Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts
An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. “This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts), along with CMD-based scripts to carry out its malicious activities,” the BlackBerry Research and Intelligence Team said in a report
New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal
An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal. Trend Micro, which examined an x64 VMware ESXi version targeting Linux machines, said it identified an “extremely high degree of similarity” between Royal and BlackSuit. “In fact, they’re nearly identical, with 98% similarities […]
Cloud Security Tops Concerns for Cybersecurity Leaders: EC-Council’s Certified CISO Hall of Fame Report 2023
A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity talent. EC-Council, the global leader in cybersecurity education and training, released its Certified Chief Information Security Officer Hall of […]
Update now! MOVEit Transfer vulnerability actively exploited
On May 31, 2023, Progress Software released a security bulletin about a critical vulnerability in MOVEit Transfer. The security bulletin states: “a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an un-authenticated attacker to gain unauthorized access to MOVEit Transfer’s database. Depending on the database engine being used […]
Kaspersky Reveals iPhones of Employees Infected with Spyware
By Waqas The researchers discovered the oldest traces of infection in 2019, and it is believed that the attack is still active. This is a post from HackRead.com Read the original post: Kaspersky Reveals iPhones of Employees Infected with Spyware
Google’s Latest Android Feature Drop: Dark Web Search for Gmail ID
By Habiba Rashid The dark web search feature enables users to scan for their Gmail address on the dark web and receive guidance on online protection. This is a post from HackRead.com Read the original post: Google’s Latest Android Feature Drop: Dark Web Search for Gmail ID
Shiba Inu: The Meme Coin Fueling an Open-Source Ecosystem
By Owais Sultan The cryptocurrency niche has come a long way since Bitcoin’s inception and it is now far from the… This is a post from HackRead.com Read the original post: Shiba Inu: The Meme Coin Fueling an Open-Source Ecosystem
New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. “Horabot enables the threat actor to control the victim’s Outlook mailbox, exfiltrate contacts’ email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim’s mailbox,” Cisco Talos researcher Chetan […]
The Importance of Managing Your Data Security Posture
Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it? Data security posture management (DSPM) became mainstream following the publication
Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that’s designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of “basic machine enumeration and command execution via PowerShell or Goroutines.” What the malware lacks in