Attacks

Information Security professionals should make use of these lists of common weak passwords to proactively test the accounts of employees, contractors, and other users of the information systems that they are responsible for protecting. The most effective way to use these lists is to trigger a test each time a user changes their password – take the hash of the newly changed password and automatically check it against the list of common weak passwords. For…

Read More

This new research from Microsoft highlights two of the main issues that plague the cybersecurity industry – legacy software/hardware and the Internet of Things. First, we’ll touch on legacy software/hardware. Legacy software/hardware is old software that is still in use within an environment. While in this case, it was likely unknowingly used by the breached companies due to being within 3rd party devices, legacy software/hardware is something that most large corporations have in their environment…

Read More

Lorenz targets victims using customized executable code, expressly tailored to the targeted organization. HC3 notes that the tactic implies the actors will maintain persistent access for reconnaissance “for an extended period of time” before deploying the ransomware payload. The typical pattern begins with initial access, then reconnaissance and lateral movement to connected devices, with the primary purpose of finding a Windows domain controller to obtain administrator credentials. Their code also enables multiple program threads to…

Read More

Unfortunately, there are no options for users of these devices to patch these vulnerabilities at this time. The ARM GPU chip manufacturers have released the fix to the maintainers of Android who are testing the fix on Android/Pixel devices. Once the fix has been integrated into the Android code base, OEM partners will receive the patch from Android and will be responsible for implementing the fix and pushing it out to vulnerable Android devices. Users…

Read More

DraftKings said that almost 300 thousand dollars was stolen from user accounts. According to some of the victims, when they took to Twitter to get help from DraftKings, there were many twitter accounts commenting aabout getting free money using various techniques, but none of them could be identified as the actual attacker. Attacks like these highlight the reasons why it is important to not reuse passwords, especially on websites that credit card information is being…

Read More

Companies can detect Aurora and malware like it by implementing command line logging and looking for unusual WMIC and PowerShell commands. Additionally, implementing Canary files can help detect file grabber activity, and user behavioral analysis on netflow data can help detect anomalous network activity, such as connections to strange external ports. Application allowlisting can also help prevent the loader activity seen in Aurora. https://thehackernews.com/2022/11/researchers-warn-of-cyber-criminals.html https://blog.sekoia.io/aurora-a-rising-stealer-flying-under-the-radar/

Read More

While this ransomware generally targets consumers rather than the enterprise, it could still pose a significant threat to large communities. Therefore, users that are impacted by AxLocker should immediately change Discord passwords, as it will invalidate the token stolen by the ransomware. While this may not help recover files, it will prevent further compromise of accounts, data, and Discord communities. https://www.bleepingcomputer.com/news/security/new-ransomware-encrypts-files-then-steals-your-discord-account/

Read More

Starovikov and Filippov, who claim to have been software engineers for an organization known as Valtron LLC, are accused of seeking to mislead the court and acting to deny Google access to discoverable data. According to a settlement submitted to Google, the actors demanded $1 million each from the company and $110,000 in legal costs in exchange for providing the private keys to Bitcoin addresses linked to the Glupteba botnet. However, the Mountain View-based company…

Read More