Intuit warns Quickbooks customers of ongoing phishing attacks.
Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.
Accessed on 09 October 2021, 1346 UTC.
Content provided by “Cyware.com.”
Source:
https://cyware.com/cyber-security-news-articles
Please scroll down to read your selections.
Intuit warns QuickBooks customers of ongoing phishing attacks
Intuit has warned QuickBooks customers that they are targeted by an ongoing phishing campaign impersonating the company and trying to lure potential victims with fake renewal charges.
Russian orgs heavily targeted by smaller tier ransomware gangs
The actors who trouble Russian and CIS-based companies in general though, aren’t REvil, LockBit, DarkSide, and any of the more notorious groups that launch high-profile attacks on critical infrastructure targets.
Google Says Russian APT Targeting Journalists, Politicians
Some 14,000 Google users were warned of being suspected targets of Russian government-backed threat actors. Post that, the tech giant announced cybersecurity updates – particularly for email accounts of high-profile users.
Attackers Encrypt VMware ESXi Server With Python Ransomware
According to Sophos, the script contains multiple hardcoded encryption keys, and a routine for generating even more keys, which led the researchers to the conclusion that the ransomware creates a unique key at each run.
Cox Media Group confirms ransomware attack that took down broadcasts
American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in the month of June 2021.
Atom Silo Group Eyeing Confluence Servers
/https://cyware-ent.s3.amazonaws.com/image_bank/ac71_shutterstock_1963275886.jpg "Atom Silo Group Eyeing Confluence Servers - Cybersecurity news")
SophosLabs researchers uncovered Atom Silo, a new ransomware group almost identical to LockFile, actively exploiting Atlassian Confluence Server and Data Center flaw. The group is using several novel techniques that make it very challenging to examine, including DLL side-loading to interrupt endpo … Read More
New Zealand CERT Warns of FluBot Using New Tricks
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_408342142.jpg "New Zealand CERT Warns of FluBot Using New Tricks - Cybersecurity news")
The infamous FluBot banking Trojan is targeting New Zealand mobile users wherein it uses different types of text-based messaging lures regarding parcel delivery and FluBot infection alert. After a successful infection, FluBot operators use the malware to steal payment information, text messages, c … Read More
Hydra Spreads Tentacles to Target European Banks
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_472540654.jpg "Hydra Spreads Tentacles to Target European Banks - Cybersecurity news")
MalwareHunterTeam reported a new campaign spreading Hydra banking trojan across European banking platforms, specifically customers of Germany’s second-largest financial institution. The malware uses different encryption methods to avoid detection, along with the use of Tor for communication. … Read More
Google Patches Four Severe Vulnerabilities in Chrome
Google this week announced the release of an updated Chrome version for Windows, Mac, and Linux, to address a total of four high-severity security vulnerabilities in the browser.
Update: Hackers of SolarWinds stole data on U.S. sanctions policy, intelligence probes
The campaign alarmed officials with its stealth and careful staging. The hackers burrowed into the code production process at SolarWinds, which makes widely used software for managing networks.
India: Government releases guidelines for cybersecurity in power sector
Under the direction of Union Power and New & Renewable Energy Minister, the Central Electricity Authority prepared the guidelines for cybersecurity in the power sector and it was released on Thursday.
Ransomware groups are still exploiting these old vulnerabilities, so patch now
Qualys researchers reported that several older vulnerabilities, with existing patches, in software made by several Oracle and Adobe are being actively exploited by ransomware groups.
Actors Target Huawei Cloud Using Upgraded Linux Malware
The malicious code deployed by attackers disables the hostguard service, a Huawei Cloud Linux agent process that “detects security issues, protects the system, and monitors the agent.”
Singapore tweaks cybersecurity strategy with OT emphasis
Singapore unveiled a revised national plan to assume a more proactive stance in addressing threats and drive its cybersecurity posture, including a new operational technology competency framework.
BrewDog Exposed Data for Over 200,000 Shareholders and Customers
BrewDog, the Scottish brewery and pub chain famous for its crowd-ownership model and the tasty IPAs, has irreversibly exposed the details of 200,000 of its shareholders and customers.
Netherlands can use intelligence or armed forces to respond to ransomware attacks
The Netherlands government said it would use its intelligence or military services to counter cyber-attacks, including ransomware attacks, that threaten its national security.
Finding the right mix: Leveraging policy and incentives to improve healthcare cybersecurity
Cybercriminals see a great opportunity in healthcare. They can get up to $1,000 per stolen medical record, making protected health information (PHI) more lucrative than credit card data.
Engineering Firm Weir Group Suffers Major Ransomware Attack Resulting in Loss of Millions in Revenue
In a statement, the mining equipment firm said it had reacted quickly to the “sophisticated” attack but had been forced to delay shipments worth more than £50 million ($68 million) in revenue.
96% of organizations are concerned about the threat of ransomware attacks
Over two-thirds of companies have been the target of a ransomware attack, with one in six claiming to have been attacked three or more times, according to a survey by Fortinet.
Discord scammers lure victims with promise of free Nitro subscriptions
A number of bogus offers are doing the rounds in Discord land at the moment. Discord, a group text chat/VoiP app of choice for many gaming communities, is having a bit of trouble with phishing links.
Financially Driven Hacker Group FIN12 Aims at Healthcare with Quick and Focused Ransomware Attacks
While most ransomware actors spend time on the victim network looking for important data to steal, this group favors quick malware deployment against sensitive, high-value targets.
Google Blames Suspected Russian Hacking Group for Targeting 14,000 Gmail Users
On Wednesday, Google alerted approximately 14,000 users that they had been targets of a phishing campaign by Russian government-sponsored threat actors, according to a company employee.
Microsoft is disabling Excel 4.0 macros by default to protect users
While VBA macros were introduced in Excel 5.0, threat actors continue to XLM macros twenty years later in malicious documents that download malware or perform other unwanted behavior.
