Threatpost
Ransomware Sinks Teeth into Candy-Corn Maker Ahead of Halloween
Thu, 21 Oct 2021 11:50:34 +0000
Chicago-based Ferrara acknowledged an Oct. 9 attack that encrypted some systems and disrupted production.
Google Crushes YouTube Cookie-Stealing Channel Hijackers
Wed, 20 Oct 2021 19:45:21 +0000
Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels. 
VPN Exposes Data for 1M Users, Leading to Researcher Questioning
Wed, 20 Oct 2021 17:53:42 +0000
Experts warn that virtual private networks are increasingly vulnerable to leaks and attack.
Geriatric Microsoft Bug Exploited by APT Using Commodity RATs
Wed, 20 Oct 2021 13:28:13 +0000
Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that's as potent as it is ancient.
Squirrel Bug Lets Attackers Execute Code in Games, Cloud Services
Tue, 19 Oct 2021 21:42:49 +0000
The out-of-bounds read vulnerability enables an attacker to escape a Squirrel VM in games with millions of monthly players – such as Counter-Strike: Global Offensive and Portal 2 – and in some cloud services.
Fresh APT Harvester Reaps Telco, Government Data
Tue, 19 Oct 2021 20:15:01 +0000
The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics.
Lyceum APT Returns, This Time Targeting Tunisian Firms
Tue, 19 Oct 2021 17:16:42 +0000
The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It's kept up attacks through 2021 and is working on retooling its arsenal yet again. 
A Guide to Doing Cyberintelligence on a Restricted Budget
Tue, 19 Oct 2021 15:12:06 +0000
Cybersecurity budget cuts are everywhere. Chad Anderson, senior security researcher at DomainTools, discusses alternatives to fancy tooling, and good human skills alignment.
Feds Warn BlackMatter Ransomware Gang is Poised to Strike
Tue, 19 Oct 2021 13:21:43 +0000
An advisory by the CISA, FBI and NSA reveals hallmark tactics of and shares defense tips against the cybercriminal group that’s picked up where its predecessor DarkSide left off.
TA505 Gang Is Back With Newly Polished FlawedGrace RAT
Tue, 19 Oct 2021 09:00:30 +0000
TA505 – cybercrime trailblazers with ever-evolving TTPs – have returned to mass-volume email attacks, flashing retooled malware and exotic scripting languages.
Feed Fetched by RSS Dog.