CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems

Tracked as CVE-2022-30333 (CVSS score: 7.5), the issue concerns a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive.

Hackers Exploit Hostinger's Preview Domain Feature to Launch Phishing Campaigns

A team of security researchers from CloudSEK has discovered a new phishing tactic used by threat actors (TA) to target Indian banking customers via preview domains from Hosting Provider Hostinger.

U.S. CISA and Australia's ACSC Release List of 2021’s Top Malware Strains

As per the advisory, the top malware strains of 2021 include Agent Tesla, AZORult, Formbook, Ursnif, LokiBot, MOUSEISLAND, NanoCore, Qakbot, Remcos, TrickBot and GootLoader.

CISA Adds Zimbra Email Vulnerability to its Exploited Vulnerabilities Catalog

The issue in question is CVE-2022-27924 (CVSS score: 7.5), a command injection flaw in the platform that could lead to the execution of arbitrary Memcached commands and theft of sensitive information.

Organizations Warned of Critical Confluence Flaw as Exploitation Continues

The US Cybersecurity and Infrastructure Security Agency (CISA) has instructed government organizations — and advised private sector companies — to address a recently disclosed Confluence vulnerability that has been exploited in attacks.

US Federal Communications Commission (FCC) warns of the rise of smishing attacks

The alert is based on the increased number of consumer complaints about unwanted text messages, in recent years it raised from approximately 5,700 in 2019, 14,000 in 2020, 15,300 in 2021, to 8,500 through June 30, 2022

US govt warns Americans of escalating SMS phishing attacks

The Federal Communications Commission (FCC) warned Americans of an increasing wave of SMS (Short Message Service) phishing attacks attempting to steal their personal information and money.

HHS alerts to ongoing healthcare web app attacks, urges review of tactics

In healthcare, the most common web app attacks occur on patient portals, telehealth platforms, online pharmacies, electronic health records, health entities’ web-based email, and similar tech.

U.S. Cyber Command Exposes Malware Targeting Ukrainian Entities

Ukrainian officials shared the information with the U.S. government, Cyber Command said, and then the agency uploaded various technical details to VirusTotal, Pastebin and GitHub. The agency did not attribute the malware.

FBI Warns of Fake Cryptocurrency Apps Stealing Millions from US Investors

According to the law enforcement authority, threat actors are misusing the names, logos, and other identifying information of legitimate businesses to create fake websites in an attempt to lure potential investors.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags