The Week in Ransomware - May 20th 2022 - Another one bites the dust•25by Lawrence Abrams / 3h
Ransomware attacks continue to slow down, likely due to the invasion of Ukraine, instability in the region, and subsequent worldwide sanctions against Russia. [...]
Cisco urges admins to patch IOS XR zero-day exploited in attacksCisco has addressed a zero-day vulnerability in its IOS XR router software that allowed unauthenticated attackers to remotely gain access to Redis instances running in NOSi Docker containers. [...]
Microsoft disables telemetry in Windows 11 Subsystem for Android by defaultMicrosoft has updated the Windows Subsystem for Android in Windows 11 to make telemetry collection optional and announced an upgrade to Android 12.1. [...]
Backdoor baked into premium school management plugin for WordPressSecurity researchers have discovered a backdoor in a premium WordPress plugin built as a complete management solution for schools. The malicious code enables a threat actor to execute PHP code without authenticating. [...]
Russian Sberbank says it’s facing massive waves of DDoS attacksSberbank's vice president and director of cybersecurity, Sergei Lebed, has told participants of the Positive Hack Days forum that the company is going through a period of unprecedented targeting by hackers. [...]
Conti ransomware shuts down operation, rebrands into smaller units•300+by Lawrence Abrams / 1d
The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. [...]
Netgear fixes bad Orbi firmware update that locked admin console100+by Lawrence Abrams / 1d
Netgear is pushing out fixes for a bad Orbi firmware update released earlier this month that prevents users from accessing the device's admin console. [...]
Microsoft emergency updates fix Windows AD authentication issuesMicrosoft has released emergency out-of-band (OOB) updates to address Active Directory (AD) authentication issues after installing Windows Updates issued during the May 2022 Patch Tuesday on domain controllers. [...]
Media giant Nikkei’s Asian unit hit by ransomware attackPublishing giant Nikkei disclosed that the group's headquarters in Singapore was hit by a ransomware attack almost one week ago, on May 13th. [...]
Microsoft detects massive surge in Linux XorDDoS malware activity•500+by Sergiu Gatlan / 1d
A stealthy and modular malware used to hack into Linux devices and build a DDoS botnet has seen a massive 254% increase in activity during the last six months, as Microsoft revealed today. [...]
U.S. DOJ will no longer prosecute ethical hackers under CFAAThe U.S. Department of Justice (DOJ) has announced a revision of its policy on how federal prosecutors should charge violations of the Computer Fraud and Abuse Act (CFAA), carving out "good-faith" security research from being prosecuted. [...]
Lazarus hackers target VMware servers with Log4Shell exploits•500+by Bill Toulas / 1d
• The North Korean hacking group known as Lazarus is exploiting the Log4J remote code execution vulnerability to inject backdoors that fetch information-stealing payloads on VMware Horizon servers. [...]
Phishing websites now use chatbots to steal your credentialsPhishing attacks are now using automated chatbots to guide visitors through the process of handing over their login credentials to threat actors. [...]
Microsoft Teams, Windows 11 hacked on first day of Pwn2OwnDuring the first day of Pwn2Own Vancouver 2022, contestants won $800,000 after successfully exploiting 16 zero-day bugs to hack multiple products, including Microsoft's Windows 11 operating system and the Teams communication platform. [...]
QNAP alerts NAS customers of new DeadBolt ransomware attacks•100+by Sergiu Gatlan / 1d
Taiwan-based network-attached storage (NAS) maker QNAP warned customers on Thursday to secure their devices against attacks pushing DeadBolt ransomware payloads. [...]
Comments
Post a Comment
Please leave a comment about our recent post.