Hacker Group Uses RATVERMIN Backdoor to Target Ukrainian Military
Multiple Ukrainian military departments were targeted by a spear phishing campaign which attempted to drop a RATVERMIN backdoor as part of a second-stage payload delivered with the help of a Powershell script. [...]
https://www.bleepingcomputer.com/news/security/hacker-group-uses-ratvermin-backdoor-to-target-ukrainian-military/
Multiple Ukrainian military departments were targeted by a spear phishing campaign which attempted to drop a RATVERMIN backdoor as part of a second-stage payload delivered with the help of a Powershell script. [...]
https://www.bleepingcomputer.com/news/security/hacker-group-uses-ratvermin-backdoor-to-target-ukrainian-military/
BleepingComputer
Hacker Group Uses RATVERMIN Backdoor to Target Ukrainian Military
Multiple Ukrainian military departments were targeted by a spear phishing campaign which attempted to drop a RATVERMIN backdoor as part of a second-stage payload delivered with the help of a Powershell script.
New Microsoft Edge to Warn Users When in Administrator Mode
The upcoming Chromium-based Microsoft Edge browser will warn users when they launch the browser with administrative privileges and suggest that they relaunch the browser as a non-administrator. [...]
https://www.bleepingcomputer.com/news/security/new-microsoft-edge-to-warn-users-when-in-administrator-mode/
The upcoming Chromium-based Microsoft Edge browser will warn users when they launch the browser with administrative privileges and suggest that they relaunch the browser as a non-administrator. [...]
https://www.bleepingcomputer.com/news/security/new-microsoft-edge-to-warn-users-when-in-administrator-mode/
BleepingComputer
New Microsoft Edge to Warn Users When in Administrator Mode
The upcoming Chromium-based Microsoft Edge browser will warn users when they launch the browser with administrative privileges and suggest that they relaunch the browser as a non-administrator.
Malvertising Campaign Abused Chrome to Hijack 500 Million iOS User Sessions
Multiple massive malvertising attacks which targeted iOS users from the U.S. and multiple European Union countries for almost a week used a Chrome for iOS vulnerability to bypass the browser's built-in pop-up blocker. [...]
https://www.bleepingcomputer.com/news/security/malvertising-campaign-abused-chrome-to-hijack-500-million-ios-user-sessions/
Multiple massive malvertising attacks which targeted iOS users from the U.S. and multiple European Union countries for almost a week used a Chrome for iOS vulnerability to bypass the browser's built-in pop-up blocker. [...]
https://www.bleepingcomputer.com/news/security/malvertising-campaign-abused-chrome-to-hijack-500-million-ios-user-sessions/
BleepingComputer
Malvertising Campaign Abused Chrome to Hijack 500 Million iOS User Sessions
Multiple massive malvertising attacks which targeted iOS users from the U.S. and multiple European Union countries for almost a week used a Chrome for iOS vulnerability to bypass the browser's built-in pop-up blocker.
Twitter Announces 'Hide Replies' Feature, Less Reliance on User Reports
Twitter announced today the introduction of a new "Hide replies" feature to its platform in June, providing users with more control over the conversations stemming from their tweet. [...]
https://www.bleepingcomputer.com/news/security/twitter-announces-hide-replies-feature-less-reliance-on-user-reports/
Twitter announced today the introduction of a new "Hide replies" feature to its platform in June, providing users with more control over the conversations stemming from their tweet. [...]
https://www.bleepingcomputer.com/news/security/twitter-announces-hide-replies-feature-less-reliance-on-user-reports/
BleepingComputer
Twitter Announces 'Hide Replies' Feature, Less Reliance on User Reports
Twitter announced today the introduction of a new "Hide replies" feature to its platform in June, providing users with more control over the conversations stemming from their tweet.
'NamPoHyu Virus' Ransomware Targets Remote Samba Servers
A new ransomware family called NamPoHyu Virus or MegaLocker Virus is targeting victims a bit differently than other ransomware. Instead of an executable running on a victim's computer, the attacker is running the ransomware locally and having it remotely encrypt accessible Samba servers. [...]
https://www.bleepingcomputer.com/news/security/nampohyu-virus-ransomware-targets-remote-samba-servers/
A new ransomware family called NamPoHyu Virus or MegaLocker Virus is targeting victims a bit differently than other ransomware. Instead of an executable running on a victim's computer, the attacker is running the ransomware locally and having it remotely encrypt accessible Samba servers. [...]
https://www.bleepingcomputer.com/news/security/nampohyu-virus-ransomware-targets-remote-samba-servers/
BleepingComputer
'NamPoHyu Virus' Ransomware Targets Remote Samba Servers
A new ransomware family called NamPoHyu Virus or MegaLocker Virus is targeting victims a bit differently than other ransomware. Instead of an executable running on a victim's computer, the attacker is running the ransomware locally and having it remotelyβ¦
Over 80% of All Phishing Attacks Targeted U.S. Organizations
U.S. entities remained the most attractive targets of phishing attacks throughout 2018, with an estimated 84% of the total volume of millions of incidents analyzed during the last year by threat intelligence company PhishLabs. [...]
https://www.bleepingcomputer.com/news/security/over-80-percent-of-all-phishing-attacks-targeted-us-organizations/
U.S. entities remained the most attractive targets of phishing attacks throughout 2018, with an estimated 84% of the total volume of millions of incidents analyzed during the last year by threat intelligence company PhishLabs. [...]
https://www.bleepingcomputer.com/news/security/over-80-percent-of-all-phishing-attacks-targeted-us-organizations/
BleepingComputer
Over 80% of All Phishing Attacks Targeted U.S. Organizations
U.S. entities remained the most attractive targets of phishing attacks throughout 2018, with an estimated 84% of the total volume of millions of incidents analyzed during the last year by threat intelligence company PhishLabs.
Script Kiddies Do What They Do Best: Infect Themselves
It's easy to set up a cybercriminal operation these days. But not all crooks are cut out for this game, some ending up not just infecting their own computers but also leaving identifying evidence on supporting infrastructure that is insecure and open to snooping. [...]
https://www.bleepingcomputer.com/news/security/script-kiddies-do-what-they-do-best-infect-themselves/
It's easy to set up a cybercriminal operation these days. But not all crooks are cut out for this game, some ending up not just infecting their own computers but also leaving identifying evidence on supporting infrastructure that is insecure and open to snooping. [...]
https://www.bleepingcomputer.com/news/security/script-kiddies-do-what-they-do-best-infect-themselves/
BleepingComputer
Script Kiddies Do What They Do Best: Infect Themselves
It's easy to set up a cybercriminal operation these days. But not all crooks are cut out for this game, some ending up not just infecting their own computers but also leaving identifying evidence on supporting infrastructure that is insecure and open to snooping.
Researcher Took Control of Microsoft's Live Tile Service, Defacement PoC Demoed
Microsoft has recently lost control of the subdomain used to deliver content to Windows Live Tiles (also known as Windows Start Screen tiles), as discovered by Golem.de journalist and security researcher Hanno BΓΆck. [...]
https://www.bleepingcomputer.com/news/security/researcher-took-control-of-microsofts-live-tile-service-defacement-poc-demoed/
Microsoft has recently lost control of the subdomain used to deliver content to Windows Live Tiles (also known as Windows Start Screen tiles), as discovered by Golem.de journalist and security researcher Hanno BΓΆck. [...]
https://www.bleepingcomputer.com/news/security/researcher-took-control-of-microsofts-live-tile-service-defacement-poc-demoed/
BleepingComputer
Researcher Took Control of Microsoft's Live Tile Service, Defacement PoC Demoed
Microsoft has recently lost control of the subdomain used to deliver content to Windows Live Tiles (also known as Windows Start Screen tiles), as discovered by Golem.de journalist and security researcher Hanno BΓΆck.
UK Announces Introduction of Online Pornography Age Checks in July
UK's government announced today that new age-verification checks will be put into place to prevent Internet users under the age of 18 to access and watch online pornography starting with July 15. [...]
https://www.bleepingcomputer.com/news/security/uk-announces-introduction-of-online-pornography-age-checks-in-july/
UK's government announced today that new age-verification checks will be put into place to prevent Internet users under the age of 18 to access and watch online pornography starting with July 15. [...]
https://www.bleepingcomputer.com/news/security/uk-announces-introduction-of-online-pornography-age-checks-in-july/
BleepingComputer
UK Announces Introduction of Online Pornography Age Checks in July
UK's government announced today that new age-verification checks will be put into place to prevent Internet users under the age of 18 to access and watch online pornography starting with July 15.
Navicent Health Data Breach Exposes Patient's Personal Info
Navicent Health announed today that they suffered a data breach through unauthorized access to their email systems. This breach has exposed the personal information of patients, with some emails containing social security numbers. [...]
https://www.bleepingcomputer.com/news/security/navicent-health-data-breach-exposes-patients-personal-info/
Navicent Health announed today that they suffered a data breach through unauthorized access to their email systems. This breach has exposed the personal information of patients, with some emails containing social security numbers. [...]
https://www.bleepingcomputer.com/news/security/navicent-health-data-breach-exposes-patients-personal-info/
BleepingComputer
Navicent Health Data Breach Exposes Patient's Personal Info
Navicent Health announed today that they suffered a data breach through unauthorized access to their email systems. This breach has exposed the personal information of patients, with some emails containing social security numbers.
