Cybersecurity News
FritzFrog botnet returns to attack healthcare, education, government sectors
The botnet managed to strike at least 500 government and enterprise SSH servers in eight months.PHP Everywhere Bugs Put 30K+ WordPress Sites at Risk of RCE

Hidden in plain sight: How the dark web is spilling onto social media
A trip into the dark corners of Telegram, which has become a magnet for criminals peddling everything from illegal drugs to fake money and COVID-19 vaccine passes
The post Hidden in plain sight: How the dark web is spilling onto social media appeared first on WeLiveSecurity
PHP Everywhere code execution bugs impact thousands of WordPress websites
The remote code execution flaws are of critical severity.Russian Govt. Continues Carding Shop Crackdown
Russian authorities have arrested six men accused of operating some of the most active online bazaars for selling stolen payment card data. The crackdown -- the second closure of major card fraud shops by Russian authorities in as many weeks -- comes closely behind Russia's arrest of 14 alleged affiliates of the REvil ransomware gang, and has many in the cybercrime underground asking who might be next.Cybercriminals Swarm Windows Utility Regsvr32 to Spread Malware

3 Tips for Facing the Harsh Truths of Cybersecurity in 2022, Part I

Russian ransomware attacks increased during 2021, joint review finds

Britain, the US and Australia point to growth in ‘sophisticated, high-impact ransomware incidents’
There have been further increases in “sophisticated, high-impact ransomware incidents” coming from Russia and other former Soviet states during 2021, Britain, the US and Australia said in a joint review of cyber-extortion trends.
Universities and schools were one of the top sectors targeted in the UK last year, the National Cyber Security Centre (NCSC) said, as well as businesses, charities, law firms, councils and the NHS. Hackers are increasingly offering services or exploits “for hire”.
Continue reading...MoleRats APT Flaunts New Trojan in Latest Cyberespionage Campaign

Ex-Gumshoe Nabs Cybercrooks with FBI Tactics

ESET Threat Report T3 2021
A view of the T3 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
The post ESET Threat Report T3 2021 appeared first on WeLiveSecurity
Brute-forcing passwords, ProxyLogon exploits were some of 2021's most popular attack methods
Log4j also became a top pick for exploitation after the discovery of a critical RCE flaw.Lazarus hackers target defense industry with fake Lockheed Martin job offers
The APT has previously masqueraded as Northrop Grumman and BAE Systems.Microsoft Patch Tuesday, February 2022 Edition
Microsoft today released software updates to plug security holes in its Windows operating systems and related software. This month's relatively light patch batch is refreshingly bereft of any zero-day threats, or even scary critical vulnerabilities. But it does fix four dozen flaws, including several that Microsoft says will likely soon be exploited by malware or malcontents.No Critical Bugs for Microsoft February 2022 Patch Tuesday, 1 Zero-Day

China Suspected of News Corp Cyberespionage Attack

US: Your AI has to explain its decisions
No more turning a blind eye to algorithmic bias and discrimination if US lawmakers get their way
The post US: Your AI has to explain its decisions appeared first on WeLiveSecurity
Pay to play PrivateLoader spreads Smokeloader, Redline, Vidar malware
The pay-per-install malware is one of the most popular loaders on the market today.Chinese telecom Hytera charged for allegedly recruiting Motorola employees to steal trade secrets
The firm allegedly conspired with employees to steal digital radio technology.CISA Orders Federal Agencies to Fix Actively Exploited Windows Bug
