Avast Finds Backdoor on US Government Commission Network

Avast –  Avast –  We have found a new targeted attack against a small, lesser-known U.S. federal government commission associated with international rights. Despite repeated attempts through multiple channels over…

IIS Extensible Web Server Used to Steal Microsoft Exchange Credentials

Cybercriminals are installing a new malicious add-on for the IIS web server on Microsoft Exchange Outlook Web Access (OWA) servers to collect login information and remotely perform commands on the…

‘Seedworm’ Attackers Target Telcos in Asia, Middle East

The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats. Attackers targeting telcos across the Middle East and Asia…

The Ransomware Attack Suffered by Kronos May Cause Weeks of Downtime

Kronos is a workforce management and human resources company that offers cloud-based solutions for timekeeping, payroll, employee benefits, analytics, and other tasks. Kronos merged with Ultimate Software in 2020 to…

Technical Advisory: Zero-day critical vulnerability in Log4j2 exploited in the wild

On December 9, 2021, Apache disclosed CVE-2021-44228, a remote code execution vulnerability – assigned with a severity of 10 (the highest possible risk score). The source of the vulnerability is Log4j,…

This decade-old malware has picked up some nasty new tricks

Qakbot, a top trojan for stealing bank credentials, has in the past year started delivering ransomware and this new business model is making it harder for network defenders to detect…

Canadian indicted for launching ransomware attacks on orgs in US, Canada

The FBI and Justice Department unsealed indictments today leveling a number of charges against 31-year-old Canadian Matthew Philbert for his alleged involvement in several ransomware attacks.  Officials from the Ontario…

FBI: Cuba ransomware group hit 49 critical infrastructure organizations

The FBI has released a new notice about the Cuba ransomware, explaining that the group has attacked “49 entities in five critical infrastructure sectors” and made at least $43.9 million…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

Hackers are targeting this Microsoft Windows Installer flaw, say security researchers

Hackers have already created malware in a bid to exploit an elevation of privilege vulnerability in Microsoft’s Windows Installer. Microsoft released a patch for CVE-2021-41379, an elevation of privilege flaw…