May 5th, 2021 by hankshelp
“Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.”
Posted in Identity Theft, Malware, Phishing | No Comments »
April 30th, 2021 by hankshelp
“A financially motivated threat actor exploited a zero-day bug in Sonicwall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets.
The group, tracked by Mandiant threat analysts as UNC2447, exploited the CVE-2021-20016 Sonicwall vulnerability to breach networks and deploy FiveHands ransomware payloads before patches were released in late February 2021.
Prior to deploying the ransomware payloads, UNC2447 was also observed using Cobalt Strike implants for gaining persistence and installing a SombRAT backdoor variant, a malware first spotted in the CostaRicto campaign coordinated by a group of mercenary hackers.
The zero-day was also exploited in attacks targeting SonicWall’s internal systems in January and later abused indiscriminately in the wild.”
Posted in Identity Theft, Malware | No Comments »
April 26th, 2021 by hankshelp
“A ransomware gang has made $260,000 in just five days simply by remotely encrypting files on QNAP devices using the 7zip archive program.
Starting on Monday, QNAP NAS users from all over the world suddenly found their files encrypted after a ransomware operation called Qlocker exploited vulnerabilities on their devices.”
Posted in Malware, Ransomware | No Comments »
March 29th, 2021 by hankshelp
“New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name.”
Posted in Identity Theft, Malware, Security Breeches | No Comments »
March 16th, 2021 by hankshelp
“The use-after-free vulnerability is the third Google Chrome zero-day flaw to be disclosed in three months.
Google is hurrying out a fix for a vulnerability in its Chrome browser that’s under active attack – its third zero-day flaw so far this year. If exploited, the flaw could allow remote code-execution and denial-of-service attacks on affected systems.
The vulnerability exists in Blink, the browser engine for Chrome developed as part of the Chromium project. Browser engines convert HTML documents and other web page resources into the visual representations viewable to end users.”
Posted in Identity Theft, Malware, Patches, Security Breeches | No Comments »
March 15th, 2021 by hankshelp
“Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. The data includes email addresses, randomly generated password strings, payment information, and device IDs belonging to users of three VPN apps—SuperVPN, GeckoVPN, and ChatVPN.”
Posted in Identity Theft, Malware | No Comments »
March 6th, 2021 by hankshelp
“Today we are releasing several security updates for Microsoft Exchange Server to address vulnerabilities that have been used in limited targeted attacks. Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem. “
Posted in Identity Theft, Malware, Security Breeches | No Comments »
February 24th, 2021 by hankshelp
“Easily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminal’s chip reader slot. What enables these skimmers to be so slim? They draw their power from the low-voltage current that gets triggered when a chip-based card is inserted. As a result, they do not require external batteries, and can remain in operation indefinitely.”
Posted in Identity Theft, Malware | No Comments »
February 6th, 2021 by hankshelp
“Google is warning of a zero-day vulnerability in its V8 open-source web engine that’s being actively exploited by attackers.
A patch has been issued in version 88 of Google’s Chrome browser — specifically, version 88.0.4324.150 for Windows, Mac and Linux. This update will roll out over the coming days and weeks, said Google. The flaw (CVE-2021-21148) stems from a heap-buffer overflow, said Google.“
Posted in Malware, Patches | No Comments »