This article has been indexed from Threatpost The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn. Read the original article: ChromeLoader Browser Hijacker Provides Gateway…
Category: threatpost
Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack
This article has been indexed from Threatpost Malware loads itself from remote servers and bypasses Microsoft’s Defender AV scanner, according to reports. Read the original article: Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack
Critical Flaws in Popular ICS Platform Can Trigger RCE
This article has been indexed from Threatpost Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks. Read the original article: Critical Flaws in Popular ICS Platform Can Trigger…
Cybergang Claims REvil is Back, Executes DDoS Attacks
This article has been indexed from Threatpost Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin. Read the original article: Cybergang Claims REvil is…
Verizon Report: Ransomware, Human Error Among Top Security Risks
This article has been indexed from Threatpost 2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur. Read the original article: Verizon Report: Ransomware, Human Error Among Top…
Zoom Patches ‘Zero-Click’ RCE Bug
This article has been indexed from Threatpost The Google Project Zero researcher found a bug in XML parsing on the Zoom client and server. Read the original article: Zoom Patches ‘Zero-Click’ RCE Bug
Link Found Connecting Chaos, Onyx and Yashma Ransomware
This article has been indexed from Threatpost A slip-up by a malware author has allowed researchers to taxonomize three ransomware variations going by different names. Read the original article: Link Found Connecting Chaos, Onyx and Yashma Ransomware
Fronton IOT Botnet Packs Disinformation Punch
This article has been indexed from Threatpost Fronton botnet has far more ability than launching DDOS attack, can track social media trends and launch suitable propaganda. Read the original article: Fronton IOT Botnet Packs Disinformation Punch
Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches
This article has been indexed from Threatpost Mohit Tiwari, CEO of Symmetry Systems, explores Zero Trust, data objects and the NIST framework for cloud and on-prem environments. Read the original article: Zero Trust for Data Helps Enterprises Detect, Respond and…
Snake Keylogger Spreads Through Malicious PDFs
This article has been indexed from Threatpost Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug. Read the original article: Snake Keylogger Spreads Through Malicious PDFs
Closing the Gap Between Application Security and Observability
This article has been indexed from Threatpost Daniel Kaar, global director application security engineering at Dynatrace, highlights the newfound respect for AppSec-enabled observability in the wake of Log4Shell. Read the original article: Closing the Gap Between Application Security and Observability
380K Kubernetes API Servers Exposed to Public Internet
This article has been indexed from Threatpost More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access. Read the original article: 380K Kubernetes API Servers Exposed to Public Internet
Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover
This article has been indexed from Threatpost Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites. Read the original article: Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover
DOJ Says Doctor is Malware Mastermind
This article has been indexed from Threatpost The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind. Read the original article: DOJ Says Doctor is Malware Mastermind
April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell
This article has been indexed from Threatpost Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild. Read the original article: April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell
APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days
This article has been indexed from Threatpost Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise. Read the original article: APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days
Sysrv-K Botnet Targets Windows, Linux
This article has been indexed from Threatpost Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins. Read the original article: Sysrv-K Botnet Targets Windows, Linux
iPhones Vulnerable to Attack Even When Turned Off
This article has been indexed from Threatpost Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware. Read the original article: iPhones Vulnerable to Attack Even When…
Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors
This article has been indexed from Threatpost Microsoft’s May Patch Tuesday update is triggering authentication errors. Read the original article: Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors
Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service
This article has been indexed from Threatpost An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers. Read the original article: Threat Actors Use Telegram to…
Malware Builder Leverages Discord Webhooks
This article has been indexed from Threatpost Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks. Read the original article: Malware Builder Leverages Discord Webhooks
You Can’t Eliminate Cyberattacks, So Focus on Reducing the Blast Radius
This article has been indexed from Threatpost Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company’s attack surface and the “blast radius” of a potential attack. Read the original article: You Can’t Eliminate Cyberattacks, So…
Novel ‘Nerbian’ Trojan Uses Advanced Anti-Detection Tricks
This article has been indexed from Threatpost The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found. Read the original article: Novel ‘Nerbian’ Trojan Uses Advanced Anti-Detection Tricks
Novel Phishing Trick Uses Weird Links to Bypass Spam Filters
This article has been indexed from Threatpost A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains. Read the original article: Novel Phishing Trick Uses Weird Links to Bypass Spam Filters
Intel Memory Bug Poses Risk for Hundreds of Products
This article has been indexed from Threatpost Dell and HP were among the first to release patches and fixes for the bug. Read the original article: Intel Memory Bug Poses Risk for Hundreds of Products
Actively Exploited Zero-Day Bug Patched by Microsoft
This article has been indexed from Threatpost Microsoft’s May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments. Read the original article: Actively Exploited Zero-Day Bug Patched…
Ransomware Deals Deathblow to 157-year-old College
This article has been indexed from Threatpost Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much. Read the original article: Ransomware Deals Deathblow to 157-year-old…
Hackers Actively Exploit F5 BIG-IP Bug
This article has been indexed from Threatpost The bug has a severe rating of 9.8, public exploits are released. Read the original article: Hackers Actively Exploit F5 BIG-IP Bug
Conti Ransomware Attack Spurs State of Emergency in Costa Rica
This article has been indexed from Threatpost The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks. Read the original article: Conti Ransomware Attack Spurs State of Emergency in Costa…
Low-rent RAT Worries Researchers
This article has been indexed from Threatpost Researchers say a hacker is selling access to quality malware for chump change. Read the original article: Low-rent RAT Worries Researchers
FBI: Rise in Business Email-based Attacks is a $43B Headache
This article has been indexed from Threatpost A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem. Read the original article: FBI: Rise in Business Email-based Attacks is a $43B Headache
Podcast: The State of Secret Sprawl
This article has been indexed from Threatpost In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well…
Podcast: The State of the Secret Sprawl
This article has been indexed from Threatpost In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well…
USB-based Wormable Malware Targets Windows Installer
This article has been indexed from Threatpost Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. Read the original article: USB-based Wormable Malware Targets Windows Installer
F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
This article has been indexed from Threatpost The vulnerability is ‘critical’ with a CVSS severity rating of 9.8 out of 10. Read the original article: F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
CANs Reinvent LANs for an All-Local World
This article has been indexed from Threatpost A close look at a new type of network, known as a Cloud Area Network. Read the original article: CANs Reinvent LANs for an All-Local World
VHD Ransomware Linked to North Korea’s Lazarus Group
This article has been indexed from Threatpost Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said. Read the original article: VHD Ransomware Linked to North Korea’s…
China-linked APT Caught Pilfering Treasure Trove of IP
This article has been indexed from Threatpost A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data. Read the original article: China-linked APT Caught Pilfering Treasure Trove of IP
Attackers Use Event Logs to Hide Fileless Malware
This article has been indexed from Threatpost A sophisticated campaign utilizes a novel anti-detection method. Read the original article: Attackers Use Event Logs to Hide Fileless Malware
Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk
This article has been indexed from Threatpost A flaw in all versions of the popular C standard libraries uClibe and uClibe-ng can allow for DNS poisoning attacks against target devices. Read the original article: Unpatched DNS Bug Puts Millions of…
Mozilla: Lack of Security Protections in Mental-Health Apps Is ‘Creepy’
This article has been indexed from Threatpost Popular apps to support people’s psychological and spiritual well-being can harm them by sharing their personal and sensitive data with third parties, among other privacy offenses. Read the original article: Mozilla: Lack of…
Bad Actors Are Maximizing Remote Everything
This article has been indexed from Threatpost Aamir Lakhani, global security strategist and researcher at FortiGuard Labs, zeroes in on how adversaries are targeting ‘remote everything’. Read the original article: Bad Actors Are Maximizing Remote Everything
Deep Dive: Protecting Against Container Threats in the Cloud
This article has been indexed from Threatpost A deep dive into securing containerized environments and understanding how they present unique security challenges. Read the original article: Deep Dive: Protecting Against Container Threats in the Cloud
Security Turbulence in the Cloud: Survey Says…
This article has been indexed from Threatpost Exclusive Threatpost research examines organizations’ top cloud security concerns, attitudes towards zero-trust and DevSecOps. Read the original article: Security Turbulence in the Cloud: Survey Says…
Cyberespionage APT Now Identified as Three Separate Actors
This article has been indexed from Threatpost The threat group known as TA410 that wields the sophisticated FlowCloud RAT actually has three subgroups operating globally, each with their own toolsets and targets. Read the original article: Cyberespionage APT Now Identified…
Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens
This article has been indexed from Threatpost GitHub shared the timeline of breaches in April 2022, this timeline encompasses the information related to when a threat actor gained access and stole private repositories belonging to dozens of organizations. Read the…
Cyberattacks Rage in Ukraine, Support Military Operations
This article has been indexed from Threatpost At least five APTs are believed involved with attacks tied ground campaigns and designed to damage Ukraine’s digital infrastructure. Read the original article: Cyberattacks Rage in Ukraine, Support Military Operations
Emotet is Back From ‘Spring Break’ With New Nasty Tricks
This article has been indexed from Threatpost The Botnet appears to use a new delivery method for compromising Windows systems after Microsoft disables VBA macros by default. Read the original article: Emotet is Back From ‘Spring Break’ With New Nasty…
Millions of Java Apps Remain Vulnerable to Log4Shell
This article has been indexed from Threatpost Four months after the critical flaw was discovered, attackers have a massive attack surface from which they can exploit the flaw and take over systems, researchers found. Read the original article: Millions of…
Firms Push for CVE-Like Cloud Bug System
This article has been indexed from Threatpost Researchers propose fresh approaches to cloud-security bugs and mitigating exposure, impact and risk. Read the original article: Firms Push for CVE-Like Cloud Bug System
Nation-state Hackers Target Journalists with Goldbackdoor Malware
This article has been indexed from Threatpost A campaign by APT37 used a sophisticated malware to steal information about sources , which appears to be a successor to Bluelight. Read the original article: Nation-state Hackers Target Journalists with Goldbackdoor Malware
Lapsus$ Hackers Target T-Mobile
This article has been indexed from Threatpost No government and customer data was accessed. Read the original article: Lapsus$ Hackers Target T-Mobile
Zero-Trust For All: A Practical Guide
This article has been indexed from Threatpost How to use zero-trust architecture effectively in today’s modern cloud-dependent infrastructures. Read the original article: Zero-Trust For All: A Practical Guide
Skeletons in the Closet: Security 101 Takes a Backseat to 0-days
This article has been indexed from Threatpost Nate Warfield, CTO at Prevailion, discusses the dangers of focusing on zero-day security vulnerabilities, and how security teams are being distracted from the day-to-day work that prevents most breaches. Read the original article:…
Protect Your Executives’ Cybersecurity Amidst Global Cyberwar