Malicious AutoHotkey Scripts Used to Steal Info, Remotely Access Systems
Attackers are targeting potential victims using a malicious AutoHotkey script to avoid detection and to steal information, to drop more payloads, and to remotely access compromised machines using TeamViewerββββββ. [...]
https://www.bleepingcomputer.com/news/security/malicious-autohotkey-scripts-used-to-steal-info-remotely-access-systems/
Attackers are targeting potential victims using a malicious AutoHotkey script to avoid detection and to steal information, to drop more payloads, and to remotely access compromised machines using TeamViewerββββββ. [...]
https://www.bleepingcomputer.com/news/security/malicious-autohotkey-scripts-used-to-steal-info-remotely-access-systems/
BleepingComputer
Malicious AutoHotkey Scripts Used to Steal Info, Remotely Access Systems
Attackers are targeting potential victims using a malicious AutoHotkey script to avoid detection and to steal information, to drop more payloads, and to remotely access compromised machines using TeamViewerββββββ.
Evernote Fixes Remote Code Execution Vulnerability in macOS App
A local file path traversal vulnerability which allows attackers to run arbitrary code on their targets' Macs remotely was fixed by Evernote after receiving a report from security researcher Dhiraj Mishra. [...]
https://www.bleepingcomputer.com/news/security/evernote-fixes-remote-code-execution-vulnerability-in-macos-app/
A local file path traversal vulnerability which allows attackers to run arbitrary code on their targets' Macs remotely was fixed by Evernote after receiving a report from security researcher Dhiraj Mishra. [...]
https://www.bleepingcomputer.com/news/security/evernote-fixes-remote-code-execution-vulnerability-in-macos-app/
BleepingComputer
Evernote Fixes Remote Code Execution Vulnerability in macOS App
A local file path traversal vulnerability which allows attackers to run arbitrary code on their targets' Macs remotely was fixed by Evernote after receiving a report from security researcher Dhiraj Mishra.
Microsoft Edge File Permissions Clash with IE, Allow XXE Attacks
A recently disclosed vulnerability affecting Internet Explorer yet to receive a fix from Microsoft has received a micropatch that denies remote attackers the possibility to exfiltrate local files and run reconnaissance activity on the system. [...]
https://www.bleepingcomputer.com/news/security/microsoft-edge-file-permissions-clash-with-ie-allow-xxe-attacks/
A recently disclosed vulnerability affecting Internet Explorer yet to receive a fix from Microsoft has received a micropatch that denies remote attackers the possibility to exfiltrate local files and run reconnaissance activity on the system. [...]
https://www.bleepingcomputer.com/news/security/microsoft-edge-file-permissions-clash-with-ie-allow-xxe-attacks/
BleepingComputer
Microsoft Edge File Permissions Clash with IE, Allow XXE Attacks
A recently disclosed vulnerability affecting Internet Explorer yet to receive a fix from Microsoft has received a micropatch that denies remote attackers the possibility to exfiltrate local files and run reconnaissance activity on the system.
Instagram Only Showing a Blank White Screen for Many Users
Since yesterday, users have been reporting that they are greeted with a blank or white screen when they open the Instagram app or try to log into their account. [...]
https://www.bleepingcomputer.com/news/software/instagram-only-showing-a-blank-white-screen-for-many-users/
Since yesterday, users have been reporting that they are greeted with a blank or white screen when they open the Instagram app or try to log into their account. [...]
https://www.bleepingcomputer.com/news/software/instagram-only-showing-a-blank-white-screen-for-many-users/
BleepingComputer
Instagram Only Showing a Blank White Screen for Many Users
Since yesterday, users have been reporting that they are greeted with a blank or white screen when they open the Instagram app or try to log into their account.
Broadcom WiFi Driver Flaws Expose Computers, Phones, IoT to RCE Attacks
Broadcom WiFi chipset drivers have been found to contain vulnerabilities impacting multiple operating systems and allowing potential attackers to remotely execute arbitrary code and to trigger denial-of-service according to a DHS/CISA alert and a CERT/CC vulnerability note. [...]
https://www.bleepingcomputer.com/news/security/broadcom-wifi-driver-flaws-expose-computers-phones-iot-to-rce-attacks/
Broadcom WiFi chipset drivers have been found to contain vulnerabilities impacting multiple operating systems and allowing potential attackers to remotely execute arbitrary code and to trigger denial-of-service according to a DHS/CISA alert and a CERT/CC vulnerability note. [...]
https://www.bleepingcomputer.com/news/security/broadcom-wifi-driver-flaws-expose-computers-phones-iot-to-rce-attacks/
BleepingComputer
Broadcom WiFi Driver Flaws Expose Computers, Phones, IoT to RCE Attacks
Broadcom WiFi chipset drivers have been found to contain vulnerabilities impacting multiple operating systems and allowing potential attackers to remotely execute arbitrary code and to trigger denial-of-service according to a DHS/CISA alert and a CERT/CCβ¦
'Sea Turtle' Campaign Focuses on DNS Hijacking to Compromise Targets
For at least two years, a highly capable threat actor has been running a campaign that relied on DNS hijacking to reach their targets. In the operation, at least 40 public and private organizations in 13 countries have been compromised. [...]
