Threatpost
Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors
Microsoft's May Patch Tuesday update is triggering authentication errors.
Kategorie: Hacking & Security
Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service
An account promoting the project—which offers a range of threat activity from info-stealing to crypto-mining to ransomware as individual modules—has more than 500 subscribers.
Kategorie: Hacking & Security
Malware Builder Leverages Discord Webhooks
Researchers discovered a simple malware builder designed to steal credentials, then pinging them to Discord webhooks.
Kategorie: Hacking & Security
You Can’t Eliminate Cyberattacks, So Focus on Reducing the Blast Radius
Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company's attack surface and the "blast radius" of a potential attack.
Kategorie: Hacking & Security
Novel ‘Nerbian’ Trojan Uses Advanced Anti-Detection Tricks
The stealthy, feature-rich malware has multistage evasion tactics to fly under the radar of security analysis, researchers at Proofpoint have found.
Kategorie: Hacking & Security
Intel Memory Bug Poses Risk for Hundreds of Products
Dell and HP were among the first to release patches and fixes for the bug.
Kategorie: Hacking & Security
Novel Phishing Trick Uses Weird Links to Bypass Spam Filters
A novel form of phishing takes advantage of a disparity between how browsers and email inboxes read web domains.
Kategorie: Hacking & Security
Actively Exploited Zero-Day Bug Patched by Microsoft
Microsoft's May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments.
Kategorie: Hacking & Security
Ransomware Deals Deathblow to 157-year-old College
Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much.
Kategorie: Hacking & Security
Hackers Actively Exploit F5 BIG-IP Bug
The bug has a severe rating of 9.8, public exploits are released.
Kategorie: Hacking & Security
Conti Ransomware Attack Spurs State of Emergency in Costa Rica
The threat group has leaked data that it claims was stolen in the breach and is promising more government-targeted attacks.
Kategorie: Hacking & Security
Low-rent RAT Worries Researchers
Researchers say a hacker is selling access to quality malware for chump change.
Kategorie: Hacking & Security
FBI: Rise in Business Email-based Attacks is a $43B Headache
A huge spike in fraudulent activities related to attacks leveraging business email accounts is a billion-dollar-problem.
Kategorie: Hacking & Security
Podcast: The State of Secret Sprawl
In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, as well as ways that developers can keep their code safe.
Kategorie: Hacking & Security
USB-based Wormable Malware Targets Windows Installer
Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands.
Kategorie: Hacking & Security
CANs Reinvent LANs for an All-Local World
A close look at a new type of network, known as a Cloud Area Network.
Kategorie: Hacking & Security
F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
The vulnerability is 'critical' with a CVSS severity rating of 9.8 out of 10.
Kategorie: Hacking & Security
VHD Ransomware Linked to North Korea’s Lazarus Group
Source code and Bitcoin transactions point to the malware, which emerged in March 2020, being the work of APT38, researchers at Trellix said.
Kategorie: Hacking & Security
China-linked APT Caught Pilfering Treasure Trove of IP
A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data.
Kategorie: Hacking & Security
Attackers Use Event Logs to Hide Fileless Malware
A sophisticated campaign utilizes a novel anti-detection method.
Kategorie: Hacking & Security