Cyware Alerts-Hacker News-Malware-Vulnerabilities.
Views expressed in this cybersecurity-intelligence update are those of the reporters and correspondents.
Accessed on 14 November 2021, 2320 UTC.
Content supplied by “Cyware.com.”
Please click link or scroll down to read your selections.
Latest Cybersecurity News And Articles
More Details Surface About Cring Group Exploiting Old Bugs
Cring ransomware actors are actively exploiting older vulnerabilities in ColdFusion servers and Fortigate VPNs to cripple industrial organizations. The Cring hackers have been linked with hackers in Belarus and Ukraine who used automated tools to break into the servers.
Ransomware Families Abusing More and More Vulnerabilities: New Report
A report by Cyware, Ivanti, and Cyber Security Works noted a 4.5% rise in CVEs associated with ransomware, with a 3.4% rise in ransomware families exploiting those. The total count of older vulnerabilities is now 258, which is 92.4% of all vulnerabilities related to ransomware. O rganizations are … Read More
Hackers Possess Secrets Required to Unlock PS5
Hacking groups jailbreak PlayStation5 kernel to steal root keys, which hackers can abuse to reverse engineer codes and create customized firmware. Fail0verflow is a group that susually hacks into game consoles. Until there is a complete fix to this loophole by the manufacturer, gamers must w … Read More
Void Balaur Stayed Hidden for Years to Steal Sensitive Data in Emails
Trend Micro revealed hacker-for-hire Void Balaur group has been active since the mid-2010s and has claimed victims across sectors, while also targeting activists, journalists, and other leaders. It also constantly looks for access to cryptocurrency wallets of various exchange services. Experts sug … Read More
BazarBackdoor Leverages Windows 10 App Feature to Infect Victims
Hackers are abusing the AppInstaller feature of Microsoft Windows 10 to target victims. Sophos Labs came to know about it after its own employees were targeted via spam emails. Organizations and security software vendors are suggested to have adequate defenses in palace to detect and stop such att … Read More
Ransomware experts question massive Pysa/Mespinoza victim dump
The Pysa ransomware group dumped dozens of victims onto their leak site this week right after US law enforcement officials announced a range of actions taken against ransomware groups.
Microsoft warns of surge in HTML smuggling phishing attacks
Microsoft has seen a surge in malware campaigns using HTML smuggling to distribute banking malware and remote access trojans. As per Microsoft, it is being increasingly used by threat actors to evade detection, including the Nobelium hacking group.
Europol: Ransomware Gangs Focusing on High Profile Targets
Ransomware gangs have increasingly focused on high-profile targets like large corporations and government institutions in the past year, according to Europol’s Internet Organised Crime Threat Assessment (IOCTA) 2021.
Costco customers complain of fraudulent charges before company confirms card skimming attack
Costco has sent out breach notification letters to an unknown number of victims after multiple people took to social media to complain about fraudulent charges connected to the company.
Google warns hackers used macOS zero-day flaw, could capture keystrokes, screengrabs
Google’s Threat Analysis Group (TAG) has revealed that hackers targeting visitors to websites in Hong Kong were using a previously undisclosed, or zero-day, flaw in macOS to spy on people.
Magniber Ransomware Group Targets Now Internet Explorer Vulnerabilities
A change of focus took place in the Magniber ransomware’s gang attack method arsenal, as now the threat actor group started to propagate the ransomware and encrypt users’ devices by means of two Internet Explorer vulnerabilities.
QAKBOT Loader Returns With New Techniques and Tools
QAKBOT is a prevalent information-stealing malware that was first discovered in 2007. In recent years, its detection has become a precursor to many critical and widespread ransomware attacks.
Malware uses namesilo Parking pages and Google’s custom pages to spread
This technique is yet another attempt from the malicious actor to hide control channels to avoid being tracked, monitored, or blocked and it probably has served them well.
Trickbot and TA551 Are Buddies
A connection was established between the TrickBot gang and the TA551 threat group as a major similarity was found in their tools and TTPs. They use Bazabackdoor and deploy the Cobalt Strike beacon on the compromised system and add scheduled tasks for persistence. The recent collaborations prove h … Read More
Qbot Spam Campaigns Continue to Explode
According to researchers from Kaspersky, in the first seven months of 2021, the number of users affected by the QBot, which was first discovered in 2007, jumped to 65% compared to the previous year.
Lazarus is Back at it Again
The infamous North Korea state-sponsored Lazarus APT was recently found targeting IT supply chains. Now, the group has been discovered attempting to hack security researchers again.
Latest DDoS Trends and Attacks – What You Need to Know
DDoS attacks started being used as an intimidation tactic in Q3. The criminals sent company-wide emails stating that their resources were being used in DDoS attacks and they could face legal consequences.
Zoom Patches High-Risk Flaws in Meeting Connector, Keybase Client
Video messaging technology giant Zoom has shipped patches for high-severity vulnerabilities that expose enterprise users to remote code execution and command injection attacks.
Zero-day bug in all Windows versions gets free unofficial patch
A free, unofficial patch is available for a zero-day local privilege escalation vulnerability in the Windows User Profile Service that lets attackers gain SYSTEM privileges under certain conditions.
New tool flags up benign-but-exploitable Chrome extensions
Researchers from Germany’s CISPA Helmholtz Center for Information Security have developed a tool to identify Chrome extensions that could be exploited by malicious webpages and other extensions.
CyberVetsUSA Pilots Nebraska Project
CyberVetsUSA exists as a public-private partnership between non-profit and Veteran Service Organizations (VSOs), tech employers, institutions of higher education, and local government agencies.
To Joke or Not to Joke: COVID-22 Brings Disaster to MBR
The file name Covid22 plays off the current Coronavirus disease but applies that same image of fear and destruction to computers, potentially creating a cyber-pandemic in 2022.
Google debuts ClusterFuzzLite security tool for CI, CD workflows
The new tool, ClusterFuzzLite, is based on ClusterFuzz, an open source scalable fuzzing infrastructure previously released by Google and used as the fuzzing backbone for the OSS-Fuzz program.