DXC Security Threat Intelligence Report

The cloud computing provider warns customers of increased risks from phishing attacks following a ransomware attack on its hosted Microsoft Exchange environment.

The U.S. Department of Health and Human Services (HHS) reports multiple ransomware attacks on healthcare organizations from a new gang of experienced threat actors.

A version of an open source ransomware toolkit called Cryptonite locks files with no option to decrypt them back, essentially acting as a destructive data wiper.

Unpatched vulnerabilities in three popular Android apps with 2 million installs – Lazy Mouse, PC Keyboard and Telepad – allow a smartphone to be used as a remote keyboard and mouse.

A now-patched vulnerability in the SiriusXM connected vehicle service exposes cars from Honda, Nissan, Infiniti and Acura to remote attacks via VINs.

The North Korean government’s Lazarus Group leverages cryptocurrency apps to deliver a new version of AppleJeus malware through malicious Microsoft Office documents.

Hackers are signing malicious apps with platform certificates from Samsung, LG, MediaTek and other Android smartphone vendors to gain OS-level privileges and harvest sensitive data.

Threat actors are exploiting a critical security vulnerability in Redis, an in-memory data structure store, to deploy new Redigo malware and likely build a botnet network.

Three severe vulnerabilities in the American Megatrends MegaRAC Baseboard Management Controller (BMC) software impact AMD, ARM, HPE, Dell and other servers used by many cloud service and data center providers.

The open-source Linux PRoot utility in BYOF (Bring Your Own Filesystem) helps attackers create a consistent repository of malicious tools that work on many Linux distributions.

A new set of Android malware, phishing and adware apps on Google Play pose as useful utilities and system optimizers but instead degrade performance and user experience.

Unit 42 expects telephone-oriented attack delivery (TOAD) phishing attacks to increase in popularity due to low per-target cost, low risk of detection and fast monetization