1337 h4xx0r5 continue onslaught: iPhone, NSO Group, OnePercenters, WhatsApp, Android, Malware, USPS

August 24, 2021 ~ Eric ~ Leave a comment

I have been in network security for nearly a decade, never have these been this many events in one single year (or perhaps the reporting of the events seems more ubiquitous):

Phishing campaign uses https://t.co/3IpUBx835w XSS vuln to distribute malware – @LawrenceAbrams https://t.co/nFoRrW89rt
— BleepingComputer (@BleepinComputer) August 23, 2021

FBI flash alert warns on OnePercent Group Ransomware attacks

Malicious WhatsApp mod infects Android devices with malware – @serghei https://t.co/P50nDCjibL
— BleepingComputer (@BleepinComputer) August 24, 2021

Realtek SDK flaws exploited to deliver Mirai bot variant

New zero-click exploit used to target Bahraini activists’ iPhones with NSO spyware

Cyber Contagion Battles Rage On: Census Hacked, Liquid Cryptocurrency, Ransomware in Hospitals, Anti-Trust Suits,FTC, Malware, Trickbot

August 19, 2021 ~ Eric ~ Leave a comment

Hackers Breached US Census Bureau in 2020 Using Citrix Exploit

New analysis of Diavol ransomware reinforces the link to TrickBot gang

The pandemic revealed the health risks of hospital ransomware attacks

Liquid cryptocurrency exchange loses $94 million following hack – @serghei https://t.co/BNZAV7IGPy
— BleepingComputer (@BleepinComputer) August 19, 2021

#MalwareLabDaily 0xE3
Analysis automation of #Katien, #Tsunami and #Ziggystratux IRC bots (config extraction) with @GHIDRA_RE script by @Lacework.

There is also a config extractor for PwnRig cryptocurrency miners on their GitHub.https://t.co/1DJ7JiUKSP https://t.co/wPoa3WjmEE
— MalwareLab (@malwarelab_eu) August 17, 2021

FTC files amended antitrust complaint against Facebook

T-Mobile data breach has impacted 48.6 million customers

Year 2021 witnesses over 304.7 million Ransomware attacks so far

Cyber World War – Multiple Fronts – UK, US, AMD, Intel, Crowdfunding, Prometheus TDS, Bot Net, Magecart, Popsicle Finance Android, Microsoft, ProxyShell, Phishing, Ransomware

August 13, 2021August 13, 2021 ~ Eric ~ Leave a comment

Microsoft warns of a evasive year-long spear-phishing campaign targeting Office 365 users

Attackers Scan for Microsoft Exchange ProxyShell Remote Code Execution Vulnerabilities

Gigabyte ransomware attack includes Intel, AMD confidential documents

Crypto Crowdfunding Platform DAO Maker Hacked for $7 Million

Prometheus TDS – An Underground Service Distributes Malwares to Attack Via Hacked Websites

DeFi Protocol Popsicle Finance Hacked for $25 Million

New DNS Bug Let Hackers Spy Valuable Dynamic DNS Data From Millions of Endpoints

What is Magecart Attack, and How Hacker Steals Payment card Details Using It?

UK, US Agencies Warn Of Large-Scale Global Brute Force Attack Targeting Enterprise and Cloud Environments

StealthWorker Botnet Attacks Synology NAS Devices To Deliver Ransomware

Oscorp – New Android Credential Stealing Malware Actively Attack in the Wild

Cyber Warfare Updates – Pakistan, Microsoft, Zero-Day, China, LockBit, PrintNightmare

August 13, 2021 ~ Eric ~ Leave a comment

Pakistan malware mutates into more nefarious variant

Why We Need Better Cybersecurity for the Transportation Sector

Insider threat to Corporate Networks through LockBit Ransomware

Top Telecom Companies in the world digitally compromised by China

Trend Micro warns customers of zero-day attacks against its products

Magniber Ransomware operators use PrintNightmare exploits to infect Windows servers

Microsoft warns of a new unpatched Windows Print Spooler RCE zero-day

Flytrap Android Malware Compromised Thousands of Facebook Accounts Using Coupon Decoys

August 11, 2021 ~ Eric ~ Leave a comment

FlyTrap Android Malware Compromises Thousands of Facebook Accounts

Microsoft Services Under Various Attacks

August 9, 2021 ~ Eric ~ Leave a comment

Serious vulnerability discovered on Microsoft Teams

Praying Mantis Malware targets Microsoft Web Servers

A clever phishing campaign is targeting Office 365 users

APT31 Unleashing Malware Attacks Worldwide

August 4, 2021August 4, 2021 ~ Eric ~ Leave a comment

APT31

Suspected attribution: China

Target sectors: Multiple, including government, international financial organization, and aerospace and defense organizations, as well as high tech, construction and engineering, telecommunications, media, and insurance.

Overview: APT31 is a China-nexus cyber espionage actor focused on obtaining information that can provide the Chinese government and state-owned enterprises with political, economic, and military advantages.

Associated malware: SOGU, LUCKYBIRD, SLOWGYRO, DUCKFAT

Attack vectors: APT31 has exploited vulnerabilities in applications such as Java and Adobe Flash to compromise victim environments.

China-linked APT31 targets Russia for the first time

France ANSSI agency warns of APT31 campaign against French organizations

Malware Found in Official Python Repository – from InfoSecStuff

August 4, 2021 ~ Eric ~ Leave a comment

#cybersecurity https://t.co/wnPkDcu9Qe Credit-card stealing malware found in official Python repository
— InfoSecStuff (@infosecstuff) August 2, 2021

Infect:

Like this:

Infect:

Like this:

Infect:

Like this:

Infect:

Like this:

Infect:

Like this:

Infect:

Like this:

Infect:

Like this:

Infect:

Like this: