Image source: Shutterstock Many are also striking quickly after gaining initial access, a new report shows. Ransomware actors increasingly deployed adversary in the middle (AiTM) tactics to steal credentials and session cookies…
Category: Malware
Mandiant Updates Guidance for Protecting Against Ivanti Vulnerabilities
Image source: Shutterstock Following its disclosure of two new zero-days Jan 31, Ivanti too has updated its mitigation file. Customers who applied previous mitigation would need re-apply it to address new flaws….
Chinese APT actor targeting unpatched SonicWall devices in credential stealing campaign
New attacks are similar to those that other China-backed actors have carried out in recent years as part of cyber espionage and data theft campaigns against US companies. A likely China-based threat…
Destructive “CryWiper” disk-wiping malware is on the loose
Tool masquerades as ransomware but overwrites and destroys data making it unrecoverable, Kaspersky warns Security researchers at Kaspersky have spotted a new disk wiping malware tool dubbed CryWiper landing on target systems,…
Australian Federal Police say Russian threat actor behind Medibank breach
“We will be holding talks with Russian law enforcement about these individuals,” AFP Commissioner says [300 words]. What: The Australian Federal Police (AFP) has identified the threat actor behind the catastrophic attack…
Russia’s Iridium group deploying new ransomware payload
Prestige ransomware marks dangerous shift in strategy for threat actor Microsoft says [299 words]. What: Security researchers at Microsoft have spotted Russia-based threat group Iridium dropping a new ransomware payload dubbed “Prestige”…
Here’s what you need to know of the 4 zero-days in Microsoft’s Nov. update
Microsoft issued patches for of 62 vulnerabilities, nine of which are “Critical” severity and 53 “Important”. Four of the vulnerabilities in Microsoft November 2022 security update are zero-day flaws that are being…
Black Basta ransomware operators are exploiting “PrintNightMare”, “ZeroLogon” and “NoPac” Flaws
New data that researchers at SentinelOne uncovered show that the notorious, financially-motivated FIN7 threat group may be behind—or has strong ties—to the Black Basta ransomware operation [300 words]. Why that matters: FIN7…
RomCom threat actor using spoofed SolarWinds, KeePass apps to distribute RAT
Targets have been Ukraine-based but IT companies, food brokers, and food manufacturers in the U.S., Brazil, and the Philippines are also in its crosshairs, BlackBerry says [300 words]. What: The operators of…
Two new mobile malware threats that researchers are keeping an eye on
Organizations that have BYOD policies need to make sure personally owned mobile devices don’t offer a path into their apps and network, for attackers [277 words]. Here are the two threats Malicious…