This article has been indexed from Threatpost In this time of unprecedented cyberwar, organizations must protect the personal digital lives of their executives in order to reduce the company’s risk of direct or collateral damage. Read the original article: Protect…
‘CatalanGate’ Spyware Infections Tied to NSO Group
This article has been indexed from Threatpost Citizen Lab uncovers multi-year campaign targeting autonomous region of Spain, called Catalonia. Read the original article: ‘CatalanGate’ Spyware Infections Tied to NSO Group
Rethinking Cyber-Defense Strategies in the Public-Cloud Age
This article has been indexed from Threatpost Exploring what’s next for public-cloud security, including top risks and how to implement better risk management. Read the original article: Rethinking Cyber-Defense Strategies in the Public-Cloud Age
Google: 2021 was a Banner Year for Exploited 0-Day Bugs
This article has been indexed from Threatpost Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes. Read the original article: Google: 2021 was a Banner Year for Exploited 0-Day Bugs
Most Email Security Approaches Fail to Block Common Threats
This article has been indexed from Threatpost A full 89 percent of organizations experienced one or more successful email breaches during the previous 12 months, translating into big-time costs. Read the original article: Most Email Security Approaches Fail to Block…
Attackers Spoof WhatsApp Voice-Message Alerts to Steal Info
This article has been indexed from Threatpost Threat actors target Office 365 and Google Workspace in a new campaign, which uses a legitimate domain associated with a road-safety center in Moscow to send messages. Read the original article: Attackers Spoof…
Authorities Fully Behead Hydra Dark Marketplace
This article has been indexed from Threatpost The popular underground market traded in drugs, stolen data, forged documents and more — raking in billions in Bitcoin. Read the original article: Authorities Fully Behead Hydra Dark Marketplace
No-Joke Borat RAT Propagates Ransomware, DDoS
This article has been indexed from Threatpost This fresh malware strain extends the functionality of typical trojans with advanced functionality and a series of modules for launching various types of threat activity. Read the original article: No-Joke Borat RAT Propagates…
Apple Rushes Out Patches for 0-Days in MacOS, iOS
This article has been indexed from Threatpost The vulnerabilities could allow threat actors to disrupt or access kernel activity and may be under active exploit. Read the original article: Apple Rushes Out Patches for 0-Days in MacOS, iOS
Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks
This article has been indexed from Threatpost Ghostwriter is one of 3 campaigns using war-themed attacks, with cyber-fire coming in from government-backed actors in China, Iran, North Korea & Russia. Read the original article: Belarusian ‘Ghostwriter’ Actor Picks Up BitB…
Automaker Cybersecurity Lagging Behind Tech Adoption, Experts Warn
This article has been indexed from Threatpost A bug in Honda is indicative of the sprawling car-attack surface that could give cyberattackers easy access to victims, as global use of ‘smart car tech’ and EVs surges. Read the original article:…
QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug
This article has been indexed from Threatpost QNAP is warning clients that a recently disclosed vulnerability affects most of its NAS devices, with no mitigation available while the vendor readies a patch. Read the original article: QNAP Customers Adrift, Waiting…
A Blockchain Primer and a Bored Ape Headscratcher – Podcast
This article has been indexed from Threatpost Mystified? Now’s the time to learn about cryptocurrency-associated risks: Listen to KnowBe4’s Dr. Lydia Kostopoulos explain blockchain, NFTs and how to stay safe. Read the original article: A Blockchain Primer and a Bored…
RCE Bug in Spring Cloud Could Be the Next Log4Shell, Researchers Warn
This article has been indexed from Threatpost The so-called ‘Spring4Shell’ bug has cropped up, so to speak, and could be lurking in any number of Java applications. Read the original article: RCE Bug in Spring Cloud Could Be the Next…
Critical RCE Bug in Spring Could Be the Next Log4Shell, Researchers Warn
This article has been indexed from Threatpost The so-called ‘Spring4Shell’ bug has cropped up, so to speak, and could be lurking in literally millions of Java applications. Read the original article: Critical RCE Bug in Spring Could Be the Next…
Cyberattackers Target UPS Backup Power Devices in Mission-Critical Environments
