The Hacker News Daily Updates

FBI's perspective on ransomware.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 04 January 2023, 2012 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGrbtzdCXJLCbgNhPkdHbFZRqzj

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

The Hacker News Daily Updates

Protecting the Endpoint to Work from Anywhere As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans to fileless scripts. Download Now Sponsored

LATEST NEWS Jan 4, 2023

Qualcomm Chipsets and Lenovo BIOS Get Security Updates to Fix Multiple Flaws Qualcomm on Tuesday released patches to address multiple security flaws in its chipsets, some of which could be exploited to cause information disclosure and memory corruption. The five vulnerabilities -- tracked from CVE-2022-40516 through CVE-2022-40520 -- also impact Lenovo ThinkPad X13s laptops, prompting the Chinese PC maker to issue BIOS updates to plug the security holes. The list ... Read More

The FBI's Perspective on Ransomware Ransomware: contemporary threats, how to prevent them and how the FBI can help In April 2021, Dutch supermarkets faced a food shortage. The cause wasn't a drought or a sudden surge in the demand for avocados. Rather, the reason was a ransomware attack. In the past years, companies, universities, schools, medical facilities and other organizations have been targeted by ransomware threat ... Read More

New shc-based Linux Malware Targeting Systems with Cryptocurrency Miner A new Linux malware developed using the shell script compiler (shc) has been observed deploying a cryptocurrency miner on compromised systems. "It is presumed that after successful authentication through a dictionary attack on inadequately managed Linux SSH servers, various malware were installed on the target system," AhnLab Security Emergency Response Center (ASEC) said in a report ... Read More

Synology Releases Patch for Critical RCE Vulnerability Affecting VPN Plus Servers Synology has released security updates to address a critical flaw impacting VPN Plus Server that could be exploited to take over affected systems. Tracked as CVE-2022-43931, the vulnerability carries a maximum severity rating of 10 on the CVSS scale and has been described as an out-of-bounds write bug in the remote desktop functionality in Synology VPN Plus Server. Successful exploitation of ... Read More

Enforcement vs. Enrollment-based Security: How to Balance Security and Employee Trust Challenges with an enforcement-based approach An enforcement-based approach to security begins with a security policy backed by security controls, often heavy-handed and designed to prevent employees from engaging in risky behavior or inadvertently expanding the potential attack surface of an organization.  Most organizations exclusively use enforcement-based security controls, usually ... Read More

Hackers Using Stolen Bank Information to Trick Victims into Downloading BitRAT Malware A new malware campaign has been observed using sensitive information stolen from a bank as a lure in phishing emails to drop a remote access trojan called BitRAT. The unknown adversary is believed to have hijacked the IT infrastructure of a Colombian cooperative bank, using the information to craft convincing decoy messages to lure victims into opening suspicious Excel attachments. The ... Read More

Raspberry Robin Worm Evolves to Attack Financial and Insurance Sectors in Europe Financial and insurance sectors in Europe have been targeted by the Raspberry Robin worm, as the malware continues to evolve its post-exploitation capabilities while remaining under the radar. "What is unique about the malware is that it is heavily obfuscated and highly complex to statically disassemble," Security Joes said in a new report published Monday. The intrusions, observed ... Read More

RedZei Chinese Scammers Targeting Chinese Students in the U.K. Chinese international students in the U.K. have been targeted by persistent Chinese-speaking scammers for over a year as part of an activity dubbed RedZei (aka RedThief). "The RedZei fraudsters have chosen their targets carefully, researched them and realized it was a rich victim group that is ripe for exploitation," cybersecurity researcher Will Thomas (@BushidoToken) said in a ... Read More

Protecting the Endpoint to Work from Anywhere As attacks increase, they tend to come through multiple vectors utilizing various techniques, from Trojans to fileless scripts. Download Now Sponsored

This email was sent to kh6jrm@gmail.com. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please click here. Contact The Hacker News: info@thehackernews.com Unsubscribe The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India