Bitdefender Threat Debrief | May 2022
MDR Insights The MDR intelligence cell recognizes the threat that comes with homograph domains used in phishing attacks. Our monitoring looks for homograph activity targeting the MDR customer base. Although
Bad Bots Swarm the Internet in Record Numbers in 2021
Account takeover attacks surge as a resultRead More: https://www.infosecurity-magazine.com/news/bad-bots-internet-record-numbers/
Patch these vulnerable VMware products or remove them from your network, CISA warns federal agencies
Companies should immediately patch or remove VMware products affected by newly disclosed critical flaws, warns the US Cybersecurity and Infrastructure Security Agency (CISA). The drastic measure of removing the products
What Is a Supply Chain Attack?
A supply chain attack, also sometimes called value chain, third-party attack, or backdoor breach is when threat actors hack an organization’s supplier or third-party vendor that has access to a
Half of IT Leaders Store Passwords in Shared Docs
Many aren’t following the advice of their own training programsRead More: https://www.infosecurity-magazine.com/news/it-leaders-passwords-shared-docs/
Water companies are increasingly uninsurable due to ransomware, industry execs say
Written by Suzanne Smalley May 18, 2022 | CYBERSCOOP More water companies are finding they are uninsurable as ransomware attacks against the sector grow, water utility and association executives said
US Warns Firms About North Korean Hackers Posing as IT Workers
US government has warned organizations to beware of hackers in the guise of IT freelancers claiming to be non-DPRK (Democratic People’s Republic of Korea) nationals. According to an advisory issued by the
Why you should install iOS 15.5 now
Written by Adrian Kingsley-Hughes, Contributor Adrian Kingsley-Hughes Contributor Adrian Kingsley-Hughes is an internationally published technology author who has devoted over two decades to helping users get the most from technology
New research identifies poor IAM policies as the greatest cloud vulnerability
Written by CyberScoop Staff May 18, 2022 | CYBERSCOOP Misconfigurations continue to be the leading cause of most cloud security incidents — many of those as a result of poorly written
Top Data-Driven Methods for Improving Your Investment Decisions
From location quotient geography formula to AI (Artificial Intelligence) investing, leveraging technology to generate higher returns is one of the best ways to ensure your investment efforts result in success.
U.S. recovers millions from infamous '3ve' advertising scam group
Written by Tonya Riley May 18, 2022 | CYBERSCOOP The U.S. government recovered more than $15 million in proceeds from a global advertising scheme that cost businesses in the U.S.
Pharmacy Giant Hit By Data Breach Affecting 3.6 Million Customers
Pharmacy retailer Dis-Chem announced that an unauthorized party gained access to its customer databaseRead More: https://www.infosecurity-magazine.com/news/pharmacy-giant-data-breach/
Personal Information of Nearly Two Million Texans Exposed
The leak was caused by a programming issue at the Texas Department of InsuranceRead More: https://www.infosecurity-magazine.com/news/personal-information-two-million/
DOJ Says Doctor is Malware Mastermind
The U.S. Department of Justice indites middle-aged doctor, accusing him of being a malware mastermind. On Monday, the U.S. Attorney’s Office for the Eastern District of New York revealed criminal
Electron Bot Malware is disseminated via Microsoft’s Official Store and is capable of controlling social media apps
A recent malware disseminated via Microsoft’s official store and dubbed Electron Bot is capable of taking control over social media applications and infected around 5,000 machines around the globe. Electron
APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days
Research indicates that organizations should make patching existing flaws a priority to mitigate risk of compromise. Most advanced persistent threat groups (APTs) use known vulnerabilities in their attacks against organizations,
April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell
Researchers say a GitHub proof-of-concept exploitation of recently announced VMware bugs is being abused by hackers in the wild. Recently reported VMware bugs are being used by hackers who are
The Growing Threat of Ransom DDoS Attacks Requires Effective Prevention and Mitigation
Essentially, ransom DDoS attacks are just DDoS with a ransom demand but a sudden increase in these attacks is no Bueno and bad for business. The latest edition of the
Critical Privilege Escalation Vulnerability in Jupiter and JupiterX Premium Themes
WordFence – On April 5, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for a set of vulnerabilities in the Jupiter and JupiterX Premium themes and the
AcidRain Malware Shuts Down Thousands of Modems in Ukraine
Security Intelligence – AcidRain Malware Shuts Down Thousands of Modems in Ukraine Home / News AcidRain Malware Shuts Down Thousands of Modems in Ukraine Share On Thursday, February 24, a cyber
The BlackByte ransomware group is striking users all over the globe
News summary Cisco Talos has been monitoring the BlackByte Ransomware Group for several months, infecting victims all over the world, from North America to Colombia, Netherlands, China, Mexico and Vietnam.
