Chinese actors behind attacks on industrial enterprises and public institutions
China-linked threat actors targeted dozens of industrial enterprises and public institutions in Afghanistan and Europe. In January 2022, researchers at...
News
US sanctioned crypto mixer Tornado Cash used by North Korea-linked APT
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned the crypto mixer service Tornado Cash used by North...
Malicious file analysis – Example 01
Cyber Security Specialist Zoziel Pinto Freire shows an example of malicious file analysis presented during his lecture on BSides-Vitória 2022....
Targeted attack on industrial enterprises and public institutions
In January 2022, Kaspersky ICS CERT experts detected a wave of targeted attacks on military industrial complex enterprises and public...
Orchard botnet uses Bitcoin Transaction info to generate DGA domains
Experts spotted a new botnet named Orchard using Bitcoin creator Satoshi Nakamoto’s account information to generate malicious domains. 360 Netlab...
Twilio discloses data breach that impacted customers and employees
Communications company Twilio discloses a data breach after threat actors have stolen employee credentials in an SMS phishing attack. Communications...
LogoKit update – The phishing kit leveraging Open Redirect Vulnerabilities
LogoKit – Threat actors leveraging Open Redirect Vulnerabilities popular in online services and apps to bypass spam filters in phishing...
Phishy calls and emails play on energy cost increase fears
Gas and electricity price concerns are rife at the moment, with spiralling costs and bigger increases waiting down the line....
Attackers abuse open redirects in Snapchat and Amex in phishing attacks
Threat actors abuse open redirects on Snapchat and American Express to launch phishing attacks against Microsoft 365 users. Attackers abused...
Microsoft is blocking Tutanota email addresses from registering a MS Teams account
Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account. Tutanota is an end-to-end encrypted email app...
Serious cyberattack hits German Chambers of Industry and Commerce (DIHK)
A massive cyberattack hit the website of the German Chambers of Industry and Commerce (DIHK) this week. A massive attack...
Security Affairs newsletter Round 377
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
GwisinLocker ransomware exclusively targets South Korea
Researchers spotted a new family of ransomware, named GwisinLocker, that encrypts Windows and Linux ESXi servers. Researchers warn of a...
Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports
Greek intelligence admitted it had spied on a journalist, while citizens ask the government to reveal the use of surveillance...
Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes
Slack is resetting passwords for approximately 0.5% of its users after a bug exposed salted password hashes when users created...
Twitter confirms zero-day used to access data of 5.4 million accounts
Twitter confirmed that the recent data breach that exposed data of 5.4 million accounts was caused by the exploitation of...
Well-Architected Framework: Sustainability
One of the key pillars of the AWS Well-Architected Framework (WAF) is sustainability: the idea that cloud applications should be...
Cyber Insurance Market 2022: FAQs & Updates with iBynd
iBynd VP of Insurance, Tim Logan, and Trend Micro’s Cyber Risk Specialist Vince Kearns provide insights on cyber insurance must-haves,...
The popularity of Dark Utilities ‘C2-as-a-Service’ rapidly increases
Dark Utilities “C2-as-a-Service” is attracting a growing number of customers searching for a command-and-control for their campaigns. The popularity of the...
DHS warns of critical flaws in Emergency Alert System encoder/decoder devices
The U.S. DHS warns of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices. The Department of Homeland Security...
CISA adds Zimbra email bug to Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds a recently disclosed flaw in the Zimbra email suite to its Known Exploited...
Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor
A threat actor, tracked as TAC-040, exploited Atlassian Confluence flaw CVE-2022-26134 to deploy previously undetected Ljl Backdoor. Cybersecurity firm Deepwatch...
New Linux botnet RapperBot brute-forces SSH servers
RapperBot is a new botnet employed in attacks since mid-June 2022 that targets Linux SSH servers with brute-force attacks. Researchers...
New Woody RAT used in attacks aimed at Russian entities
An unknown threat actor is targeting Russian organizations with a new remote access trojan called Woody RAT. Malwarebytes researchers observed an...
