Cybersecurity News
Ukrainian man extradited to the US to face botnet, data theft charges
The suspect has been detained ahead of his trial.10 September 2021
Thousands of Fortinet VPN Account Credentials Leaked
They were posted for free by former Babuk gang members who’ve bickered, squabbled and huffed off to start their own darn ransomware businesses, dagnabbit.
09 September 2021
McDonald’s Email Blast Includes Password to Monopoly Game Database
Usernames, passwords for database sent in prize redemption emails.
09 September 2021
Howard University suffers cyberattack, suspends online classes in aftermath
The university suffered a ransomware attack, however there is no evidence so far of data being accessed or stolen.
The post Howard University suffers cyberattack, suspends online classes in aftermath appeared first on WeLiveSecurity
09 September 2021
Financial Cybercrime: Why Cryptocurrency is the Perfect ‘Getaway Car’
John Hammond, security researcher with Huntress, discusses how financially motivated cybercrooks use and abuse cryptocurrency.
09 September 2021
‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise
A chain of exploits could allow a malicious Azure user to infiltrate other customers' cloud instances within Microsoft's container-as-a-service offering.
09 September 2021
SideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’
Grayfly campaigns have launched the novel malware against businesses in Taiwan, Vietnam, the US and Mexico and are targeting Exchange and MySQL servers.
09 September 2021
Zoho Password Manager Zero-Day Bug Under Active Attack Gets a Fix
An authentication bypass vulnerability leading to remote code execution offers up the keys to the corporate kingdom.
09 September 2021
BladeHawk Attackers Target Kurds with Android Apps
Pro-Kurd Facebook profiles deliver '888 RAT' and 'SpyNote' trojans, masked as legitimate apps, to perform mobile espionage.
09 September 2021
Attacker releases credentials for 87,000 FortiGate SSL VPN devices
Access data for FortiGate devices was obtained by exploiting a known, old vulnerability.09 September 2021
91% of IT teams have felt 'forced' to trade security for business operations
When it comes to remote work, security is often the last thing on the priority list.09 September 2021
GitHub tackles severe vulnerabilities in Node.js packages
Bugs impacting tar and @npmcli/arborist were reported through a bug bounty program.09 September 2021
What Ragnar Locker Got Wrong About Ransomware Negotiators – Podcast
There are a lot of "tells" that the ransomware group doesn't understand how negotiators work, despite threatening to dox data if victims call for help.
08 September 2021
Tooling Network Detection & Response for Ransomware
Justin Jett, director of audit and compliance at Plixer, discusses how to effectively use network flow data in the fight against ransomware.
08 September 2021
Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports
Australian immunization app bug lets attackers fake vaccine status.
08 September 2021
TeamTNT’s New Tools Target Multiple OS
The attackers are indiscriminately striking thousands of victims worldwide with their new “Chimaera” campaign.
08 September 2021
Microsoft: Attackers Exploiting Windows Zero-Day Flaw
Microsoft Corp. warned Tuesday that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.08 September 2021
Pro-Chinese government propaganda campaign spurs on COVID-19 protests in the US
The campaign is far more extensive than previously thought.08 September 2021
Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows
Attackers are actively attempting to exploit a vulnerability in MSHTML that allows them to craft a malicious ActiveX control to be used by Microsoft Office files.
08 September 2021
Operation Chimaera: TeamTNT hacking group strikes thousands of victims worldwide
The cybercriminals are now indiscriminate in the operating systems they attack.08 September 2021
