Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure
Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure. Google warns of…
Security
Socks5Systemz proxy service delivered via PrivateLoader and Amadey
Threat actors infected more than 10,000 devices worldwide with the ‘PrivateLoader’ and ‘Amadey’ loaders to recruit them into the proxy…
US govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actors
The Treasury Department sanctioned a Russian woman accused of laundering virtual currency on behalf of cybercriminals. The Department of the…
Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free…
Lazarus targets blockchain engineers with new KandyKorn macOS Malware
North Korea-linked Lazarus group is using new KandyKorn macOS Malware in attacks against blockchain engineers. North Korea-linked Lazarus APT group…
Kinsing threat actors probed the Looney Tunables flaws in recent attacks
Kinsing threat actors are exploiting the recently disclosed Linux privilege escalation flaw Looney Tunables to target cloud environments. Researchers are…
Weekly Update 372
Presently sponsored by: Need centralized and real-time visibility into threat detection and mitigation? We got you! Discover the CrowdSec Console…
The mysterious demise of the Mozi botnet – Week in security with Tony Anscombe
Various questions linger following the botnet’s sudden and deliberate demise, including: who actually initiated it?
ZDI discloses four zero-day flaws in Microsoft Exchange
Researchers disclosed four zero-day flaws in Microsoft Exchange that can be remotely exploited to execute arbitrary code or disclose sensitive…
Friday Squid Blogging: Eating Dancing Squid
It’s not actually alive, but it twitches in response to soy sauce. As usual, you can also use this squid…