Recent Comments

    Blogroll

    Search

    Archive for Malware

    More Phishing attacks on Office 365

    May 5th, 2021 by

    Malicious Office 365 Apps Are the Ultimate Insiders

    “Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.”

    Posted in Identity Theft, Malware, Phishing | No Comments »

    SonicWall Breached

    April 30th, 2021 by

    New ransomware group uses SonicWall zero-day to breach networks

    “A financially motivated threat actor exploited a zero-day bug in Sonicwall SMA 100 Series VPN appliances to deploy new ransomware known as FiveHands on the networks of North American and European targets.

    The group, tracked by Mandiant threat analysts as UNC2447, exploited the CVE-2021-20016 Sonicwall vulnerability to breach networks and deploy FiveHands ransomware payloads before patches were released in late February 2021.

    Prior to deploying the ransomware payloads, UNC2447 was also observed using Cobalt Strike implants for gaining persistence and installing a SombRAT backdoor variant, a malware first spotted in the CostaRicto campaign coordinated by a group of mercenary hackers.

    The zero-day was also exploited in attacks targeting SonicWall’s internal systems in January and later abused indiscriminately in the wild.”

    Posted in Identity Theft, Malware | No Comments »

    Ransomware: $260K USD in 5 days!

    April 26th, 2021 by

    A ransomware gang made $260,000 in 5 days using the 7zip utility

    “A ransomware gang has made $260,000 in just five days simply by remotely encrypting files on QNAP devices using the 7zip archive program.

    Starting on Monday, QNAP NAS users from all over the world suddenly found their files encrypted after a ransomware operation called Qlocker exploited vulnerabilities on their devices.”

    Posted in Malware, Ransomware | No Comments »

    Ever use ParkMobile app? You may have been compromised!

    April 13th, 2021 by

    ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

    “Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses.”

    Posted in Malware, Newsletters, Security Breeches | No Comments »

    Your Exchange Server Hacked? Not by Brian Krebs!!

    March 29th, 2021 by

    No, I Did Not Hack Your MS Exchange Server

    “New data suggests someone has compromised more than 21,000 Microsoft Exchange Server email systems worldwide and infected them with malware that invokes both KrebsOnSecurity and Yours Truly by name.”

    Posted in Identity Theft, Malware, Security Breeches | No Comments »

    New Chrome Zero Day Flaw

    March 16th, 2021 by

    Google Warns Mac, Windows Users of Chrome Zero-Day Flaw

    “The use-after-free vulnerability is the third Google Chrome zero-day flaw to be disclosed in three months.

    Google is hurrying out a fix for a vulnerability in its Chrome browser that’s under active attack – its third zero-day flaw so far this year. If exploited, the flaw could allow remote code-execution and denial-of-service attacks on affected systems.

    The vulnerability exists in Blink, the browser engine for Chrome developed as part of the Chromium project. Browser engines convert HTML documents and other web page resources into the visual representations viewable to end users.”

    Posted in Identity Theft, Malware, Patches, Security Breeches | No Comments »

    Are you using a “free” VPN? Be careful!

    March 15th, 2021 by

    21 million free VPN users’ data exposed

    “Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. The data includes email addresses, randomly generated password strings, payment information, and device IDs belonging to users of three VPN apps—SuperVPN, GeckoVPN, and ChatVPN.”

    Posted in Identity Theft, Malware | No Comments »

    Multiple Security Updates Released for Exchange Server

    March 6th, 2021 by

    Multiple Security Updates Released for Exchange Server – updated March 5, 2021
    (Updated March 5, 2021)

    “Today we are releasing several security updates for Microsoft Exchange Server to address vulnerabilities that have been used in limited targeted attacks. Due to the critical nature of these vulnerabilities, we recommend that customers apply the updates to affected systems immediately to protect against these exploits and to prevent future abuse across the ecosystem. “

    Posted in Identity Theft, Malware, Security Breeches | No Comments »

    New Checkout Skimmers Need no Power

    February 24th, 2021 by

    Checkout Skimmers Powered by Chip Cards

    “Easily the most sophisticated skimming devices made for hacking terminals at retail self-checkout lanes are a new breed of PIN pad overlay combined with a flexible, paper-thin device that fits inside the terminal’s chip reader slot. What enables these skimmers to be so slim? They draw their power from the low-voltage current that gets triggered when a chip-based card is inserted. As a result, they do not require external batteries, and can remain in operation indefinitely.”

    Posted in Identity Theft, Malware | No Comments »

    Google Chrome Zero-Day Vulnerability

    February 6th, 2021 by

    Google Chrome Zero-Day Afflicts Windows, Mac Users

    Google is warning of a zero-day vulnerability in its V8 open-source web engine that’s being actively exploited by attackers.

    A patch has been issued in version 88 of Google’s Chrome browser — specifically, version 88.0.4324.150 for Windows, Mac and Linux. This update will roll out over the coming days and weeks, said Google. The flaw (CVE-2021-21148) stems from a heap-buffer overflow, said Google.

    Posted in Malware, Patches | No Comments »

    « Previous Entries