News Summary About Latest Cybersecurity Stories

0 Likes
7 months ago

ZINC attacks against security researchers

https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/ 

ZINC attacks against security researchers - Microsoft Security

In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive security ...

www.microsoft.com

 

---

Authorities plan to mass-uninstall Emotet from infected hosts on April 25, 2021

https://www.zdnet.com/article/authorities-plan-to-mass-uninstall-emotet-from-infected-hosts-on-april-25-2021/ 

Authorities plan to mass-uninstall Emotet from infected hosts on April 25, 2021 | ZDNet

Authorities plan to mass-uninstall Emotet from infected hosts on April 25, 2021. The world's largest malware botnet will become extinct by April after today's coordinated takedown and planned ...

www.zdnet.com

 

---

World’s most dangerous malware emotet disrupted through global action

https://www.europol.europa.eu/newsroom/news/world’s-most-dangerous-malware-emotet-disrupted-through-global-action 

World’s most dangerous malware EMOTET disrupted through global action | Europol

Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET. Investigators have now taken control of its infrastructure in an international coordinated action. Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET.

www.europol.europa.eu

 

---

YouTube Video of police exposing multinational hacker group spreading EMOTET virus

https://www.youtube.com/watch?v=_BLOmClsSpc 

Кіберполіція викрила транснаціональне угруповання хакерів у розповсюдженні вірусу «EMOTET»

Хакери за допомоги вірусного програмного забезпечення здійснювали масові втручання в роботу серверів приватних та державних установ країн Європи та Сполучених Штатів Америки. У ...

www.youtube.com

 

---

Fidelis, Mimecast, Palo Alto Networks, Qualys also impacted by SolarWinds hack

https://securityaffairs.co/wordpress/113893/security/solarwinds-hack-security-providers.html 

Fidelis,Mimecast,Palo Alto Networks,Qualys impacted by SolarWinds hack--Security Affairs

The SolarWinds supply chain attack is worse than initially thought, other security providers, confirmed that they were also impacted. Mimecast, Palo Alto Networks, Qualys, and Fidelis confirmed to have installed tainted updates of the SolarWinds Orion app. Mimecast was the first security provider of ...

securityaffairs.co

 

---

Internals of Lazarus Operation Dream Job

https://0xthreatintel.medium.com/internals-of-lazarus-operation-dream-job-7ced9fc7da3e 

Internals of Lazarus Operation Dream Job | by 0xthreatintel | Jan, 2021 | Medium

Recently few days ago, Lazarus Group is being carrying out Operation Dream Job. This blog is about it's Internals.

0xthreatintel.medium.com

 

---

Here's how a researcher broke into Microsoft VS Code's GitHub

https://www.bleepingcomputer.com/news/security/heres-how-a-researcher-broke-into-microsoft-vs-codes-github/ 

Here's how a researcher broke into Microsoft VS Code's GitHub

This month a researcher was awarded a bug bounty award of an undisclosed amount after he broke into the official GitHub repository of Microsoft Visual Studio Code. A vulnerability in VS Code's ...

www.bleepingcomputer.com

 

---

Dutch police arrested two people for the illegal sale of COVID-19 patient data

https://securityaffairs.co/wordpress/113846/cyber-crime/covid-19-patient-data-sale.html 

Dutch police arrested 2 people for the illegal sale of COVID-19 patient data--Security Affairs

Dutch police have arrested two individuals in the country for selling COVID-19 patient data stolen from the national COVID-19. The availability of COVID-19 patient data in the cybercrime underground was spotted by the RTL Nieuws reporter Daniel Verlaan. […]

securityaffairs.co

 

---

Tesla sues former employee for allegedly stealing sensitive docs

https://securityaffairs.co/wordpress/113808/cyber-crime/tesla-sues-former-employee.html 

Tesla sues former employee for allegedly stealing sensitive docs--Security Affairs

On Saturday, Tesla sued the former employee Alex Khatilov for allegedly stealing 26,000 confidential documents, including trade secrets. The software engineer transferred the sensitive files to his personal Dropbox account. Khatilov stole files […]

securityaffairs.co

 

---

Oscorp, a new Android malware targets Italian users

https://securityaffairs.co/wordpress/113983/malware/oscorp-android-malware.html 

Oscorp, a new Android malware targets Italian users--Security Affairs

Researchers from security firm AddressIntel spotted a new Android malware dubbed Oscorp, its name comes from the title of the login page of its command-and-control server. Like other Android malware, the Oscorp malware trick users into granting […]

securityaffairs.co

 

---

TeamTNT group adds new detection evasion tool to its Linux miner

https://securityaffairs.co/wordpress/113968/malware/teamtnt-group-linux-miner.html 

TeamTNT group adds new detection evasion tool to its Linux miner--Security Affairs

The TeamTNT cybercrime group has upgraded their Linux cryptocurrency miner by adding open-source detection evasion capabilities, AT&T Alien Labs researchers warn. Early this year, researchers from Trend Micro discovered that the TeamTNT botnet was improved with ...

securityaffairs.co

 

---

LogoKit, a new phishing kit that dynamically creates phishing forms

https://securityaffairs.co/wordpress/113961/cyber-crime/logokit-phishing-kit.html 

LogoKit, a new phishing kit that dynamically creates phishing forms--Security Affairs

