Microsoft July 2022 Patch Tuesday fixes exploited zero-day, 84 flaws
Today is Microsoft's July 2022 Patch Tuesday, and with it comes fixes for one actively exploited zero-day vulnerability and a total of 84 flaws. [...]
Showing only posts by Lawrence Abrams. Show all posts.
How to auto block macros in Microsoft Office docs from the internet
With Microsoft temporarily rolling back a feature that automatically blocks macros in Microsoft Office files downloaded from the Internet, it is essential to learn how to configure this security setting manually. This article will explain why users should block macros and how you can block them in Microsoft Office …
Mangatoon data breach exposes data from 23 million accounts
Manga comic reading app Mangatoon has suffered a data breach that exposed the account information of 23 million users after a hacker stole it from an Elasticsearch database. [...]
The Week in Ransomware - July 8th 2022 - One down, many to go
While we continue to see new ransomware operations launch, we also received some good news this week, with another ransomware shutting down. [...]
New 0mega ransomware targets businesses in double-extortion attacks
A new ransomware operation named '0mega' targets organizations worldwide in double-extortion attacks and demands millions of dollars in ransoms. [...]
Fake copyright complaints push IcedID malware using Yandex Forms
[...]
Ransomware, hacking groups move from Cobalt Strike to Brute Ratel
Hacking groups and ransomware operations are moving away from Cobalt Strike to the newer Brute Ratel post-exploitation toolkit to evade detection by EDR and antivirus solutions. [...]
New RedAlert Ransomware targets Windows, Linux VMware ESXi servers
A new ransomware operation called RedAlert, or N13V, encrypts both Windows and Linux VMWare ESXi servers in attacks on corporate networks. [...]
Verified Twitter accounts hacked to send fake suspension notices
[...]
The Week in Ransomware - July 1st 2022 - Bug Bounties
It has been relatively busy this week with new ransomware attacks unveiled, a bug bounty program introduced, and new tactics used by the threat actors to distribute their encryptors. [...]
Macmillan shuts down systems after likely ransomware attack
Publishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident that appears to be a ransomware attack. [...]
Walmart denies being hit by Yanluowang ransomware attack
American retailer Walmart has denied being hit with a ransomware attack by the Yanluowang gang after the hackers claimed to encrypt thousands of computers. [...]
New Firefox privacy feature strips URLs of tracking parameters
Mozilla Firefox 102 was released today with a new privacy feature that strips parameters from URLs that are used to track you around the web. [...]
AMD investigates RansomHouse hack claims, theft of 450GB data
Chip manufacturer AMD says they are investigating a cyberattack after threat actors claimed to have stolen 450 GB of data from the company last year. [...]
LockBit 3.0 introduces the first ransomware bug bounty program
The LockBit ransomware operation has released 'LockBit 3.0,' introducing the first ransomware bug bounty program and leaking new extortion tactics and Zcash cryptocurrency payment options. [...]
Clever phishing method bypasses MFA using Microsoft WebView2 apps
A clever, new phishing technique uses Microsoft Edge WebView2 applications to steal victim's authentication cookies, allowing threat actors to bypass multi-factor authentication when logging into stolen accounts. [...]
NetSec Goggle shows search results only from cybersecurity sites
A new Brave Search Goggle modifies Brave Search results to only show reputable cybersecurity sites, making it easier to search for and find security information. [...]
The Week in Ransomware - June 24th 2022 - Splinter Cells
The Conti ransomware gang has finally ended their charade and turned off their Tor data leak and negotiation sites, effectively shutting down the operation. [...]
Conti ransomware finally shuts down data leak, negotiation sites
The Conti ransomware operation has finally shut down its last public-facing infrastructure, consisting of two Tor servers used to leak data and negotiate with victims, closing the final chapter of the notorious cybercrime brand. [...]
7-zip now supports Windows ‘Mark-of-the-Web’ security feature
7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files. [...]
New DFSCoerce NTLM Relay attack allows Windows domain takeover
A new Windows NTLM relay attack called DFSCoerce has been discovered that uses MS-DFSNM, Microsoft's Distributed File System, to completely take over a Windows domain. [...]
Google Chrome extensions can be fingerprinted to track you online
A researcher has discovered how to use your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. [...]
The Week in Ransomware - June 17th 2022 - Have I Been Ransomed?
Ransomware operations are constantly evolving their tactics to pressure victims to pay. For example, this week, we saw a new extortion tactic come into play with the creation of dedicated websites to extort victims with searchable data. [...]
Ransomware gang creates site for employees to search for their stolen data
The ALPHV ransomware gang, aka BlackCat, has brought extortion to a new level by creating a dedicated website that allows the customers and employees of their victim to check if their data was stolen in an attack [...]
Microsoft June 2022 Patch Tuesday fixes 1 zero-day, 55 flaws
Today is Microsoft's June 2022 Patch Tuesday, and with it comes fixes for 55 vulnerabilities, including fixes for the Windows MSDT 'Follina' zero-day vulnerability and new Intel MMIO flaws. [...]
« newer articles | page 23 | older articles »