Leap day causes problems in Citrix and Sophos software
Citrix virtualization products and Sophos security services ran into problems on Feb. 29.
The extra day in a leap year can cause problems in computer systems if they are not programmed to count the extra day. This seems to be the case with Citrix software; users complained on the support forum t... Read more
Dutch police arrest four men for phishing and bank fraud
The Cybercrime Team Rotterdam of the Dutch Police has arrested four men for large-scale phishing and bank fraud. This followed data from the "Operation Cookie Monster" investigation into the Genesis Marketplace.
The suspects, aged 23, 26, 29 and 30, were guilty of large-scale phishing and bank h... Read more
Hashed passwords captured in Carpetright data breach
In a cyber attack on Carpetright, hashed passwords may have been stolen. The flooring store has reported this to the privacy authorities in the Netherlands and Belgium.
In a response to Tweakers, Carpetright says it was affected by the cyber attack. The cybercriminals gained access to the passwo... Read more
Lazarus Group strikes at kernel level via Windows AppLocker driver
Lazarus Group hackers broke into systems via a zero-day vulnerability in the Windows AppLocker driver and gained access at the kernel level. An enhanced version of their rootkit allowed them to disable security tools on affected systems.
According to Avast research, a zero-day vulnerability in t... Read more
LockBit returns with updated encryptors and new servers
LockBit restarted its operations after receiving a crackdown from police forces last week. The ransomware group launched a new website over the weekend to extort the victims it makes. However, the conclusion about the international action against LockBit is positive. How does the operation impact t... Read more
‘Zombie code’ leads to long-term unpatched vulnerabilities
According to a recent study by Synopsys, outdated code components lurking in codebases, commonly referred to as "zombie code," pose a significant risk by harboring unpatched vulnerabilities for extended periods.
In their Open Source Security and Risk Analysis study, Synopsys researchers highligh... Read more
SentinelOne and NinjaOne redefine endpoint protection
SentinelOne and NinjaOne announce a collaboration to merge the specializations of the companies for enhanced endpoint protection. The solution is aimed at quickly notifying cybersecurity teams of potential threats and expanding threat detection.
A new collaboration between SentinelOne and Ninja... Read more
Spyware found on MEPs’ phones in defense and security committee
Two phones of European parliamentarians have shown traces of spyware. The subcommittee focused on security and defense appears to have been targeted by state hackers, but the culprit is unknown.
The discovery was reported by Politico, which warned back in December that the European Parliament's ... Read more
Google Cloud Run abused for large-scale attacks on financial institutions
Cisco Talos recently found that Google Cloud Run has been abused on a large scale. Attackers are using this service to distribute high volumes of banking trojans, particularly to target financial institutions in Latin America.
Recent research by Cisco Talos shows that cybercriminals have been ab... Read more