July 4, 2024 at 05:14AM The Mekotio banking trojan is a significant threat to financial systems in Latin America, targeting countries such as Brazil, Chile, Mexico, Spain, and Peru. It infiltrates systems through phishing emails, aiming to steal sensitive information, particularly banking credentials. Users can protect themselves by being cautious with emails, avoiding clicking on … Read more
June 26, 2024 at 08:08AM The P2Pinfect worm, originally targeting Redis servers, has been modified to include ransomware and cryptocurrency mining payloads. This new update poses a heightened threat to Redis servers. This update was reported by SecurityWeek. Based on the meeting notes, the key takeaways are: – The P2Pinfect worm, previously targeting Redis servers, … Read more
June 19, 2024 at 07:00AM A threat actor known as markopolo has been identified as behind a large-scale cross-platform scam targeting digital currency users using social media. The attack involves using a virtual meeting software, Vortax, to deliver malware. The article also highlights cybercriminals’ exploitation of cloud storage services to direct users to phishing landing … Read more
June 3, 2024 at 02:59PM Tenable researchers discovered a high-severity vulnerability in Azure Service Tags, potentially allowing access to customers’ private data. Attackers could exploit the vulnerability to impersonate trusted Azure services, bypass firewall rules, and access internal APIs. Microsoft contends Service Tags are not a security boundary and advises additional authentication and authorization layers … Read more
May 30, 2024 at 11:03AM The RedTail cryptocurrency mining malware has evolved, incorporating a new PAN-OS vulnerability and advanced anti-analysis techniques. It’s known for utilizing patched vulnerabilities in various systems for propagation. The latest version includes encrypted mining configuration and operates without a cryptocurrency wallet, indicating a switch to a private mining pool for financial … Read more
May 29, 2024 at 07:00AM A new North Korean threat actor, Moonstone Sleet, is attributed to cyber attacks targeting various sectors with ransomware and bespoke malware previously associated with the infamous Lazarus Group. Moonstone Sleet uses a combination of old and unique techniques to achieve its objectives, posing a significant threat. The disclosure warns of … Read more
May 23, 2024 at 05:34PM Ransomware dubbed ShrinkLocker, utilizing Microsoft BitLocker to encrypt and extort payments, has been spotted by Kaspersky’s security team. The malware targets various sectors and hinders effective response, maximizing damage. It uses VBScript to determine the OS and allows attackers to change partition labels, extort victims, and delete recovery options. Kaspersky … Read more
May 21, 2024 at 01:22PM GitHub has addressed a critical flaw (CVE-2024-4985) in GitHub Enterprise Server, allowing unauthorized access on instances using SAML SSO with encrypted assertions. The issue affects versions prior to 3.13.0 and has been fixed in versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4. Organizations using vulnerable versions are advised to update for security. … Read more
May 21, 2024 at 07:09AM The number of new ransomware strains has significantly decreased in the past year, indicating that existing tools are successful and there is little need for innovation. Rapid7’s research found only 43 new ransomware families in 2023, a significant drop from 95 the previous year. Ransomware attacks typically start by exploiting … Read more
May 17, 2024 at 08:33AM A new report by XM Cyber has revealed a significant disparity between organizations’ security efforts and actual threats, uncovering 40 million exposures affecting business-critical assets. It emphasizes the need to prioritize high-impact exposures over traditional focus on CVE-based vulnerabilities. The report also underscores the importance of industry-specific security approaches and … Read more