Microsoft will soon remove Flash Player from Windows 10 devices

The Patch Tuesday security update due in July should hammer the last nail in the coffin of Adobe Flash Player. Microsoft has updated its roadmap for eliminating Adobe Flash Player from the Windows 10 operating system. Starting in July, the removal of the piece of software that has helped shape the internet will become a … More Microsoft will soon remove Flash Player from Windows 10 devices

Authorities remove web shells from compromised Exchange servers

Law enforcement steps in to thwart attacks leveraging the recently-disclosed Microsoft Exchange Server vulnerabilities. The United States’ Federal Bureau of Investigation (FBI) has carried out a court-approved operation to “copy and remove” malicious web shells from hundreds of systems across the US that were compromised through the mass exploitation of zero-day flaws in Microsoft Exchange … More Authorities remove web shells from compromised Exchange servers

ESET Research uncovers Janeleiro, a new banking trojan attacking corporate users in Brazil

ESET Research has uncovered a new banking trojan that has been targeting corporate users in Brazil since at least 2019 across many sectors, including engineering, healthcare, retail, manufacturing, finance, transportation, and governmental institutions. ESET dubbed the new threat Janeleiro. It attempts to deceive its victims with pop-up windows designed to look like the websites of … More ESET Research uncovers Janeleiro, a new banking trojan attacking corporate users in Brazil

Google fixes Chrome zero‑day bug exploited in the wild

The latest update patches a total of five vulnerabilities affecting the browser’s desktop versions. Google has rolled out an update for its Chrome web browser that fixes five security flaws, including a zero-day vulnerability that is known to be actively exploited by malicious actors. The bugs affect the Windows, macOS, and Linux versions of the … More Google fixes Chrome zero‑day bug exploited in the wild

Exchange servers under siege from at least 10 APT groups

ESET Research has found LuckyMouse, Tick, Winnti Group, and Calypso, among others, are likely using the recent Microsoft Exchange vulnerabilities to compromise email servers all around the world. ESET Research has discovered that more than ten different advanced persistent threat (APT) groups are exploiting the recent Microsoft Exchange vulnerabilities to compromise email servers. ESET has … More Exchange servers under siege from at least 10 APT groups