Low-rent RAT Worries Researchers
Researchers say a hacker is selling access to quality malware for chump change. For about the price of a cup of Starbucks latte, a hacker is renting out a remote
Security Above and Beyond CNAPPs
Trend Micro – The cloud is driving transformative benefits for global organizations. But in rushing their applications and infrastructure into new computing environments, they’re also exposing business-critical data to new
Russian TV Schedules Hacked on Victory Day to Show Anti-War Messages
Hackers targeted Russian television channels’ program names right before Vladimir Putin’s speech on Victory Day to commemorate the defeat of Nazi Germany by the Soviet Union in WWII. Victory Day
Costa Rican president begins tenure with ransomware national emergency declaration
Written by AJ Vicens May 9, 2022 | CYBERSCOOP The new president of Costa Rica declared a national emergency over the weekend as fallout continues from a late-April ransomware attack.
Hackers Replace Russian TV Schedules During 'Victory Day' With Anti-War Messages
The hack affected several major networks, including Channel One, Rossiya-1 and NTV-PlusRead More: https://www.infosecurity-magazine.com/news/hackers-russian-tv-schedules/
FBI: Rise in Business Email-based Attacks is a $43B Headache
A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem. The FBI warned the global cost of business email compromise (BEC) attacks is $43
Agricultural Manufacturer AGCO Hit by Ransomware
The attack has impacted the firm’s operations during the crucial planting seasonRead More: https://www.infosecurity-magazine.com/news/agricultural-manufacturer-agco/
How to remove yourself from Internet search results and hide your identity
Go incognito. Getty Images/iStockphoto There is now a very thin line, easily broken, which separates our physical and digital identities. Social networks have evolved from the days of MySpace to
Microsoft's new cybersecurity service combines tech and human experts
Microsoft has unveiled a set of new managed cybersecurity services to help customers combat malware and other threats amid an ongoing cybersecurity skills crunch. Microsoft has created a new umbrella
National Emergency Declared by Costa Rica Following Conti Cyberattacks
Following cyber-attacks by the Conti ransomware organization on numerous government bodies, Costa Rican President Rodrigo Chaves has declared a national emergency. According to the BleepingComputer publication, Conti also published the
Beware: This cheap and 'homemade' malware is surprisingly effective
A powerful form of trojan malware that offers complete backdoor access to Windows systems is being sold on underground forums for the price of a cup of coffee – and
Hackers Hijacked Official Ferrari Subdomain to Host NFT Scam
After the hijacking, hackers hosted the Mint Your Ferrari NFT scam on the luxury automaker’s official website. Italian luxury automobile manufacturer Ferrari’s official website was hacked to promote a fake
Information Leading to the Arrest of Conti Ransomware Co-Conspirators to be Rewarded
Conti ransomware is an extremely damaging malicious actor due to the speed with which encrypts data and spreads to other systems. The cyber-crime action is thought to be led by
Podcast: The State of the Secret Sprawl
In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and
Caramel Credit Card Theft Is Becoming Increasingly Popular
A credit card stealing service is gaining traction, providing a simple and automated option for low-skilled threat actors to enter the realm of financial fraud. How Do Credit Card Skimmers
We Need To Stop Preparing For The Last War | ConnectWise CyberSEC 2022
Small and medium businesses are not safe from these attacks. Some affiliates are specialized in targeting the SMB segment, often using different initial vectors than for enterprises. Ransom is based
Treasury Sanctions Crypto Firm After North Korea’s $620m Heist
Blender.io is the first crypto mixing service to be hit Read More: https://www.infosecurity-magazine.com/news/treasury-sanctions-crypto-north/
London Police Warn of Crypto Muggings – Report
Criminals combine physical and digital techniquesRead More: https://www.infosecurity-magazine.com/news/london-police-warn-of-crypto/
US Government Offers $15m Reward for Info on Conti Actors
State Department turns up the heat on co-conspiratorsRead More: https://www.infosecurity-magazine.com/news/us-government-15m-reward-info/
Crypto mixer Blender sanctioned by US Treasury for involvement in $600m Ronin theft
Written by Chris Duckett, APAC Editor Chris Duckett APAC Editor Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer.
