Tag: April 2023

Microsoft has announced that it will use weather-themed naming for APTs and other threat actors to better contextualize public APT disclosures.

The CISA has announced its plans to enhance the LME tool, an open-source log management solution for Windows-based devices.

Desktop phone developer 3CX's supply chain attack was the result of a previously unknown attack on a financial trading software maker by North Korean hackers.

VMware, a leading cloud computing and virtualization technology company, has addressed a critical security vulnerability in its vRealize Log Insight product.

The malware is confirmed to exploit privilege escalation vulnerabilities, which are believed to be due to the high privileges required by Trigona.

Google’s Threat Analysis Group (TAG) has identified large-volume phishing campaigns targeting Ukrainian users and aimed at gathering intelligence.

Microsoft has released a security update to address vulnerabilities in the Microsoft Edge Stable Channel. The update is intended to address CVE-2023-2136.

Cloud security firm Wiz has discovered two critical vulnerabilities in Alibaba Cloud’s ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL.

The Play ransomware group has developed two custom tools in .NET, Grixba and VSS Copying Tool, to enhance the efficiency of its attacks.

The UK's National Cyber Security Centre (NCSC) has issued an alert warning about the elevated risk of attacks from state-aligned Russian hacktivists.