BleepingComputer.com: Latest cybersecurity news

 "New QBot email attacks use PDF and WF combo to install malware."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 17 April 2023, 1446 UTC.  Content provided by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ ("Bleeping Computer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net and https://paper.li/RussellRoberts).

New QBot email attacks use PDF and WSF combo to install malware

  • QBot malware is now distributed in phishing campaigns utilizing PDFs and Windows Script Files (WSF) to infect Windows devices.

  • Android
     

New Chameleon Android malware mimics bank, govt, and crypto apps

  • A new Android trojan called 'Chameleon' has been targeting users in Australia and Poland since the start of the year, mimicking the CoinSpot cryptocurrency exchange, an Australian government agency, and the IKO bank.

  • Apple locked encrypted
     

LockBit ransomware encryptors found targeting Mac devices

  • The LockBit ransomware gang has created encryptors targeting Macs for the first time, likely becoming the first major ransomware operation to ever specifically target macOS.

  • CISA
     

CISA warns of Android bug exploited by Chinese app to spy on users

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a high-severity Android vulnerability believed to have been exploited by a Chinese e-commerce app Pinduoduo as a zero-day to spy on its users.

  • NCR suffers Aloha POS outage after BlackCat ransomware attack
     

NCR suffers Aloha POS outage after BlackCat ransomware attack

  • NCR is suffering an outage on its Aloha point of sale platform after being hit by an ransomware attack claimed by the BlackCat/ALPHV gang.

  • Hacker smiley
     

Hackers start abusing Action1 RMM in ransomware attacks

  • Security researchers are warning that cybercriminals are increasingly using the Action1 remote access software for persistence on compromised networks and to execute commands, scripts, and binaries.

  • Android
     

Android malware infiltrates 60 Google Play apps with 100M installs

  • A new Android malware named 'Goldoson' has infiltrated the platform's official app store, Google Play, through 60 apps that collectively have 100 million downloads.

  • Evil Creepy Hacker
     

The Week in Ransomware - April 14th 2023 - A Focus on Stolen Data

  • It has been mostly a quiet week regarding ransomware, with only a few bits of info released on older attacks and some reports released on existing organizations.

  • Hand data data leak hacker
     

Vice Society ransomware uses new PowerShell data theft tool in attacks

  • The Vice Society ransomware gang is deploying a new, rather sophisticated PowerShell script to automate data theft from compromised networks.

  • Windows 11 laptop
     

Microsoft expands Start menu ads test with new ‘treatments’

  • Microsoft is testing new ads in the Windows Start menu, or what it describes as "new treatments," for users logged into local accounts as part of a "badging" expansion.

  • Google Chrome
     

Google Chrome emergency update fixes first zero-day of 2023

  • Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year.

  • Darktrace
     

Darktrace: Investigation found no evidence of LockBit breach

  • Cybersecurity firm Darktrace says it found no evidence that the LockBit ransomware gang breached its network after the group added an entry to their dark web leak platform, implying that they stole data from the company's systems.

  • NATO Cyberattacks Russia
     

Russia accuses NATO of launching 5,000 cyberattacks since 2022

  • The Federal Security Service of the Russian Federation (FSB) has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure in the country since the beginning of 2022.

  • Malware Phishing
     

Microsoft: Phishing attack targets accountants as Tax Day approaches

  • Microsoft is warning of a phishing campaign targeting accounting firms and tax preparers with remote access malware allowing initial access to corporate networks.

  • Windows
     

Microsoft: Windows LAPS is incompatible with legacy policies

  • Microsoft is investigating an interoperability bug between the recently added Windows Local Administrator Password Solution (LAPS) feature and legacy LAPS policies.

  • Windows 11 HDR
     

Windows 11 is getting a new 'Presence sensing' privacy setting

  • Windows 11 is getting a new privacy setting that allows users to control whether applications can detect when actively interacting with the device.

VIEW MORE

Comments

Popular posts from this blog

BleepingComputer.com

The Cyberwire Daily Briefing

SecurityWeek Briefing