Examining the Black Basta Ransomware’s Infection Routine
Trend Micro – Examining the Black Basta Ransomware’s Infection Routine Ransomware We analyze the Black Basta ransomware and examine the malicious actor’s familiar infection tactics. By: Ieriz Nicolle Gonzalez, Ivan
Anonymous NB65 Claims Hack on Russian Payment Processor Qiwi
The Anonymous affiliated Network Battalion aka NB65 group has allegedly targeted a Russian payment processing platform Qiwi and leaked 7 million payment card data as proof of hack. On May
The 4 best travel VPNs of 2022
Of all the situations you might find yourself in when using a VPN, perhaps the one where your VPN is at its most mission critical is when you’re traveling. When
USB-based Wormable Raspberry Robin Malware Targeting Windows Installer
The malware Raspberry Robin is distributed via external drives and uses Microsoft Standard installer to execute malicious commands. Red Canary’s Detection Engineering team has discovered a new worm-like Windows malware
Every Google Chrome user should click this button now
Written by Adrian Kingsley-Hughes, Contributor Adrian Kingsley-Hughes Contributor Adrian Kingsley-Hughes is an internationally published technology author who has devoted over two decades to helping users get the most from technology
Threat Roundup for April 29 to May 6
Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between April 29 and May 6. As with previous roundups, this post isn’t meant to be an
Treasury sanctions virtual currency mixer Blender for money laundering
Written by Suzanne Smalley May 6, 2022 | CYBERSCOOP The Treasury Department said Friday it has sanctioned Blender.io, a so-called virtual currency mixer which Treasury alleges that the North Korean
DDoS Attacks by Hacktivists Disrupted Russian Alcohol Supply Chain
Attackers from the Ukrainian IT army successfully disrupted alcohol shipments in Russia by targeting EGAIS, the country’s primary online portal for alcohol distribution. According to Russian news portal Vedomosti, Ukrainian
Data breach Discovered at IKEA Canada impacts 95,000 Customers
Compromised data included customer names, email addresses and phone numbersRead More: https://www.infosecurity-magazine.com/news/data-breach-ikea-canada/
NIST Updates Supply Chain Cybersecurity Guidance
Updates advise organizations to consider vulnerabilities in components of products they’re considering usingRead More: https://www.infosecurity-magazine.com/news/nist-supply-chain-cybersecurity/
NIST Releases Advisory Guide on Supply Chain Attack Protection
In reply to EO (Executive Order) 14028 promulgated on the 12th of May 2021, the National Institute of Standards and Technology (NIST) has released a comprehensive guide on how institutions
Security researchers: Here's how the Lazarus hackers start their attacks
The Lazarus hacking group is one of the top cybersecurity threats from North Korea, recently catching the attention of the US government for massive cryptocurrency heists. Now researchers at NCCGroup
Windows Installer Used by New Raspberry Robin Worm
Installing, maintaining, and uninstalling software is made easier using Windows Installer. Installation packages, which are loosely relational databases constructed as COM Structured Storages and frequently referred to as “MSI files”
'Once they have access to your screen, they have complete control'. Watch out for these screen-sharing scams
Cyber criminals are stealing millions by luring victims into investment scams and then using remote screen-sharing software to steal money, bank details and other personal information. According to research by
The Operational Structure of Bitcoin
Launched in 2009, Bitcoin was the first-ever digital coin that marked the beginning of a cryptocurrency era. It is a decentralized digital currency, not controlled by any authority like a
USB-based Wormable Malware Targets Windows Installer
Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. Credit: Red Canary Wormable malware dubbed Raspberry Robin has
Help! I have 100,000 unread messages in my Gmail inbox. Where do I even start? [Ask ZDNet]
It’s time for another installment of Ask ZDNet. In the mailbag this week: A crash course on TPM technology, the fastest way to get to Inbox Zero, and the best
Special Police Constable Used Encrypted Chat to Post Child Abuse Content
Trainee solicitor handed two-year suspended sentenceRead More: https://www.infosecurity-magazine.com/news/special-police-encrypted-chat/
Ukrainians DDoS Russian Vodka Supply Chains
Hacktivists hit the Kremlin where it hurtsRead More: https://www.infosecurity-magazine.com/news/ukrainians-ddos-russian-vodka/
Microsoft, Apple and Google Team Up on Passwordless Standard
Tech giants want to make the user experience more seamlessRead More: https://www.infosecurity-magazine.com/news/microsoft-apple-google-team/
South Korea becomes first Asian member of NATO cyber research centre
Image: CCDCOE South Korea’s intelligence agency said on Thursday that the country has joined a cyber defense group under the North Atlantic Treaty Organization (NATO), becoming its first Asian member
Heroku fesses up to customer password theft due to OAuth token attack
Written by Chris Duckett, APAC Editor Chris Duckett APAC Editor Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining CBS as a programmer.
What Are Dark Web Search Engines and How to Find Them?
Let’s take a closer look at what a dark web search engine is, how to find them and what are some of the best dark web search engines out there.
WhatsApp to roll out larger file size sharing, bigger groups, and new reactions feature
Image: WhatsApp WhatsApp, the messaging platform owned by Meta, has announced new features in line with last month’s communities announcement that includes larger file sharing, a new emoji reactions feature
Can AI step up to offer help where humans cannot?
If applied inappropriately, artificial intelligence (AI) can bring more harm than good. But, it can offer a much-needed helping hand when humans are unable to find comfort from their own
Australian police unsuccessfully seek to have hosting company pull down leaked data website
Written by AJ Vicens May 5, 2022 | CYBERSCOOP An investigator with the Australian Federal Police this week asked an Icelandic hosting company to pull down a website dedicated to
CIA Wants Russians to Share Secret Info with the Agency via its Darknet Site
CIA’s darknet website will be accessible to Russians through the Tor internet browser. The Central Intelligence Agency (CIA) of the United States has issued instructions for Russians unhappy with their
Threat Source newsletter (May 5, 2022) — Emotet is using up all of its nine lives
By Jon Munshaw. Welcome to this week’s edition of the Threat Source newsletter. Emotet made headlines last week for being “back” after a major international law enforcement takedown last year. But