Recent Comments

    Blogroll

    Search

    Archive for Malware

    Microsoft Patch Tuesday, June 2022 Edition

    June 15th, 2022 by

    Microsoft Patch Tuesday, June 2022 Edition”

    Microsoft on Tuesday released software updates to fix 60 security vulnerabilities in its Windows operating systems and other software, including a zero-day flaw in all supported Microsoft Office versions on all flavors of Windows that’s seen active exploitation for at least two months now. On a lighter note, Microsoft is officially retiring its Internet Explorer (IE) web browser, which turns 27 years old this year.”

    Posted in Malware, Newsletters, Patches, Updates | No Comments »

    Follina abuses Microsoft Office to execute remote code

    June 3rd, 2022 by

    Follina abuses Microsoft Office to execute remote code

    “A vulnerability dubbed “Follina” could allow attackers to gain full system control of affected systems. Learn more about it and how to protect yourself from it,”

    Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

    “A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.”

    Posted in Malware, Phishing, Scams | No Comments »

    SOftware exposed by

    December 15th, 2021 by

    Log4j overview related software

    This page contains an overview of any related software regarding the Log4j vulnerability. On this page NCSC-NL will maintain a list of all known vulnerable and not vulnerable software. Furthermore any reference to the software will contain specific information regarding which version contains the security fixes, and which software still requires mitigation. Please note that this vulnerability may also occur in custom software developed within your organization. These occurrences are not registered in this overview.

    Posted in Malware | No Comments »

    Beware Fake Windows 11 installers

    July 26th, 2021 by

    Fake Windows 11 installers are being used to distribute malware

    Microsoft released the first Windows 11 Insider Preview build on June 28, and has been frequently updating it in the past month or so, with the latest build landing just over a day ago. While the process to upgrade your existing PC to Windows 11 is fairly simple in the sense that you just have to enroll your machine into the Dev channel of the Windows Insider Program and have the build seeded to you, many have been trying other methods of obtaining unofficial ISOs and are being infected with malware instead.”

    Posted in Malware | No Comments »

    Microsoft takes down domains used to scam Office 365 users

    July 20th, 2021 by

    Microsoft takes down domains used to scam Office 365 users

    “Microsoft’s Digital Crimes Unit (DCU) has seized 17 malicious domains used by scammers in a business email compromise (BEC) campaign targeting the company’s customers.

    The domains taken down by Microsoft were so-called “homoglyph” domains registered to resemble those of legitimate business. This technique allowed the threat actors to impersonate companies when communicating with their clients.

    According to the complaint filed by Microsoft last week (more details available in the court order), they used the domains registered via NameSilo LLC and KS Domains Ltd./Key-Systems GmbH as malicious infrastructure in BEC attacks against Office 365 customers and services.”

    Posted in Identity Theft, Malware, Ransomware, Scams | No Comments »

    Using MyBook? Disconnect from the Internet and read here!

    June 26th, 2021 by

    MyBook Users Urged to Unplug Devices from Internet

    “Hard drive giant Western Digital is urging users of its MyBook Live brand of network storage drives to disconnect them from the Internet, warning that malicious hackers are remotely wiping the drives using a critical flaw that can be triggered by anyone who knows the Internet address of an affected device.”

    Posted in Malware, Security Breeches | No Comments »

    More Phishing attacks on Office 365

    May 5th, 2021 by

    Malicious Office 365 Apps Are the Ultimate Insiders

    “Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.”

    Posted in Identity Theft, Malware, Phishing | No Comments »

    SonicWall Breached

    April 30th, 2021 by

    New ransomware group uses SonicWall zero-day to breach networks

    “A financially motivated threat actor exploited a zero-day bug in Sonicwall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets.

    The group, tracked by Mandiant threat analysts as UNC2447, exploited the CVE-2021-20016 Sonicwall vulnerability to breach networks and deploy FiveHands ransomware payloads before patches were released in late February 2021.

    Prior to deploying the ransomware payloads, UNC2447 was also observed using Cobalt Strike implants for gaining persistence and installing a SombRAT backdoor variant, a malware first spotted in the CostaRicto campaign coordinated by a group of mercenary hackers.

    The zero-day was also exploited in attacks targeting SonicWall’s internal systems in January and later abused indiscriminately in the wild.”

    Posted in Identity Theft, Malware | No Comments »

    Ransomware: $260K USD in 5 days!

    April 26th, 2021 by

    A ransomware gang made $260,000 in 5 days using the 7zip utility

    “A ransomware gang has made $260,000 in just five days simply by remotely encrypting files on QNAP devices using the 7zip archive program.

    Starting on Monday, QNAP NAS users from all over the world suddenly found their files encrypted after a ransomware operation called Qlocker exploited vulnerabilities on their devices.”

    Posted in Malware, Ransomware | No Comments »

    Ever use ParkMobile app? You may have been compromised!

    April 13th, 2021 by

    ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

    “Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses.”

    Posted in Malware, Newsletters, Security Breeches | No Comments »

    « Previous Entries