This article has been indexed from Threatpost The active attacks could result in critical-infrastructure damage, business disruption, lateral movement and more. Read the original article: Cyberattackers Target UPS Backup Power Devices in Mission-Critical Environments
Google Chrome Bug Actively Exploited as Zero-Day
This article has been indexed from Threatpost The internet giant issued an update for the bug, which is found in the open-source V8 JavaScript engine. Read the original article: Google Chrome Bug Actively Exploited as Zero-Day
Lapsus$ ‘Back from Vacation’
This article has been indexed from Threatpost Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers’ DevOps platforms – to its hit list. Read the original article: Lapsus$ ‘Back from Vacation’
MSHTML Flaw Exploited to Attack Russian Dissidents
This article has been indexed from Threatpost A Ukrainian-based threat actor is spearphishing Russians who are using services that have been banned by the Kremlin. Read the original article: MSHTML Flaw Exploited to Attack Russian Dissidents
Log4JShell Used to Swarm VMware Servers with Miners, Backdoors
This article has been indexed from Threatpost Researchers have found three backdoors and four miners in attacks exploiting the Log4Shell vulnerability, some of which are still ongoing. Read the original article: Log4JShell Used to Swarm VMware Servers with Miners, Backdoors
Exchange Servers Speared in IcedID Phishing Campaign
This article has been indexed from Threatpost The ever-evolving malware shows off new tactics that use email thread hijacking and other obfuscation techniques to provide advanced evasion techniques. Read the original article: Exchange Servers Speared in IcedID Phishing Campaign
Okta Says It Goofed in Handling the Lapsus$ Attack
This article has been indexed from Threatpost “We made a mistake,” Okta said, owning up to its responsibility for security incidents that hit its service providers and potentially its own customers. Read the original article: Okta Says It Goofed in…
Critical Sophos Security Bug Allows RCE on Firewalls
This article has been indexed from Threatpost The security vendor’s appliance suffers from an authentication-bypass issue. Read the original article: Critical Sophos Security Bug Allows RCE on Firewalls
DOJ Indicts Russian Gov’t Employees Over Targeting Power Sector
This article has been indexed from Threatpost The supply-chain attack on the U.S. energy sector targeted thousands of computers at hundreds of organizations, including at least one nuclear power plant. Read the original article: DOJ Indicts Russian Gov’t Employees Over…
Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch
This article has been indexed from Threatpost Two separate campaigns from different threat actors targeted users with the same exploit kit for more than a month before the company fixed an RCE flaw found in February. Read the original article:…
UK Cops Collar 7 Suspected Lapsus$ Gang Members
This article has been indexed from Threatpost London Police can’t say if they nabbed the 17-year-old suspected mastermind & multimillionaire – but researchers say they’ve been tracking an Oxford teen since mid-2021. Read the original article: UK Cops Collar 7…
Microsoft Azure Developers Awash in PII-Stealing npm Packages
This article has been indexed from Threatpost A large-scale, automated typosquatting attack saw 200+ malicious packages flood the npm code repository, targeting popular Azure scopes. Read the original article: Microsoft Azure Developers Awash in PII-Stealing npm Packages
Just-Released Dark Souls Game, Elden Ring, Includes Killer Bug
This article has been indexed from Threatpost A patch fixes exploit hidden in Elden Ring that traps PC players in a ‘death loop.’ Read the original article: Just-Released Dark Souls Game, Elden Ring, Includes Killer Bug
HubSpot Data Breach Ripples Through Crytocurrency Industry
This article has been indexed from Threatpost ~30 crypto companies were affected, including BlockFi, Swan Bitcoin and NYDIG, providing an uncomfortable reminder about how much data CRM systems snarf up. Read the original article: HubSpot Data Breach Ripples Through Crytocurrency…
Chinese APT Combines Fresh Hodur RAT with Complex Anti-Detection
This article has been indexed from Threatpost Mustang Panda’s already sophisticated cyberespionage campaign has matured even further with the introduction of a brand-new PlugX RAT variant. Read the original article: Chinese APT Combines Fresh Hodur RAT with Complex Anti-Detection
Microsoft Help Files Disguise Vidar Malware
This article has been indexed from Threatpost Attackers are hiding interesting malware in a boring place, hoping victims won’t bother to look. Read the original article: Microsoft Help Files Disguise Vidar Malware
