PhonyC2 was used to exploit the log4j vulnerability in the Israeli software SysAid, the attack against Israel’s Technion institute, and the ongoing attack against the PaperCut print management software.
An international investigation intercepted and analyzed over 115 million conversations that took place over the encrypted messaging platform among more than 60,000 users.
US SEC staff have recommended legal action against individual SolarWinds employees, including the CISO — an unusual move that is causing a stir among cybersecurity professionals.
The threat actors are distributing their malware via the Play Store, and already had over 30,000 installations as of March.
Personal information of 5,745 pilots of American Airlines and 3,009 pilots from Southwest Airlines has been leaked due to the incident.
AquaSec analyzed a sample of 1% of GitHub repositories and found that about 37,000 of them are vulnerable to RepoJacking, including the repositories of companies such as Google and Lyft.
China-sponsored APT group Flea ran a malware campaign against ministries of foreign affairs in North and South America using a new backdoor dubbed Graphican, according to the Symantec Threat Hunter Team.
While currently used to push adware, the campaign can redirect users to other types of malware, such as banking Trojans, to steal credentials and financial information or ransomware.