FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks
The infamous Carbanak operator is moving is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure ‘pen-testing’ company. orginal source link
REvil Servers Shoved Offline by Governments – But They’ll Be Back, Researchers Say
A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline. orginal source…
Cisco SD-WAN Security Bug Allows Root Code Execution
The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw. orginal source link
TA551 Shifts Tactics to Install Sliver Red-Teaming Tool
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment. orginal source link
Gigabyte Allegedly Hit by AvosLocker Ransomware
If AvosLocker stole Gigabyte’s master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds. orginal source link
Google Crushes YouTube Cookie-Stealing Channel Hijackers
Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels. orginal source link
Why is Cybersecurity Failing Against Ransomware?
Hardly a week goes by without another major company falling victim to a ransomware attack. Nate Warfield, CTO at Prevailion, discusses the immense challenges in changing that status quo. orginal…
VPN Exposes Data for 1M Users, Leading to Researcher Questioning
Experts warn that virtual private networks are increasingly vulnerable to leaks and attack. orginal source link
Geriatric Microsoft Bug Exploited by APT Using Commodity RATs
Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that’s as potent as it is ancient. orginal source link
Squirrel Bug Lets Attackers Execute Code in Games, Cloud Services
The out-of-bounds read vulnerability enables an attacker to escape a Squirrel VM in games with millions of monthly players – such as Counter-Strike: Global Offensive and Portal 2 – and…
Fresh APT Harvester Reaps Telco, Government Data
The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics. orginal source link
Lyceum APT Returns, This Time Targeting Tunisian Firms
The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working on…
A Guide to Doing Cyberintelligence on a Restricted Budget
Cybersecurity budget cuts are everywhere. Chad Anderson, senior security researcher at DomainTools, discusses alternatives to fancy tooling, and good human skills alignment. orginal source link
Time to Build Accountability Back into Cybersecurity
Chris Hass, director of information security and research at Automox, discusses how to assign security responsibility, punishment for poor cyber-hygiene and IDing ‘security champions’ to help small businesses. orginal source…
TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates
The group – which also created BazarLoader and the Conti ransomware – has juiced its distribution tactics to threaten enterprises more than ever. orginal source link
Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak
Missouri Gov. Mike Parson launched a criminal investigation of a reporter who flagged a state website that exposed 100K+ Social-Security numbers for teachers and other state employees. orginal source link
Rickroll Grad Prank Exposes Exterity IPTV Bug
IPTV and IP video security is increasingly under scrutiny, even by high school kids. orginal source link
Verizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack
Visible says yes, user accounts were hijacked, but it denied a breach. As of today, users are still posting tales of forcibly changed passwords and getting stuck with bills for…
CryptoRom Scam Rakes in $1.4M by Exploiting Apple Enterprise Features
The campaign, which uses the Apple Developer Program and Enterprise Signatures to get past Apple’s app review process, remains active. orginal source link
FreakOut Botnet Turns DVRs Into Monero Cryptominers
The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems. orginal source link
Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers
A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc. orginal source link
OpenSea ‘Free Gift’ NFTs Drain Cryptowallet Balances
Cybercriminals exploited bugs in the world’s largest digital-goods marketplace to create malicious artwork offered as a perk to unsuspecting users. orginal source link
30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware
The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza. orginal…
Microsoft Kills Bug Being Exploited in MysterySnail Espionage Campaign
Microsoft’s October 2021 Patch Tuesday included security fixes for 74 vulnerabilities, one of which is a zero-day being used to deliver the MysterySnail RAT to Windows servers. orginal source link
Office 365 Spy Campaign Targets US Military Defense
An Iran-linked group is taking aim at makers of drones and satellites, Persian Gulf ports and maritime shipping companies, among others. orginal source link
MAINPIPE