Cyware.com: Latest cybersecurity news and articles

Cheerscrypt ransomware targets VMware ESXi servers.

Views expressed in this cybersecurity-cyber crime update are those of the reporters and correspondents.

Accessed on 28 May 2022, 2121 UTC.

Content provided by "Cyware.com."

Source:  https://cyware.com/cyber-security-news-articles

Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts

https://hawaiicybersecurityjournal.blogspot.com

https://paper.li/RussellRoberts (machine learning, artificial intelligence, IoT, and information security)

Latest Cybersecurity News And Articles

Cheerscrypt Ransomware Targets VMware ESXi Servers

Cheerscrypt Ransomware Targets VMware ESXi Servers - Cybersecurity news
The widescale use of VMware ESXi in enterprises has now attracted a new Cheerscrypt ransomware threat that is targeting poorly secured ESXi servers. According to the ransom notes, the attackers give their victims three days to access the provided Tor site to negotiate the ransom payment for a worki ... Read More

Industrial Spy: Data Extortion Marketplace Ventures into Ransomware

Industrial Spy: Data Extortion Marketplace Ventures into Ransomware - Cybersecurity news
MalwareHunterTeam discovered a new malware sample containing a ransom note instead of a promotional text. The note states that the gang has stolen the victim’s data, along with encrypting it.

FBI warns of hackers selling credentials for U.S. college networks

The Federal Bureau of Investigation (FBI) has issued an alert about usernames and passwords giving access to colleges and universities based in the U.S. are available for sale on Russian cybercriminal forums.

GitHub saved plaintext passwords of npm users in log files

GitHub has revealed it stored a "number of plaintext user credentials for the npm registry" in internal logs following the integration of the JavaScript package registry into GitHub's logging systems.

Microsoft finds severe bugs in Android apps from large mobile providers

Security researchers at Microsoft have found high severity vulnerabilities in a framework used by Android apps from multiple large international mobile service providers.

CISA adds 75 actively exploited bugs to its must-patch list in just a week

The US cybersecurity authority is urging everyone to patch a number of software flaws, including some older ones in Microsoft's Silverlight plug-in and Adobe Flash Player.

BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state

The attack has caused severe operational disruption of government services, as thousands of workstations have allegedly been locked by the threat actor. The cyberattack also disrupted COVID-19 tests processing and contact tracing.

Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel

Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers.

Patch released for cross-domain cookie leakage flaw in Guzzle

The flaw resides in Guzzle’s cookie middleware, which is disabled by default, “so most library consumers will not be affected by this issue”, reads a GitHub security advisory published by a Guzzle maintainer on Wednesday (May 25).

Cyber attack downs Regina Public Schools' computer systems

In a statement published to social media networks on Thursday afternoon, officials said that after "several days of investigation" it has become clear that the incident that first began on Sunday is a cyberattack.

Exposed: the threat actors who are poisoning Facebook

An investigation of the infamous “Is That You?” video scam has led Cybernews researchers to a cybercriminal stronghold, from which threat actors have been infecting the social media giant with thousands of malicious links every day.

Attackers Can Use Electromagnetic Signals to Control Capacitive Touchscreens Remotely

GhostTouch, as it's called, "uses electromagnetic interference (EMI) to inject fake touch points into a touchscreen without the need to physically touch it," a group of academics from Zhejiang University and Technical University of Darmstadt said.

FBI Warns of Higher Education Credentials Sold on Cybercrime Forums

The FBI issued an alert on Thursday to inform the higher education sector about the exposure of credentials that can allow threat actors to access user accounts or an organization’s network.

Beware! This WhatsApp scam lets hackers hijack your account using a phone call

Victims get a call from hackers to call on numbers starting with ’67’ or ‘405’. Once they make the call, they are logged out of their WhatsApp accounts and hackers gain complete control of their accounts within seconds.

Hacker Steals Database of Hundreds of Verizon Employees by Gaining Remote Access

A hacker has obtained a database that includes the full name, email addresses, corporate ID numbers, and phone numbers of hundreds of Verizon employees. It’s unclear if all the data is accurate or up to date.

UK: NCSC Report Reveals Phishing Lures Increasingly Disguised as Vaccine Appointments

Bookings for vaccine appointments were falsely advertised on phishing websites in exchange for a fee, a lure that captured said data, allowing phishers to commit fraud and contact victims pretending to be representatives of UK banks.

Hackers Increasingly Using Browser Automation Frameworks for Malicious Activities

Cybersecurity researchers are calling attention to a free-to-use browser automation framework that's being increasingly used by threat actors as part of their attack campaigns.

Magniber Ransomware Gets Upgraded Again to Infect Windows Systems

The virus program itself has not changed much and can infect multiple versions of Windows operating systems. The virus uses the RSA+AES encryption scheme when encrypting files.

18 Oil and Gas Companies Take Cyber Resilience Pledge

The companies taking the pledge include Aker ASA, Aker BP, Aramco, Check Point, Claroty, Cognite, Dragos, Ecopetrol, Eni, EnQuest, Galp, Global Resilience Federation, Maire Tecnimont, Occidental Petroleum, OT-ISAC, Petronas, Repsol, and Suncor.

Cybergang Claims REvil is Back, Executes DDoS Attacks

The defunct REvil ransomware gang is claiming responsibility for a recent distributed denial of service (DDoS) campaign against a hospitality customer of cloud networking provider Akamai.

UK: Three-quarters of Security Pros Believe Current Cybersecurity Strategies Will Shortly Be Obsolete

In a recent survey by Crossword Cybersecurity Plc, 40% of respondents said that their current cybersecurity strategy will likely be outdated in just two years. A further 37% said this would happen in three years.

Microsoft shares mitigation for Windows KrbRelayUp LPE attacks

Microsoft has shared guidance to help admins defend their Windows enterprise environments against KrbRelayUp attacks that enable attackers to gain SYSTEM privileges on Windows systems with default configurations.

Intuit warns of QuickBooks phishing threatening to suspend accounts

Clicking the "Complete Verification" button in the phishing email will likely redirect the recipients to a landing phishing site designed to harvest their personal information or infect their systems with malware.

Ransomware Attack Disrupts Multiple Civil Services in Somerset County

The county had to create temporary Gmail accounts so that residents can contact “critical departments such as the County Commissioners, Health, Emergency Operations, the County Clerk, Sheriff, and Surrogate.”

Comments

Popular posts from this blog

The Cyberwire Daily Briefing

BleepingComputer.com

SecurityWeek Briefing