shared key authorization that could allow full access to accounts and business data, leading to remote code execution (RCE). This is due to the weak security of Azure shared key authorization compared to Azure Active Directory (Azure AD) credentials. By default, Azure generates…
Software maker Adobe released patches for 56 security vulnerabilities on Tuesday, some of which are serious enough to expose Windows and macOS users to code execution attacks. Among the updates released, 16 vulnerabilities were documented in the Adobe Acrobat and Reader software, 14 in Adobe Digital Editions and Adobe InCopy, 15 in Adobe Dimension, and…
Microsoft has issued a warning regarding the cyberattacks conducted by the Iranian advanced persistent threat (APT) actors MuddyWater and DEV-1084, which are disguised as ransomware. MuddyWater is officially linked to Iran’s Ministry of Intelligence and Security and has been launching espionage campaigns against targets in the Middle East since at least 2017. DEV-1084 is connected…
This week, Sophos announced security updates that address several vulnerabilities in its Sophos Web Appliance. The most serious of these is a critical bug that could lead to code execution. Sophos Web Appliance is a web security solution that enables administrators to create, enforce and manage web access policies from a single interface. According to…