Security

QNAP has published an advisory about a new stream of DeadBolt ransomware attacks targetting its network-attached storage (NAS) devices worldwide. The company advises customers to immediately update their devices to the latest versions of QTS or QuTS hero operating systems. The latest DeadBolt ransomware campaign follows the previous attacks reported back in January, March, and…

Microsoft has launched a new Microsoft Defender for individuals app today. The new security offering for consumers is now available for Microsoft 365 subscribers in select markets across Windows, macOS, Android, and iOS. Microsoft Defender for individuals first debuted in preview in the US back in February this year. It provides a centralized dashboard, which…

Microsoft announced yesterday that it has entered into a definitive agreement to acquire Miburo, a New York-based cyber threat analysis company. The Redmond giant plans to leverage Miburo’s expertise in global threat intelligence to help customers counter foreign cyber attacks and state-backed information operations. Miburo was founded in 2012 by cybersecurity expert Clint Watts, who…

World events since March 2020 have highlighted one of the key benefits of Office 365 and cloud-based SaaS services in general: they are available any time, any place, on any device.  As the world was forced to work from home, Office 365 apps such as Teams, Outlook, SharePoint, and OneDrive could easily be accessed outwith…

Security researchers have discovered a new Linux malware dubbed Symbiote that uses sophisticated techniques to hide its presence on compromised systems. The malware appears to be targeting financial institutions in Latin America, including Brazil. Specifically, cyber security researchers from Intezer and The BlackBerry Threat Research & Intelligence Team first detected Symbiote in November 2021. The…

Microsoft announced a significant revamp of its Azure Purview data-governance platform. The Redmond giant is rebranding the service as “Microsoft Purview” and also rolling out new Microsoft 365 compliance capabilities to the suite. The new Microsoft Purview suite provides customers with compliance tools that allow them to view all their data assets in one place….

Cybersecurity researchers have found that attackers are exploiting the recently discovered Windows zero-day flaw dubbed “Follina” to infect victims’ computers with Qbot malware. Qbot operators have also teamed up with the Black Basta group to spread ransomware. Qbot, also known as QuakBot QakBot, and Pinkslipbot, was first identified in 2008 as a trojan capable of…

Atlassian has released new security updates to fix a critical flaw affecting its Confluence Server and Data Center products. The vulnerability, tracked as CVE-2022-26134, allows for unauthenticated remote code execution on unpatched servers. The zero-day security flaw was disclosed by security company Volexity last week, and it impacts all supported versions (except those hosted on…

Atlassian has published a security advisory about a new critical flaw impacting its Confluence Server and Data Center products. The company warned IT teams that the security vulnerability could lead to unauthenticated remote code execution (RCE). The security vulnerability, tracked as CVE-2022-26134, was discovered by the cybersecurity company Volexity. Atlassian released an advisory about the…

Security researchers have discovered a new zero-day vulnerability that allows hackers to launch a Windows search window via malicious Word documents. The security flaw exists in the Windows search protocol handler (search-ms) that allows applications and links to open searches for malicious attacks. According to Bleeping Computer, an attacker could abuse the protocol handler to…