InfoSec News

How to add a credit card as a Bitwarden vault item and why you should Here's why it could be a smart idea to add a credit card as a vault item with the password manager Bitwarden. via Latest stories for ZDNET in Security

Trigona ransomware spotted in increasing attacks worldwide A previously unnamed ransomware has rebranded under the name 'Trigona,' launching a new Tor negotiation site where they accept Monero as ransom payments. [...] via BleepingComputer (author: Lawrence Abrams)

All You Need to Know About Emotet in 2022 For 6 months, the infamous Emotet botnet has shown almost no activity, and now it's distributing malicious spam. Let's dive into details and discuss all you need to know about the notorious malware to combat it. Why is everyone scared of Emotet? Emotet is by far one of the most dangerous trojans ever created. The malware became a very destructive program as it grew in scale and sophistication. via The Hacker News (author: noreply@blogger.com (The Hacker News))

Russia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations Ukraine has come under a fresh onslaught of ransomware attacks that mirror previous intrusions attributed to the Russia-based Sandworm nation-state group. Slovak cybersecurity company ESET, which dubbed the new ransomware strain RansomBoggs, said the attacks against several Ukrainian entities were first detected on November 21, 2022. "While the malware written in .NET is new, its deployment is via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google's Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022. Heap-based buffer overflow bugs can be via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

Google warns: Android 'patch gap' is leaving these smartphones vulnerable to attack Google says it is working with Android smartphone manufacturers to get them to release patches for multiple critical Arm Mali GPU driver bugs. via Latest stories for ZDNET in Security

Dell, HP, and Lenovo Devices Found Using Outdated OpenSSL Versions An analysis of firmware images across devices from Dell, HP, and Lenovo has revealed the presence of outdated versions of the OpenSSL cryptographic library, underscoring a supply chain risk. EFI Development Kit, aka EDK, is an open source implementation of the Unified Extensible Firmware Interface (UEFI), which functions as an interface between the operating system and the firmware embedded in via The Hacker News (author: noreply@blogger.com (Ravie Lakshmanan))

New Windows Server updates cause domain controller freezes, restarts Microsoft is investigating LSASS memory leaks (caused by Windows Server updates released during the November Patch Tuesday) that might lead to freezes and restarts on some domain controllers. [...] via BleepingComputer (author: Sergiu Gatlan)

Google rushes out Chrome browser fix for new zero-day flaw Google patches a sandbox escape in Chrome that an attacker can exploit by luring a target to a malicious web page. via Latest stories for ZDNET in Security