Chinese hackers use new custom backdoor to evade detection
The Chinese cyber espionage hacking group Mustang Panda was seen deploying a new custom backdoor named ‘MQsTTang’ in attacks starting this year. Mustang Panda is…
Category: Bleeping Computer
Australian woman arrested for email bombing a government office
The Australian Federal Police arrested a woman in Werrington, Sydney, for allegedly email bombing the office of a Federal Member of Parliament. Email bombing is…
CISA releases free ‘Decider’ tool to help with MITRE ATT&CK mapping
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released ‘Decider,’ an open-source tool that helps defenders and security analysts quickly generate MITRE ATT&CK mapping…
British retail chain WH Smith says data stolen in cyberattack
British retailer WH Smith has suffered a data breach that exposed information belonging to current and former employees. The company operates 1,700 locations across the United…
How to Prevent Callback Phishing Attacks on Your Organization
Hybrid phishing attacks continue to pose a clear and present danger to all organizations. How can these threats be mitigated to reduce their impact? A…
Microsoft fixes bug behind apps not installing during provisioning
Microsoft has addressed a Windows 11 22H2 known issue causing some apps not to be installed during Windows provisioning. This is caused by the affected…
Russia bans foreign messaging apps in government organizations
Russia’s internet watchdog agency Roskomnadzor warns that laws banning the use of many foreign private messaging applications in Russian government and state agencies came into…
Cisco patches critical Web UI RCE flaw in multiple IP phones
Cisco has addressed a critical security vulnerability found in the Web UI of multiple IP Phone models that unauthenticated and remote attackers can exploit in…
Aruba Networks fixes six critical vulnerabilities in ArubaOS
Aruba Networks published a security advisory to inform customers about six critical-severity vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system. The flaws…
Trezor warns of massive crypto wallet phishing campaign
An ongoing phishing campaign is pretending to be Trezor data breach notifications attempting to steal a target’s cryptocurrency wallet and its assets. Trezor is a…
Microsoft PowerToys adds ‘Paste as plain text’ and Mouse Jump tools
Microsoft has added two new utilities to the open-source PowerToys toolset to help Windows users paste text without formatting and make moving the mouse across…
Iron Tiger hackers create Linux version of their custom malware
The APT27 hacking group, aka “Iron Tiger,” has prepared a new Linux version of its SysUpdate custom remote access malware, allowing the Chinese cyberespionage group…