https://www.bleepingcomputer.com/news/security/sea-turtle-campaign-focuses-on-dns-hijacking-to-compromise-targets/
For at least two years, a highly capable threat actor has been running a campaign that relied on DNS hijacking to reach their targets. In the operation, at least 40 public and private organizations in 13 countries have been compromised. [...]
https://www.bleepingcomputer.com/news/security/sea-turtle-campaign-focuses-on-dns-hijacking-to-compromise-targets/
BleepingComputer
'Sea Turtle' Campaign Focuses on DNS Hijacking to Compromise Targets
For at least two years, a highly capable threat actor has been running a campaign that relied on DNS hijacking to reach their targets. In the operation, at least 40 public and private organizations in 13 countries have been compromised.
DLL Cryptomix Ransomware Variant Installed Via Remote Desktop
The CryptoMix ransomware is still alive and kicking as a new variant has been spotted being spread in the wild. This new version appends the .DLL extension to encrypted files and is said to be installed through hacked remote desktop services. [...]
https://www.bleepingcomputer.com/news/security/dll-cryptomix-ransomware-variant-installed-via-remote-desktop/
The CryptoMix ransomware is still alive and kicking as a new variant has been spotted being spread in the wild. This new version appends the .DLL extension to encrypted files and is said to be installed through hacked remote desktop services. [...]
https://www.bleepingcomputer.com/news/security/dll-cryptomix-ransomware-variant-installed-via-remote-desktop/
BleepingComputer
DLL Cryptomix Ransomware Variant Installed Via Remote Desktop
The CryptoMix ransomware is still alive and kicking as a new variant has been spotted being spread in the wild. This new version appends the .DLL extension to encrypted files and is said to be installed through hacked remote desktop services.
Hacker Group Exposes Iranian APT Operations and Members
Hackers have revealed details about the inner workings of a cyber-espionage group mostly known in the security community as OilRig, APT34, and HelixKitten, linked to the Iranian government. [...]
https://www.bleepingcomputer.com/news/security/hacker-group-exposes-iranian-apt-operations-and-members/
Hackers have revealed details about the inner workings of a cyber-espionage group mostly known in the security community as OilRig, APT34, and HelixKitten, linked to the Iranian government. [...]
https://www.bleepingcomputer.com/news/security/hacker-group-exposes-iranian-apt-operations-and-members/
BleepingComputer
Hacker Group Exposes Iranian APT Operations and Members
Hackers have revealed details about the inner workings of a cyber-espionage group mostly known in the security community as OilRig, APT34, and HelixKitten, linked to the Iranian government.
RevengeRAT Distributed via Bit.ly, BlogSpot, and Pastebin C2 Infrastructure
A malicious campaign targeting entities from North America, Europe, Asia, and the Middle East during March used a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to create a command-and-control (C2) infrastructure designed to avoid getting blocked by security solutions. [...]
https://www.bleepingcomputer.com/news/security/revengerat-distributed-via-bitly-blogspot-and-pastebin-c2-infrastructure/
A malicious campaign targeting entities from North America, Europe, Asia, and the Middle East during March used a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to create a command-and-control (C2) infrastructure designed to avoid getting blocked by security solutions. [...]
https://www.bleepingcomputer.com/news/security/revengerat-distributed-via-bitly-blogspot-and-pastebin-c2-infrastructure/
BleepingComputer
RevengeRAT Distributed via Bit.ly, BlogSpot, and Pastebin C2 Infrastructure
A malicious campaign targeting entities from North America, Europe, Asia, and the Middle East during March used a combination of pages hosted on Bit.ly, BlogSpot, and Pastebin to create a command-and-control (C2) infrastructure designed to avoid getting blockedβ¦
Windows 10 Application Guard Added to the New Microsoft Edge
Microsoft's Windows Defender Application Guard has been added to the upcoming Chromium-based Microsoft Edge. This security feature allows you to securely browse the web without fear of becoming infected by malicious sites. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-application-guard-added-to-the-new-microsoft-edge/
Microsoft's Windows Defender Application Guard has been added to the upcoming Chromium-based Microsoft Edge. This security feature allows you to securely browse the web without fear of becoming infected by malicious sites. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-10-application-guard-added-to-the-new-microsoft-edge/
BleepingComputer
Windows 10 Application Guard Added to the New Microsoft Edge
Microsoft's Windows Defender Application Guard has been added to the upcoming Chromium-based Microsoft Edge. This security feature allows you to securely browse the web without fear of becoming infected by malicious sites.