BleepingComputer.com

"Hackers use VPN provider's code certificate to sign malware."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 20 August 2023, 1402 UTC.  Content provided by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

Hackers use VPN provider's code certificate to sign malware

  • The China-aligned APT (advanced persistent threat) group known as 'Bronze Starlight' was seen targeting the Southeast Asian gambling industry with malware signed using a valid certificate used by the Ivacy VPN provider.

  • rust background
     
    SECURITY

Rust devs push back as Serde project ships precompiled binaries

  • Serde, a popular Rust (de)serialization project, has decided to ship its serde_derive macro as a precompiled binary. This has generated a fair amount of concern among some developers who highlight the future legal and technical issues this may pose, along with a potential for supply chain attacks.

  • LockBit 3.0
     
    SECURITY

The Week in Ransomware - August 18th 2023 - LockBit on Thin Ice

  • While there was quite a bit of ransomware news this week, the highlighted story was the release of Jon DiMaggio's third article in the Ransomware Diaries series, with the focus of this article on the LockBit ransomware operation.

  • WinRar
     
    SECURITY, SOFTWARE

WinRAR flaw lets hackers run programs when you open RAR archives

  • A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.

  • Microsoft
     
    MICROSOFT

Hotmail email delivery fails after Microsoft misconfigures DNS

  • Hotmail users worldwide have problems sending emails, with messages flagged as spam or not delivered after Microsoft misconfigured the domain's DNS SPF record.

  • INTERPOL
     
    SECURITY, LEGAL

Interpol arrests 14 suspected cybercriminals for stealing $40 million

  • An international law enforcement operation led by Interpol has led to the arrest of 14 suspected cybercriminals in an operation codenamed 'Africa Cyber Surge II,' launched in April 2023.

  • BlackCat ALPHV ransomware
     
    MICROSOFT

Microsoft: BlackCat's Sphynx ransomware embeds Impacket, RemCom

  • Microsoft has discovered a new version of the BlackCat ransomware that embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network.

  • Hacker
     
    SECURITY

Hackers ask $120,000 for access to multi-billion auction house

  • Hackers have breached the network of a major auction house and offered access to whoever was willing to pay $120,000.

  • PowerShell
     
    SECURITY, MICROSOFT

Microsoft PowerShell Gallery vulnerable to spoofing, supply chain attacks

  • Lax policies for package naming on Microsoft's PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks.

  • Zimbra
     
    SECURITY

Phishing campaign steals accounts for Zimbra email servers worlwide

  • An ongoing phishing campaign has been underway since at least April 2023 that attempts to steal credentials for Zimbra Collaboration email servers worldwide.

  • Windows
     
    MICROSOFT

Windows Task Manager refresh can be paused using CTRL key

  • A very useful and previously unknown Windows tip was revealed this week, where you can halt process jumping in Task Manager by holding down the Ctrl key on your keyboard, allowing easier access to a listed process.

  • Android
     
    SECURITY

Thousands of Android APKs use compression trick to thwart analysis

  • Threat actors increasingly distribute malicious Android APKs (packaged app installers) that resist decompilation using unsupported, unknown, or heavily tweaked compression algorithms.

  • Anonfiles
     
    SECURITY

File sharing site Anonfiles shuts down due to overwhelming abuse

  • Anonfiles, a popular service for sharing files anonymously, has shut down after saying it can no longer deal with the overwhelming abuse by its users.

  • CISA
     
    SECURITY

CISA warns of critical Citrix ShareFile flaw exploited in the wild

  • CISA is warning that a critical Citrix ShareFile secure file transfer vulnerability tracked as CVE-2023-24489 is being targeted by unknown actors and has added the flaw to its catalog of known security flaws exploited in the wild.

  • Google
     
    SECURITY, GOOGLE

Google released first quantum-resilient FIDO2 key implementation

  • Google has announced the first open-source quantum resilient FIDO2 security key implementation, which uses a unique ECC/Dilithium hybrid signature schema co-created with ETH Zurich.

VIEW MORE

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

SecurityWeek Briefing.

Image
"Microsoft offers up to $15,000 in New AI Bug Bounty Program." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 13 October 2023, 2020 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtxdZHmrfcBkMDJSSNTtHlmhQX ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Friday, October 13, 2023 CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware Juniper Networks Patches Over 30 Vulnerabilities in Junos OS In Other News : Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure Microsoft Offers Up to $15,000 in New AI Bug Bounty Program Researcher Co
Read more

Cyber War Newswire

Image
"Fears Russian 'space weapon' could be used for cyberwarfare and sabotage." Views expressed in this cybersecurity and cyberespionage update are those of the reporters and correspondents.  Accessed on 23 May 2024, 2016 UTC. Content and Source:  https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig/Cyber War News-EIN Presswire. Please scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). CYBER WAR NEWS MONITORING Get by    Email    •     RSS Published on  May 22, 2024 Fears Russian 'space weapon' could be used for cyberwarfare and sabotage The US has accused Russia of launching an anti-satellite weapon into space and placing it in the same orbit as an American probe, leading to fears of possible sabotage and cyber warfare. Pentagon spokesman Brigadier General Pat
Read more

SecurityWeek Briefing.

Image
"Health Care Solutions giant disrupted by Cyberattack." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 October 2023, 2033 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGwHLhdlHbpbQJXqhLLSvQbhdnC ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Thursday, October 19, 2023 Healthcare Solutions Giant Disrupted by Cyberattack Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program CipherStash Raises $3 Million for Encryption-in-Use Technology US Government Releases Anti-Phishing Guidance Google Play Protect Gets Real-Time Code Scanning Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,00
Read more