Security Affairs

Black Friday and Cyber Monday, crooks are already at work

The experts at Bitdefender noticed that between October 26 and November 6, the rate of unsolicited Black Friday emails peaked on Nov 9, when reached 26% of all Black Friday-related messages.

New Octocrypt, Alice, and AXLocker Ransomware Families Discovered, Two of Them Being RaaS Operations

The AXLocker ransomware encrypts victims’ files and steals Discord tokens from the infected machine. Octocrypt is a Golang-based ransomware and its operators are adopting the Ransomware-as-a-Service (RaaS) business model.

PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

The bugs impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell in the context of the system and gain arbitrary or remote code execution on vulnerable servers.

Two public schools in Michigan hit by a ransomware attack

The public schools in Jackson and Hillsdale counties, Michigan, started experiencing a systems outage affecting critical operating systems on Monday, the outage occurred because they were victims of a ransomware attack detected over the weekend.

F5 fixed 2 high-severity Remote Code Execution bugs in its products

Rapid7 researchers discovered several vulnerabilities in F5 BIG-IP and BIG-IQ devices running a customized distribution of CentOS. The experts also discovered several bypasses of security controls that F5 does not recognize as exploitable flaws.

Have board directors any liability for a cyberattack against their company?

To indicate the size of the cyber risk to companies, there is, on average, a cyberattack every 39 seconds, which does not mean that every attack is successful, but that there is an attempt to access companies’ computer systems with that frequency.

Ukraine Police, Europol dismantled a transnational fraud group that made $208 million per year

The group defrauded investors through a pseudo-investment scheme in cryptocurrencies and securities, the investigation began in 2020. The investors were tricked into initiating a series of fake investments.

Update: LockBit gang leaked data stolen from global high-tech giant Thales

Earlier this month, the French defense and technology group confirmed to be aware that the LockBit 3.0 ransomware group claimed to have stolen some of its confidential data.

Canadian supermarket chain giant Sobeys suffered a ransomware attack

Sobeys published a notice to inform customers of the IT problems that it is suffering. During the last week, grocery stores and pharmacies belonging to the company have experienced IT issues.

Researchers Warn of Malicious Packages on PyPI Using Steganography Techniques

The malicious package infects PyPI users through open-source projects on Github. The package was uploaded to PyPI on October 31, 2022, it had a vague header stating this is a ‘core lib for REST API’.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags