On Wednesday, the U.S. Justice Department indicted three North Korean military intelligence officials associated with conspicuous cyber-attacks that comprised the stealing of $1.3 billion in money and crypto-currency from organizations worldwide. The indictment asserts the troika was part of a “wide-ranging criminal conspiracy to conduct a series of destructive cyberattacks” Continue Reading
On Friday, French radio station France Inter reported that members of the Egregor ransomware cartel have been arrested this week in Ukraine. The arrests, which have not been formally announced, occurred due to a joint inquiry between French and Ukrainian police. Sources in the threat intel community have established the Continue Reading
On February 2021 Security Patch Day, SAP has issued seven new security notes, including a Hot News note that highlights a serious vulnerability in SAP Commerce. It also updated six previously released notes. In its advisory, SAP explains that the critical issue, tracked as CVE-2021-21477 and featuring a CVSS score Continue Reading
Software giant Microsoft has exhorted customers to install security updates for three Windows TCP/IP flaws termed as critical and high severity at the earliest. This warning was issued on account of high abuse risk and possible denial-of-service (DoS) attacks that could soon target these bugs. The three TCP/IP security flaws Continue Reading
Fortinet has fixed several critical flaws affecting its products. Ranging from Remote Code Execution (RCE) to SQL Injection, to Denial of Service (DoS), the vulnerabilities impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) products. Numerous advisories published by FortiGuard Labs this month and in January 2021 mention various serious flaws that the company has been Continue Reading
By