Starry Addax targets human rights defenders in North Africa with new malware
Cisco Talos is disclosing a new threat actor we deemed “Starry Addax” targeting mostly human rights activists, associated with the Sahrawi Arab Democratic Republic (SADR) cause with a novel mobile malware.
Suspected CoralRaider continues to expand victimology using three information stealers
Talos also discovered a new PowerShell command-line argument embedded in the LNK file to bypass anti-virus products and download the final payload into the victims’ host.
OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal
The documents contained malicious VBA code, indicating they may be used as lures to infect organizations.
Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials
Cisco Talos would like to acknowledge Brandon White of Cisco Talos and Phillip Schafer, Mike Moran, and Becca Lynch of the Duo Security Research team for their research that led to the identification of these attacks. Cisco Talos is actively monitoring a global increase in brute
What’s the deal with the massive backlog of vulnerabilities at the NVD?
Given the state of the NVD and vulnerability management, we felt it was worth looking at the current state of the NVD, how we got to this point, what it means for security teams, and where we go from here.
Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation?
At most, someone who intentionally or repeatedly shares information on their social platform that’s misleading or downright false may have their account blocked, suspended or deleted.
The internet is already scary enough without April Fool’s jokes
The security community is still reflecting on the “What If” of the XZ backdoor.
Vulnerability in some TP-Link routers could lead to factory reset
There are also two out-of-bounds write vulnerabilities in the AMD Radeon user mode driver for DirectX 11.
April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution
Though April’s monthly security update from Microsoft includes 150 vulnerabilities, only three of them are considered “critical."