Malware

23 Nov

CryptoRom “pig butchering” scam sites seized, suspects arrested in US

Information, Malware

by Paul Ducklin Over the past year, we’ve had the unfortunate need to warn our readers not once, but twice, about a scam we’ve dubbed CryptoRom, a portmanteau word formed from the terms “Cryptocurrency” and “Romance scam”. Simply put, these scammers use a variety of techniques, notably including prowling on dating sites, to meet people online, form a friendship… …not with the intention of drawing their victims into a “we’ve fallen in love, now send…

Read More
23 Nov

Indian Energy Organizations Breached via Vulnerabilities in Discontinued Boa Servers

Attacks, Malware

This new research from Microsoft highlights two of the main issues that plague the cybersecurity industry – legacy software/hardware and the Internet of Things. First, we’ll touch on legacy software/hardware. Legacy software/hardware is old software that is still in use within an environment. While in this case, it was likely unknowingly used by the breached companies due to being within 3rd party devices, legacy software/hardware is something that most large corporations have in their environment…

Read More
23 Nov

Enterprise Healthcare Providers Warned of Lorenz Ransomware Threat

Attacks, Malware

Lorenz targets victims using customized executable code, expressly tailored to the targeted organization. HC3 notes that the tactic implies the actors will maintain persistent access for reconnaissance “for an extended period of time” before deploying the ransomware payload. The typical pattern begins with initial access, then reconnaissance and lateral movement to connected devices, with the primary purpose of finding a Windows domain controller to obtain administrator credentials. Their code also enables multiple program threads to…

Read More
23 Nov

Five Exploits In ARM’s Mali GPU Driver Remain Unfixed

Attacks, Malware

Unfortunately, there are no options for users of these devices to patch these vulnerabilities at this time. The ARM GPU chip manufacturers have released the fix to the maintainers of Android who are testing the fix on Android/Pixel devices. Once the fix has been integrated into the Android code base, OEM partners will receive the patch from Android and will be responsible for implementing the fix and pushing it out to vulnerable Android devices. Users…

Read More
23 Nov

Meta outlines US involvement in social media disinformation in new report

Data Breaches, Malware, Social Engineering

A report released by Meta’s security team describes the company’s shutdown of a network of Facebook and Instagram accounts participating in what it calls coordinated inauthentic behavior, and linking some of those accounts to the US military. “Coordinated inauthentic behavior” is Meta’s term for misinformation activity performed by groups of social media accounts on its platforms that target particular groups or demographics. CIB groups, the company said in a 2018 official blog post, are targeted…

Read More
23 Nov

The Biden administration has racked up a host of cybersecurity accomplishments

Data Breaches, Malware, Social Engineering

When it comes to hitting the ground running on cybersecurity, the Biden administration has engaged in an extensive set of initiatives that far outstrip those of the Trump administration – and even those of the Obama administration, which established the previous highwater mark for cybersecurity actions. In mid-October, the White House issued a fact sheet about the Biden-Harris administration’s “relentless focus” on improving the nation’s cybersecurity to tout its impressive sprint. The document outlined the…

Read More
23 Nov

Proofpoint: Watch Out for Nighthawk Hacking Tool Abuse

Information, Malware, News

Security researchers at Proofpoint are calling attention to the discovery of a commercial red-teaming tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors. According to a new report from Proofpoint, Nighthawk is an advanced C2 framework sold by MDSec, a European outfit that sells adversary simulation and penetration testing tools and services. “Nighthawk is at its core a commercially distributed remote access trojan (RAT) that is similar to…

Read More
23 Nov

UK finalizes first independent post-Brexit data transfer deal with South Korea

Data Breaches, Malware, Social Engineering

The UK has finalized its first independent data adequacy decision since leaving the European Union (EU) which will allow UK organisations to securely transfer personal data to the Republic of Korea without restrictions by the end of the year. The UK government stated that the new legislation, first agreed upon in principle in July, will allow businesses in both countries to share data more easily, enhancing opportunities for cooperation and growth. The decision comes following…

Read More
23 Nov

Online retailers should prepare for a holiday season spike in bot-operated attacks

Data Breaches, Malware, Social Engineering

With the holiday shopping season in full swing, retail websites can expect a spike in account takeover fraud, DDoS, and other attacks, including attacks via APIs, which now represent almost half of e-commerce traffic. According to a recent report from application and data security company Imperva, bots account for more than 40% of traffic to online retail websites on average, with around 24% of traffic coming from “bad bots” that engage in various forms of…

Read More
23 Nov

How to reset a Kerberos password and get ahead of coming updates

Data Breaches, Malware, Social Engineering

Do you recall when you last reset your Kerberos password? Hopefully that was not the last time I suggested you change it, back in April of 2021, when I urged you to do a regular reset of the KRBTGT account password. If you’ve followed my advice, you are already one step ahead of the side effects caused by the November updates that introduced Kerberos changes. While many of you may be waiting to install the…

Read More