Google: These 'curated' open-source packages will improve software supply chain security
Google aims to boost software supply chain security with an initiative that promises to offer enterprise open-source software users access to the same secure packages used by its own developers
Millions of Cyberattacks Are Targeting Tatsu WordPress Plugin
Tatsu Builder is a popular plugin that integrates very effective template modification tools directly into the user’s web browser. What Happened? Hackers are making extensive use of a remote code
Top 10 Attack Vectors Most Exploited by Hackers Revealed
Various national cybersecurity authorities have recently published a joint advisory that discloses what are the top 10 attack vectors most exploited by cybercriminals. Cyber actors routinely exploit poor security configurations
UK Government: Lack of Skills the Number One Issue in Cybersecurity
Andrew Elliot from DCMS provides an update on government initiatives to boost cybersecurity talent pipelineRead More: https://www.infosecurity-magazine.com/news/government-skills-one-cybersecurity/
Malicious PHP Code Used to Steal Banking Information, FBI Said
The law enforcement agency has issued an alert that malicious actors are scraping credit card information from the checkout pages of American companies’ websites. As of January 2022, unidentified cyber
FBI and NSA say: Stop doing these 10 things that let the hackers in
Cyber attackers regularly exploit unpatched software vulnerabilities, but they “routinely” target security misconfigurations for initial access, so the US Cybersecurity and Infrastructure Security Agency (CISA) and its peers have created
Digital Skimming is Now the Preserve of Non-Magecart Groups
Commodity kit invites new entrants into the marketRead More: https://www.infosecurity-magazine.com/news/digital-skimming-non-magecart/
Western Allies Warn of Top Cyber-Attack Mistakes
Poor cyber-hygiene to blame for many compromisesRead More: https://www.infosecurity-magazine.com/news/western-allies-warn-of-top/
Wizard Spider hackers hire cold callers to scare ransomware victims into paying up
Researchers have exposed the inner workings of Wizard Spider, a hacking group that pours its illicit proceeds back into the criminal enterprise. On Wednesday, PRODAFT published the results of an
Police Warn of £15m Courier Scams
Blend of phone and face-to-face fraud targets vulnerableRead More: https://www.infosecurity-magazine.com/news/police-warn-of-15m-courier-scams/
Singapore sets up cybersecurity assessment, certification centre
Written by Eileen Yu, Contributor Eileen Yu Contributor Eileen Yu began covering the IT industry when Asynchronous Transfer Mode was still hip and e-commerce was the new buzzword. Currently an
WA Health: No breaches of unencrypted COVID data means well managed and secure system
Written by Chris Duckett, APAC Editor Chris Duckett APAC Editor Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer.
New Sysrv-k Botnet Infecting Windows and Linux Systems with Cryptominer
Microsoft has discovered a new Sysrv botnet variant deploying cryptocurrency miners on Windows and Linux systems. The Microsoft Security Intelligence team posted a series of tweets on their official Twitter handle (@MsftSecIntel)
Chromebook data sanitization comes to Blancco Drive Eraser
Written by Adrian Kingsley-Hughes, Contributor Adrian Kingsley-Hughes Contributor Adrian Kingsley-Hughes is an internationally published technology author who has devoted over two decades to helping users get the most from technology
Cardiologist Charged for Developing Jigsaw v.2 and Thanos Ransomware
The multi-tasking physician ran a Ransomware-as-a-Service and rented dangerous ransomware to cybercriminals. The US Department of Justice has unsealed a criminal complaint against French-Venezuelan Moises Luis Zagala Gonzalez for developing two dangerous
Costa Rican president claims collaborators are aiding Conti's ransomware extortion efforts
Written by AJ Vicens May 17, 2022 | CYBERSCOOP Collaborators within Costa Rica are helping the notorious Conti ransomware group extort the country’s government, the country’s president said during a
Ransomware Hits American Healthcare Company Omnicell
Ransomware impacted certain internal systemsRead More: https://www.infosecurity-magazine.com/news/ransomware-healthcare-omnicell/
US Government Warns Firms to Avoid Hiring North Korean IT Workers
North Korean IT workers are attempting to generate revenue for DPRK and conduct cyber intrusionsRead More: https://www.infosecurity-magazine.com/news/us-government-hiring-north-korean/
Vulnerability Spotlight: Multiple memory corruption vulnerabilities in NVIDIA GPU driver
Piotr Bania of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered four vulnerabilities in the NVIDIA D3D10 driver for graphics cards that could allow an
How Data is Revolutionizing the MSP Market
Tech businesses have spent the last generation ensuring that customers have real-time, secure access to their information anytime, anywhere. But soon—or even now in some cases—it won’t be enough. Increasingly,
Sysrv-K Botnet Targets Windows, Linux
Microsoft researchers say they are tracking a botnet that is leveraging bugs in the Spring Framework and WordPress plugins. Unpatched vulnerabilities in the Spring Framework and WordPress plugins are being
iPhones Vulnerable to Attack Even When Turned Off
Wireless features Bluetooth, NFC and UWB stay on even when the device is powered down, which could allow attackers to execute pre-loaded malware. Attackers can target iPhones even when they
How to build a hook syscall detector
Windows API calls are often hooked by AV and EDR systems by using inline patching approaches to find strange behaviors or malicious artifacts. Windows API hooking Windows API hooking is
FBI: Hackers used malicious PHP code to grab credit card data
The Federal Bureau of Investigations (FBI) is warning that someone is scraping credit card data from the checkout pages of US businesses’ websites. “As of January 2022, unidentified cyber actors
‘Thanos’ Ransomware Builder Was Designed by a Physician
First detected in February 2020, the Thanos ransomware was advertised for sale on dark web forums. Using a built-in constructor, the Thanos ransomware lets actors make changes to the sample
NerbianRAT Trojan Spreads via Emails
Researchers have noticed a RAT (remote access trojan) dubbed NerbianRAT being distributed via emails. Its name comes from a malware code function’s name. NerbianRAT: How It Is Distributed Researchers from
Phishing Threat Actors Still Fond of HTML Attachments
In 2022 HTML files are still one of the most prevalent attachments used in phishing scams, indicating that the method continues to be successful against spam detection software and works