Intuit warns Quickbooks customers of ongoing phishing attacks.

Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.

Accessed on 09 October 2021, 1346 UTC.

Content provided by “”


Please scroll down to read your selections.

Intuit warns QuickBooks customers of ongoing phishing attacks

Intuit has warned QuickBooks customers that they are targeted by an ongoing phishing campaign impersonating the company and trying to lure potential victims with fake renewal charges.

Russian orgs heavily targeted by smaller tier ransomware gangs

The actors who trouble Russian and CIS-based companies in general though, aren’t REvil, LockBit, DarkSide, and any of the more notorious groups that launch high-profile attacks on critical infrastructure targets.

Google Says Russian APT Targeting Journalists, Politicians

Some 14,000 Google users were warned of being suspected targets of Russian government-backed threat actors. Post that, the tech giant announced cybersecurity updates – particularly for email accounts of high-profile users.

Attackers Encrypt VMware ESXi Server With Python Ransomware

According to Sophos, the script contains multiple hardcoded encryption keys, and a routine for generating even more keys, which led the researchers to the conclusion that the ransomware creates a unique key at each run.

Cox Media Group confirms ransomware attack that took down broadcasts

American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in the month of June 2021.

Atom Silo Group Eyeing Confluence Servers

SophosLabs researchers uncovered Atom Silo, a new ransomware group almost identical to LockFile, actively exploiting Atlassian Confluence Server and Data Center flaw. The group is using several novel techniques that make it very challenging to examine, including DLL side-loading to interrupt endpo … Read More

New Zealand CERT Warns of FluBot Using New Tricks

The infamous FluBot banking Trojan is targeting New Zealand mobile users wherein it uses different types of text-based messaging lures regarding parcel delivery and FluBot infection alert. After a successful infection, FluBot operators use the malware to steal payment information, text messages, c … Read More

Hydra Spreads Tentacles to Target European Banks

MalwareHunterTeam reported a new campaign spreading Hydra banking trojan across European banking platforms, specifically customers of Germany’s second-largest financial institution. The malware uses different encryption methods to avoid detection, along with the use of Tor for communication.  … Read More

Google Patches Four Severe Vulnerabilities in Chrome

Google this week announced the release of an updated Chrome version for Windows, Mac, and Linux, to address a total of four high-severity security vulnerabilities in the browser.

Update: Hackers of SolarWinds stole data on U.S. sanctions policy, intelligence probes

The campaign alarmed officials with its stealth and careful staging. The hackers burrowed into the code production process at SolarWinds, which makes widely used software for managing networks.

India: Government releases guidelines for cybersecurity in power sector

Under the direction of Union Power and New & Renewable Energy Minister, the Central Electricity Authority prepared the guidelines for cybersecurity in the power sector and it was released on Thursday.

Ransomware groups are still exploiting these old vulnerabilities, so patch now

Qualys researchers reported that several older vulnerabilities, with existing patches, in software made by several Oracle and Adobe are being actively exploited by ransomware groups.

Actors Target Huawei Cloud Using Upgraded Linux Malware

The malicious code deployed by attackers disables the hostguard service, a Huawei Cloud Linux agent process that “detects security issues, protects the system, and monitors the agent.”

Singapore tweaks cybersecurity strategy with OT emphasis

Singapore unveiled a revised national plan to assume a more proactive stance in addressing threats and drive its cybersecurity posture, including a new operational technology competency framework.

BrewDog Exposed Data for Over 200,000 Shareholders and Customers

BrewDog, the Scottish brewery and pub chain famous for its crowd-ownership model and the tasty IPAs, has irreversibly exposed the details of 200,000 of its shareholders and customers.

Netherlands can use intelligence or armed forces to respond to ransomware attacks

The Netherlands government said it would use its intelligence or military services to counter cyber-attacks, including ransomware attacks, that threaten its national security.

Finding the right mix: Leveraging policy and incentives to improve healthcare cybersecurity

Cybercriminals see a great opportunity in healthcare. They can get up to $1,000 per stolen medical record, making protected health information (PHI) more lucrative than credit card data.

October 8, 2021

Engineering Firm Weir Group Suffers Major Ransomware Attack Resulting in Loss of Millions in Revenue

In a statement, the mining equipment firm said it had reacted quickly to the “sophisticated” attack but had been forced to delay shipments worth more than £50 million ($68 million) in revenue.

96% of organizations are concerned about the threat of ransomware attacks

Over two-thirds of companies have been the target of a ransomware attack, with one in six claiming to have been attacked three or more times, according to a survey by Fortinet.

Discord scammers lure victims with promise of free Nitro subscriptions

A number of bogus offers are doing the rounds in Discord land at the moment. Discord, a group text chat/VoiP app of choice for many gaming communities, is having a bit of trouble with phishing links.

Financially Driven Hacker Group FIN12 Aims at Healthcare with Quick and Focused Ransomware Attacks

While most ransomware actors spend time on the victim network looking for important data to steal, this group favors quick malware deployment against sensitive, high-value targets.

Google Blames Suspected Russian Hacking Group for Targeting 14,000 Gmail Users

On Wednesday, Google alerted approximately 14,000 users that they had been targets of a phishing campaign by Russian government-sponsored threat actors, according to a company employee.

Microsoft is disabling Excel 4.0 macros by default to protect users

While VBA macros were introduced in Excel 5.0, threat actors continue to XLM macros twenty years later in malicious documents that download malware or perform other unwanted behavior.