Malware

18 Nov

Novel ARCrypter Ransomware Expanding Operations Worlwide

Attacks, Malware

As time goes one, more and more novel ransomware families are surfacing, each with a variety of their own tactics. While this is a new family of ransomware, the techniques used by this ransomware are relatively standard. Numerous detection capabilities around this ransomware exist, many of which are likely already employed by organizations. For one, many organizations already employ queries to detect the “.crypt” file extension. Other detection capabilities around this ransomware include monitoring value…

Read More
18 Nov

Iranian APT Breaches Sector of U.S. Government

Attacks, Malware

As a general rule, whenever security patches are released for any vulnerability, the patch should be tested and implemented as soon as possible. With vulnerabilities such as Log4Shell, which presented a high risk due to the extensive use of on-prem and hybrid Exchange servers and the extensive exploitation in the wild, it is extremely important to get these patches pushed to all affected systems. Often times, threat actors will prey on victims by using old…

Read More
18 Nov

Microsoft Fixes Windows Kerberos Auth Issues in Emergency Updates

Attacks, Malware

Today, Microsoft has released OOB emergency updates that Windows admins must install on all Domain Controllers (DCs) in affected environments. “You do not need to install any update or make any changes to other servers or client devices in your environment to resolve this issue. If you used any workaround or mitigations for this issue, they are no longer needed, and we recommend you remove them,” Microsoft advised. The OOB updates released today are available…

Read More
18 Nov

India drafts new privacy bill for transfer of personal data internationally

Data Breaches, Malware, Social Engineering

The Indian federal government on Friday published a new draft of data privacy laws that would allow personal data transfer to other nations under certain conditions, and impose fines for breaches of data-transfer and data-collection regulations. The proposed legislation has been in the works for about four years. Up until now, the Reserve Bank of India has enacted regulations that make businesses keep transaction data within the country. The government, though, has not issued more…

Read More
18 Nov

Microsoft Warns of Cybercrime Group Delivering Royal Ransomware, Other Malware

Information, Malware, News

A threat actor tracked as DEV-0569 and known for the distribution of various malicious payloads was recently observed updating its delivery methods, Microsoft warns. DEV-0569 has been relying on malicious ads (malvertising), blog comments, fake forum pages, and phishing links for the distribution of malware. Over the past few months, however, Microsoft noticed that the threat actor has started using contact forms to deliver phishing links, while choosing to host fake installers on legitimate-looking software…

Read More
18 Nov

Noname Security releases Recon attack simulator

Data Breaches, Malware, Social Engineering

As breaches increase and companies scramble to go from a defensive to an offensive approach, API-focused Noname Security has launched Recon, whice simulates an attacker performing reconnaissance on an organization’s domains. Recon works from a root-level domain to find other domains, shadow domains, sub-domains, APIs, vulnerabilities, and public issues that put the organization at risk, according to Noname. “Then we start looking at, both actively and passively looking at any API-related information pertaining to those…

Read More
17 Nov

DDoS Attacks Targeting Game Servers Using Updated Version of RapperBot

Attacks, Malware

Since 2021, the list of commonly used credentials in brute-forcing attempts has not changed. Those looking to prevent becoming victims of these styles of attacks should make updates to firmware regularly. Strong and unique passwords should also take the place of the default passwords and devices should be placed behind a firewall if applicable. https://www.bleepingcomputer.com/news/security/updated-rapperbot-malware-targets-game-servers-in-ddos-attacks/

Read More
17 Nov

U.S. Charges Russian Suspects with Operating Z-Library e-Book Site

Attacks, Malware

Global law enforcement cooperation has become the most efficient and effective way to combat international cyber-attacks. FBI director Christopher Wray acknowledged this in a recent statement to the House Homeland Security Committee. “The FBI, using its role as the lead federal agency for threat response, with its law enforcement and intelligence responsibilities, works seamlessly with domestic and international partners to defend their networks, attribute malicious activity, sanction bad behavior, and take the fight to our…

Read More
17 Nov

CISA, NSA, and ODNI Release Guidance for Customers on Securing the Software Supply Chain 

Attacks, Insights, Malware

Original release date: November 17, 2022 | Last revised: November 18, 2022 Today, CISA, the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI), published the third of a three-part series on securing the software supply chain: Securing Software Supply Chain Series – Recommended Practices Guide for Customers. This publication follows the August 2022 release of guidance for developers and October 2022 release of guidance for suppliers. The guidance released…

Read More
17 Nov

#StopRansomware: Hive

Attacks, Insights, Malware

Original release date: November 17, 2022 Today, CISA, the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released joint Cybersecurity Advisory (CSA) #StopRansomware: Hive Ransomware to provide network defenders tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with Hive ransomware variants. FBI investigations identified these TTPs and IOCs as recently as November 2022.  Hive ransomware has targeted a wide range of businesses and critical infrastructure sectors, including…

Read More