|Ransomware Sinks Teeth into Candy-Corn Maker Ahead of Halloween|
|Thu, 21 Oct 2021 11:50:34 +0000|
Chicago-based Ferrara acknowledged an Oct. 9 attack that encrypted some systems and disrupted production.
|Google Crushes YouTube Cookie-Stealing Channel Hijackers|
|Wed, 20 Oct 2021 19:45:21 +0000|
Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels.
|VPN Exposes Data for 1M Users, Leading to Researcher Questioning|
|Wed, 20 Oct 2021 17:53:42 +0000|
Experts warn that virtual private networks are increasingly vulnerable to leaks and attack.
|Geriatric Microsoft Bug Exploited by APT Using Commodity RATs|
|Wed, 20 Oct 2021 13:28:13 +0000|
Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that's as potent as it is ancient.
|Squirrel Bug Lets Attackers Execute Code in Games, Cloud Services|
|Tue, 19 Oct 2021 21:42:49 +0000|
The out-of-bounds read vulnerability enables an attacker to escape a Squirrel VM in games with millions of monthly players – such as Counter-Strike: Global Offensive and Portal 2 – and in some cloud services.
|Fresh APT Harvester Reaps Telco, Government Data|
|Tue, 19 Oct 2021 20:15:01 +0000|
The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics.
|Lyceum APT Returns, This Time Targeting Tunisian Firms|
|Tue, 19 Oct 2021 17:16:42 +0000|
The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It's kept up attacks through 2021 and is working on retooling its arsenal yet again.
|A Guide to Doing Cyberintelligence on a Restricted Budget|
|Tue, 19 Oct 2021 15:12:06 +0000|
Cybersecurity budget cuts are everywhere. Chad Anderson, senior security researcher at DomainTools, discusses alternatives to fancy tooling, and good human skills alignment.
|Feds Warn BlackMatter Ransomware Gang is Poised to Strike|
|Tue, 19 Oct 2021 13:21:43 +0000|
An advisory by the CISA, FBI and NSA reveals hallmark tactics of and shares defense tips against the cybercriminal group that’s picked up where its predecessor DarkSide left off.
|TA505 Gang Is Back With Newly Polished FlawedGrace RAT|
|Tue, 19 Oct 2021 09:00:30 +0000|
TA505 – cybercrime trailblazers with ever-evolving TTPs – have returned to mass-volume email attacks, flashing retooled malware and exotic scripting languages.