Cybersecurity News
Trickbot abuses top brands including Bank of America, Wells Fargo in attacks against customers
The malware is said to pose a "great danger" to the customers of 60 finance and tech giants.17 February 2022
Businessman admits to working as spyware broker in US and Mexico
He pleaded guilty to brokering spyware and surveillance tools.17 February 2022
Missouri will not prosecute 'hacker' reporter for daring to view state website HTML
Missouri's governor was both criticized and mocked for saying the journalist "decoded HTML source code" for malicious purposes.17 February 2022
TrickBot Ravages Customers of Amazon, PayPal and Other Top Brands
The resurgent trojan has targeted 60 top companies to harvest credentials for a wide range of applications, with an eye to virulent follow-on attacks.
16 February 2022
Massive LinkedIn Phishing, Bot Attacks Feed on the Job-Hungry
The phishing attacks are spoofing LinkedIn to target ‘Great Resignation’ job hunters, who are also being preyed on by huge data-scraping bot attacks.
16 February 2022
Red Cross Hack Linked to Iranian Influence Operation?
A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal information on more than 500,000 people receiving assistance from the group. KrebsOnSecurity has learned that the email address used by a cybercriminal actor who offered to sell the stolen ICRC data also was used to register multiple domain names the FBI says are tied to a sprawling media influence operation originating from Iran.16 February 2022
High-Severity RCE Bug Found in Popular Apache Cassandra Database
On the plus side, only instances with non-standard not recommended configurations are vulnerable. On the downside, those configurations aren't easy to track down, and it's easy as pie to exploit.
16 February 2022
Critical VMware Bugs Open ESXi, Fusion & Workstation to Attackers
A group of five security vulnerabilities could lead to a range of bad outcomes for virtual-machine enthusiasts, including command execution and DoS.
16 February 2022
Emotet Now Spreading Through Malicious Excel Files
An ongoing malicious email campaign that includes macro-laden files and multiple layers of obfuscation has been active since late December.
16 February 2022
How the initial access broker market leads to ransomware attacks
Researchers explore the attack methods of LockBit, Avaddon, Darkside, Conti, and BlackByte ransomware groups.16 February 2022
Folding the impossible into the reality of normal life
Progress is a driving force of humanity, but what does that word “progress” really mean and what part do we have to play?
The post Folding the impossible into the reality of normal life appeared first on WeLiveSecurity
16 February 2022
SquirrelWaffle Adds a Twist of Fraud to Exchange Server Malspamming
Researchers have never before seen SquirrelWaffle attackers use typosquatting to keep sending spam once a targeted Exchange server has been patched for ProxyLogon/ProxyShell.
15 February 2022
Chrome Zero-Day Under Active Attack: Patch ASAP
The year's 1st Chrome zero-day can lead to all sorts of misery, ranging from data corruption to the execution of arbitrary code on vulnerable systems.
15 February 2022
TA2541: APT Has Been Shooting RATs at Aviation for Years
Since 2017, the attacker has flung simple off-the-shelf malware in malicious email campaigns aimed at aviation, aerospace, transportation and defense.
15 February 2022
Squirrelwaffle, Microsoft Exchange Server vulnerabilities exploited for financial fraud
Unpatched servers have been used to twist corporate email threads and conduct financial theft.15 February 2022
F5 launches new SaaS app security cloud, edge computing platform
The solution aims to simplify the F5 security portfolio.15 February 2022
Questions linger after IRS’s about‑face on facial recognition
Why would a tax agency contractor’s privacy policy mention collecting information about my Facebook friends?
The post Questions linger after IRS’s about‑face on facial recognition appeared first on WeLiveSecurity
15 February 2022
BlackByte Tackles the SF 49ers & US Critical Infrastructure
Hours before the Superbowl and two days after the FBI warned about the ransomware gang, BlackByte leaked what are purportedly the NFL team's files.
14 February 2022
Wazawaka Goes Waka Waka
In January, KrebsOnSecurity examined clues left behind by "Wazawaka," the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since "lost his mind" according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. In last month's story, we explored clues that led from Wazawaka's multitude of monikers, email addresses, and passwords to a 30-something father in Abakan, Russia named Mikhail Pavlovich Matveev. This post concerns itself with the other half of Wazawaka's identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became "Orange," the founder of the ransomware-focused Dark Web forum known as "RAMP."14 February 2022
‘Cities: Skylines’ Gaming Modder Banned Over Hidden Malware
35K+ players were exposed to an auto-updater that planted a trojan that choked performance for fellow modders and Colossal Order employees.
14 February 2022
