New XcodeSpy malware targets iOS devs in supply-chain attack
A malicious Xcode project known as XcodeSpy is targeting iOS devs in a supply-chain attack to install a macOS backdoor on the developer's computer. [...]
Showing only posts by Lawrence Abrams. Show all posts.
Chile's bank regulator shares IOCs after Microsoft Exchange hack
Chile's Comisión para el Mercado Financiero (CMF) has disclosed that their Microsoft Exchange server was compromised through the recently disclosed ProxyLogon vulnerabilities. [...]
Hacker leaks payment data from defunct WeLeakInfo breach site
WeLeakInfo was a website that offered paid subscriptions that provides searchable access to a database containing 12.5 billion user records stolen during data breaches. This data included email addresses, names, phone numbers, addresses, and in many cases, passwords. [...]
Microsoft releases one-click Exchange On-Premises Mitigation Tool
Microsoft has released a one-click Exchange On-premises Mitigation Tool (EOMT) tool to allow small business owners to easily mitigate the recently disclosed ProxyLogon vulnerabilities. [...]
Phishing sites now detect virtual machines to bypass detection
Phishing sites are now using JavaScript to evade detection by checking whether a visitor is browsing the site from a virtual machine or headless device. [...]
New PoC for Microsoft Exchange bugs puts attacks in reach of anyone
A security researcher has released a new proof-of-concept exploit this weekend that requires slight modification to install web shells on Microsoft Exchange servers vulnerable to the actively exploited ProxyLogon vulnerabilities. [...]
Microsoft Edge to use a four-week release cycle to sync with Chrome
Major 'Stable' versions of Microsoft Edge will now be released every four weeks to synchronize with the new four-week release cycle announced by Google Chrome. [...]
CEO of Sky Global encrypted chat platform indicted by US
The US Department of Justice has indicted the CEO of encrypted messaging company Sky Global, and an associate for allegedly aiding criminal enterprises avoid detection by law enforcement. [...]
The Week in Ransomware - March 12th 2021 - Encrypting Exchange servers
For the past two weeks, the cybersecurity news has been dominated by stories about the Microsoft Exchange ProxyLogon vulnerabilities. One overriding concern has been when will ransomware actors use the vulnerabilities to compromise and encrypt mail servers. [...]
Scammers promote fake cryptocurrency giveaways via Twitter ads
Threat actors have started to use 'Promoted' tweets, otherwise known as Twitter ads, to spread cryptocurrency giveaway scams. [...]
Ransomware now attacks Microsoft Exchange servers with ProxyLogon exploits
A new ransomware called 'DEARCRY' is targeting Microsoft Exchange servers, with one victim stating they were infected via the ProxyLogon vulnerabilities. [...]
Molson Coors brewing operations disrupted by cyberattack
The Molson Coors Beverage Company has suffered a cyberattack that is causing significant disruption to business operations. [...]
Linux Foundation unveils Sigstore — a Let's Encrypt for code signing
The Linux Foundation, Red Hat, Google, and Purdue have unveiled the free 'sigstore' service that lets developers code-sign and verify open source software to prevent supply-chain attacks. [...]
Norway parliament data stolen in Microsoft Exchange attack
Norway's parliament, the Storting, has suffered another cyberattack after threat actors stole data using the recently disclosed Microsoft Exchange vulnerabilities. [...]
Microsoft March 2021 Patch Tuesday fixes 82 flaws, 2 zero-days
Today is Microsoft's March 2021 Patch Tuesday, and with admins already struggling with Microsoft Exchange updates and hacked servers, please be nice to your IT staff today. [...]
Adobe fixes critical Creative Cloud, Adobe Connect vulnerabilities
Adobe has released security updates that fix vulnerabilities in Adobe Creative Cloud Desktop, Framemaker, and Connect. [...]
GandCrab ransomware affiliate arrested for phishing attacks
A suspected GandCrab Ransomware member was arrested in South Korea for using phishing emails to infect victims. [...]
New Sarbloh ransomware supports Indian farmers' protest
A new ransomware known as Sarbloh encrypts your files while at the same time delivering a message supporting the protests of Indian farmers. [...]
Google Chrome to block port 554 to stop NAT Slipstreaming attacks
Google Chrome will block the browser's access to TCP port 554 to protect against attacks using the NAT Slipstreaming 2.0 vulnerability. [...]
Flagstar Bank hit by data breach exposing customer, employee data
US bank and mortgage lender Flagstar has disclosed a data breach after the Clop ransomware gang hacked their Accellion file transfer server in January. [...]
Microsoft's MSERT tool now finds web shells from Exchange Server attacks
Microsoft has pushed out a new update for their Microsoft Safety Scanner (MSERT) tool to detect web shells deployed in the recent Exchange Server attacks. [...]
This new Microsoft tool checks Exchange Servers for ProxyLogon hacks
Microsoft has released a PowerShell script that admins can use to check whether the recently disclosed ProxyLogon vulnerabilities have hacked a Microsoft Exchange server. [...]
Ransomware gang plans to call victim's business partners about attacks
The REvil ransomware operation announced this week that they are using DDoS attacks and voice calls to journalists and victim's business partners to generate ransom payments. [...]
The Week in Ransomware - March 5th 2021 - Targeting service providers
This week we have seen ransomware attacks targeting online service providers and MSPs to not only encrypt the victim but also cause significant outages for their customers. [...]
New ransomware only decrypts victims who join their Discord server
A new ransomware called 'Hog' encrypts users' devices and only decrypts them if they join the developer's Discord server. [...]
« newer articles | page 45 | older articles »