Researchers from RiskIQ discovered a new phishing kit that outstands for its ability to dynamically create phishing messages to target specific users. LogoKit has a modular structure that makes it easy to implement a phishing-as-as-Service model. This toolkit, unlike […]

securityaffairs.co

 

---

Cryptomining DreamBus botnet targets Linux servers

https://securityaffairs.co/wordpress/113832/malware/dreambus-botnet-linux-servers.html 

Cryptomining DreamBus botnet targets Linux servers--Security Affairs

Researchers at Zscaler’s ThreatLabZ research team recently analyzed a Linux-based malware family, tracked as DreamBus Botnet, which is a variant of SystemdMiner. The bot is composed of a series of Executable and Linkable Format (ELF) binaries and Unix shell scripts ...

securityaffairs.co

 

---

Ransomware attack hit WestRock IT and OT systems

https://securityaffairs.co/wordpress/113843/malware/westrock-ransomware.html 

Ransomware attack hit WestRock IT and OT systems--Security Affairs

American corrugated packaging company WestRock announced it was the victim of a ransomware attack that impacted its information technology (IT) and operational technology (OT) systems. WestRock did not share details about the security incident, it only ...

securityaffairs.co

 

---

Pan-Asian retail giant Dairy Farm suffers REvil ransomware attack

https://www.bleepingcomputer.com/news/security/pan-asian-retail-giant-dairy-farm-suffers-revil-ransomware-attack/ 

Pan-Asian retail giant Dairy Farm suffers REvil ransomware attack

Massive pan-Asian retail chain operator Dairy Farm Group was attacked this month by the REvil ransomware operation. The attackers claim to have demanded a $30 million ransom. The Dairy Farm Group ...

www.bleepingcomputer.com

 

---

Cryptocurrency exchange BuyUcoin hacked, data of 325K users leaked

https://securityaffairs.co/wordpress/113819/cyber-crime/exchange-buyucoin-hacked.html 

Cryptocurrency exchange BuyUcoin hacked, data of 325K users leaked--Security Affairs

A new incident involving a cryptocurrency exchange made the headlines, the India-based cryptocurrency exchange suffered a security incident, threat actors leaked sensitive data of 325K users on the Dark Web. Leaked data includes names, e-mails, mobile numbers, encrypted ...

securityaffairs.co

 

---

Hacker leaks data of 2.28M users of dating site MeetMindful

https://securityaffairs.co/wordpress/113803/data-breach/meetmindful-data-leak.html 

Hacker leaks data of 2.28M users of dating site MeetMindful--Security Affairs

ZDNet first reported that the well-known threat actor ShinyHunters has leaked the data of more than 2.28 million users registered on the dating site MeetMindful, The threat actor leaked the data for free download on a publicly accessible hacking […]

securityaffairs.co

 

---

USCellular hit by a data breach after hackers access CRM software

https://www.bleepingcomputer.com/news/security/uscellular-hit-by-a-data-breach-after-hackers-access-crm-software/ 

USCellular hit by a data breach after hackers access CRM software

Mobile network operator USCellular suffered a data breach after hackers gained access to its CRM and viewed customers' accounts. In a data breach notification filed with the Vermont attorney ...

www.bleepingcomputer.com

 

---

CISA warns of high-severity flaws in Fuji Electric Tellus Lite V-Simulator and Server Lite

https://securityaffairs.co/wordpress/113950/ics-scada/fuji-electric-hmi-flaws.html 

CISA warns of flaws in Fuji Electric Tellus Lite V-Simulator and Server Lite-Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a security advisory to warn industrial organizations of some high severity flaws in SCADA/HMI products made by Japanese electrical equipment company Fuji Electric. The vulnerabilities ...

securityaffairs.co

 

---

Apple addresses three iOS zero-day flaws exploited in the wild

https://securityaffairs.co/wordpress/113914/hacking/apple-ios-zero-day.html 

Apple addresses three iOS zero-day flaws exploited in the wild--Security Affairs

Apple has addressed three zero-day vulnerabilities in iOS that have been exploited in the wild with the release of security updates (iOS 14.4). The first zero-day issue, tracked as CVE-2021-1782, is a race condition that resides in the […]

securityaffairs.co

 

---

Heap-based buffer overflow in Linux Sudo allows local users to gain root privileges

https://securityaffairs.co/wordpress/113900/hacking/sudo-vulnerability-cve-2021-3156.html 

Heap-based buffer overflow in Linux Sudo allows local users to gain root privileges--Security Affairs

CVE-2021-3156 Sudo vulnerability has allowed any local user to gain root privileges on Unix-like operating systems without authentication.

 

Sudo is one of the most important, powerful, and commonly used utilities that comes as a core command pre-installed on macOS and almost every UNIX or Linux-based operating system. sudo is a program for Unix-like computer operating systems that allows […]

securityaffairs.co

 

---

Google fixes severe Golang Windows RCE vulnerability

https://www.bleepingcomputer.com/news/security/google-fixes-severe-golang-windows-rce-vulnerability/

Google fixes severe Golang Windows RCE vulnerability

This month Google engineers have fixed two vulnerabilities in the Go language (Golang), including a severe RCE flaw, and a cryptographic weakness. The RCE vulnerability tracked as CVE-2021-3115 ...

www.bleepingcomputer.com

 

 

 

Labels:

Industry News
Comment List
Anonymous
Related Discussions
Recommended