Tax-Season Scammers Spoof Fintechs Stash, Public
This article has been indexed from Threatpost Threat actors are impersonating such wildly popular personal-finance apps (which are used more than social media or streaming services) to try to fool people into giving up their credentials. Read the original article:…
Top 3 Attack Trends in API Security – Podcast
This article has been indexed from Threatpost Bots & automated attacks have exploded, with attackers and developers alike in love with APIs, according to a new Cequence Security report. Hacker-in-residence Jason Kent explains the latest. Read the original article: Top…
DeadBolt Ransomware Resurfaces to Hit QNAP Again
This article has been indexed from Threatpost A new steady stream of attacks against network-attached storage devices from the Taiwan-based vendor is similar to a wave that occurred in January. Read the original article: DeadBolt Ransomware Resurfaces to Hit QNAP…
Microsoft: Lapsus$ Used Employee Account to Steal Source Code
This article has been indexed from Threatpost The data-extortion gang got at Microsoft’s Azure DevOps server. Meanwhile, fellow Lapsus$ victim and authentication firm Okta said 2.5 percent of customers were affected in its own Lapsus$ attack. Read the original article:…
Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta
This article has been indexed from Threatpost Lapsus$ shared screenshots of internal Okta systems and 40Gb of purportedly stolen Microsoft data on Bing, Bing Maps and Cortana. Read the original article: Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta
Russia Lays Groundwork for Cyberattacks on US Infrastructure – White House
This article has been indexed from Threatpost “Evolving intelligence” shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said — but researchers warn that many orgs are not prepared. Read the original article: Russia Lays…
Russia Lays Groundwork for Cyberattacks on US Infrastructure – White House
This article has been indexed from Threatpost “Evolving intelligence” shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said — but researchers warn that many orgs are not prepared. Read the original article: Russia Lays…
Russia Lays Groundwork for Cyberattacks on US Infrastructure
This article has been indexed from Threatpost “Evolving intelligence” shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said — but researchers warn that many orgs are not prepared. Read the original article: Russia Lays…
FIDO: Here’s Another Knife to Help Murder Passwords
This article has been indexed from Threatpost After years of promising a passwordless future – really, any day now! – FIDO is proposing tweaks to WebAuthn that could put us out of password misery. Experts aren’t so sure. Read the…
Serpent Backdoor Slithers into Orgs Using Chocolatey Installer
This article has been indexed from Threatpost An unusual attack using an open-source Python package installer called Chocolatey, steganography and Scheduled Tasks is stealthily delivering spyware to companies. Read the original article: Serpent Backdoor Slithers into Orgs Using Chocolatey Installer
Browser-in-the-Browser Attack Makes Phishing Nearly Invisible
This article has been indexed from Threatpost Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft,…
Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts
This article has been indexed from Threatpost The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it’s actually spyware capable of stealing any and all information from victims’ social-media accounts. Read the original…
Conti Ransomware V. 3, Including Decryptor, Leaked
This article has been indexed from Threatpost The latest is a fresher version of the ransomware pro-Ukraine researcher ContiLeaks already released, but it’s reportedly clunkier code. Read the original article: Conti Ransomware V. 3, Including Decryptor, Leaked
Bridgestone Hit as Ransomware Torches Toyota Supply Chain
This article has been indexed from Threatpost A ransomware attack struck Bridgestone Americas, weeks after another Toyota supplier experienced the same and a third reported some kind of cyber hit. Read the original article: Bridgestone Hit as Ransomware Torches Toyota…
Agencies Warn on Satellite Hacks & GPS Jamming Affecting Airplanes, Critical Infrastructure
This article has been indexed from Threatpost The Russian invasion of Ukraine has coincided with the jamming of airplane navigation systems and hacks on the SATCOM networks that empower critical infrastructure. Read the original article: Agencies Warn on Satellite Hacks…