FBI Clears ProxyLogon Web Shells from Hundreds of Orgs
In a veritable cyber-SWAT action, the Feds remotely removed the infections without warning businesses beforehand. orginal source link
Besondere Features – Muslimischer Fastenmonat: Warum es sich lohnt nach “Ramadan” zu googeln
Für Muslime weltweit hat am Dienstag der Ramadan begonnen. Während des Fastenmonats dürfen sie von Sonnenaufgang bis Sonnenuntergang nicht essen oder trinken, nicht rauchen und keinen Geschlechtsverkehr haben. Google hat…
100,000 Google Sites Used to Install SolarMarket RAT
Search-engine optimization (SEO) tactics direct users searching for common business forms such as invoices, receipts or other templates to hacker-controlled Google-hosted domains. orginal source link
Tax Phish Swims Past Google Workspace Email Security
Crooks are looking to harvest email credentials with a savvy campaign that uses the Typeform service to host the phishing page. orginal source link
Chrome Zero-Day Exploit Posted on Twitter
An update to Google’s browser that fixes the flaw is expected to be released on Tuesday. orginal source link
1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free
Clubhouse denies it was ‘breached’ and says the data is out there for anyone to grab. orginal source link
Man Arrested for AWS Bomb Plot
A man caught in an FBI sting said he wanted to destroy “70 percent of the internet” by going after the tech giant’s data centers. orginal source link
IcedID Circulates Via Web Forms, Google URLs
Attackers are filling out and submitting web-based “contact us” forms, thus evading email spam filters. orginal source link
Zero Trust: The Mobile Dimension
Hank Schless, senior security solutions manager at Lookout, discusses how to secure remote working via mobile devices. orginal source link
DOJ: Creep Coach Finagles Nude Athlete Photos
Allegedly perv college coach charged with cyberstalking and extorting nudes from his female athletes. orginal source link
623M Payment Cards Stolen from Cybercrime Forum
The database was subsequently leaked elsewhere, imperiling consumers from the U.S. and around the world. orginal source link
Network Detection & Response: The Next Frontier in Fighting the Human Problem
Justin Jett, director of audit and compliance for Plixer, discusses the transformation of network-traffic analytics and what it means for cybersecurity now. orginal source link
Data from 500M LinkedIn Users Posted for Sale Online
Like the Facebook incident earlier this week, the information — including user profile IDs, email addresses and other PII — was scraped from the social-media platform. orginal source link
Berufung zurückgenommen – Deal mit Spahn-Ministerium: Hubert Burda Media gewinnt Rechtsstreit gegen Google
Im Rechtsstreit mit Google geht Hubert Burda Media als Sieger hervor. Eigentlich hatte der Suchmaschinenanbieter gegen ein Urteil aus dem Februar Berufung eingelegt. Doch nun macht Google einen juristischen Rückzieher….
Adware Spreads via Fake TikTok App, Laptop Offers
Cybercriminals are encouraging users to send the “offers” via WhatsApp to their friends as well. orginal source link
IcedID Banking Trojan Surges: The New Emotet?
A widespread email campaign using malicious Microsoft Excel attachments and Excel 4 macros is delivering IcedID at high volumes, suggesting it’s filling the Emotet void. orginal source link
Azure Functions Weakness Allows Privilege Escalation
Microsoft’s cloud-container technology allows attackers to directly write to files, researchers said. orginal source link
Attackers Blowing Up Discord, Slack with Malware
One Discord network search turned up 20,000 virus results, researchers found. orginal source link
Fake Netflix App on Google Play Spreads Malware Via WhatsApp
The wormable malware spread from Android to Android by sending messages offering free Netflix Premium for 60 days. orginal source link
Crossing the Line: When Cyberattacks Become Acts of War
Saryu Nayyar, CEO at Gurucul, discusses the new Cold War and the potential for a cyberattack to prompt military action. orginal source link
Critical Cloud Bug in VMWare Carbon Black Allows Takeover
CVE-2021-21982 affects a platform designed to secure private clouds, and the virtual servers and workloads that they contain. orginal source link
SAP Bugs Under Active Cyberattack, Causing Widespread Compromise
Cyberattackers are actively exploiting known security vulnerabilities in widely deployed, mission-critical SAP applications, allowing for full takeover and the ability to infest an organization further. orginal source link
533M Facebook Accounts Leaked Online: Check if You Are Exposed
An estimated 32 million, of the half-billion of Facebook account details posted online, were tied to US-based accounts. orginal source link
LinkedIn Spear-Phishing Campaign Targets Job Hunters
Fake job offers lure professionals into downloading the more_eggs backdoor trojan. orginal source link
Apple Mail Zero-Click Security Vulnerability Allows Email Snooping
The researcher is offering details on CVE-2020-9922, which can be triggered just by sending a target an email with two .ZIP files attached. orginal source link
MAINPIPE