The US Cybersecurity and Infrastructure Security Agency (CISA) says a Linux vulnerability tracked as CVE-2021-4034 dubbed PwnKit has been exploited in attacks.  The flaw came to light in January and affects Polkit, a component designed for…

Cyber Scene #69 - Looking Back, and Forward  

Spotlight on Lablet Research #31 - Predicting the Difficulty of Compromise through How Attackers Discover Vulnerabilities  

The extortion group RansomHouse claims to have data stolen from the processor designer AMD following an alleged security breach earlier this year. According to RansomHouse, the files were obtained from an intrusion into AMD's network on January 5, 2022,…

Security researchers at EY disocvered that nearly all (97%) of the executives surveyed expect quantum computing to disrupt their sectors to a high or moderate extent.  Moreover, approximately half (48%) believe that quantum computing will reach…

Carnival Cruise Lines will have to pay more than $6.25 million to settle two lawsuits brought by 46 states in the U.S. after a series of cyberattacks allowed hackers to access private information about customers and workers.  In 2019 the first…

Over 900,000 misconfigured Kubernetes clusters were discovered to be vulnerable to potentially malicious scans on the Internet, with some even vulnerable to data-exposing cyberattacks. Kubernetes is an open-source container orchestration system with a…

The LockBit 3.0 ransomware operation has recently launched, and the gang is starting a bug bounty program offering up to $1 million for vulnerabilities and various other types of information.  LockBit has been around since 2019. The LockBit 2.0…

Abnormal Security discovered that in January 2022, the number of business email compromise (BEC) attacks impersonating external third parties surpassed those impersonating internal employees for the first time and has continued to exceed traditional…

High-severity cybersecurity flaws discovered in OFFIS DCMTK software could lead to Remote Code Execution (RCE) if exploited, according to a recent advisory released by the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency…

An attack campaign targeting unpatched Microsoft Exchange Servers as an initial access vector to launch the ShadowPad malware is targeting entities in Afghanistan, Malaysia, and Pakistan. This activity has been attributed to a previously unknown Chinese-…

A new Android banking malware called Revive impersonates the two-factor authentication (2FA) application required to access BBVA bank accounts in Spain. Rather than infecting customers of various financial institutions, this Trojan has a more focused…