Account Takeover Fraud , Cybercrime , Cybercrime as-a-service Threatfabric Says Vultur uses Screen Recording to Target Victims Akshaya Asokan (asokan_akshaya) • July 31, 2021 Vultur is spread disguised as a legitimate app in Google Play Store. (Source: Google Play) A newly uncovered banking Trojan dubbed “Vultur” is targeting Android users through screen recording…
Governance & Risk Management , Patch Management Experts Say Advisory Highlights Vulnerability Management Challenges Dan Gunderman (dangun127) • July 30, 2021 Source: CISA A joint cybersecurity advisory issued by several agencies this week highlighting the ongoing exploits of longstanding software vulnerabilities illustrates the woeful state of patch management, security experts say. See Also:…
The emails of federal prosecutors’ offices around the country were hacked by Russian intelligence during the SolarWinds cyber attack. The Russian hackers had access to the emails of federal prosecutors in New York, California, DC and other jurisdictions from May to December 2020. The Justice Department released the update to “increase transparency” with the public…
Governance & Risk Management , Patch Management Experts Say Advisory Highlights Vulnerability Management Challenges Dan Gunderman (dangun127) • July 30, 2021 Source: CISA A joint cybersecurity advisory issued by several agencies this week highlighting the ongoing exploits of longstanding software vulnerabilities illustrates the woeful state of patch management, security experts say. See Also:…
A new file wiping malware called Meteor was discovered used in the recent attacks against Iran’s railway system. Earlier this month, Iran’s transport ministry and national train system suffered a cyberattack, causing the agency’s websites to shut down and disrupting train service. The threat actors also displayed messages on the railway’s message boards stating that trains…
Business Continuity Management / Disaster Recovery , Cybercrime , Fraud Management & Cybercrime New ‘Pay or Grief’ CryptoLocking Malware Is DoppelPaymer in Disguise, Experts Say Mathew J. Schwartz (euroinfosec) • July 30, 2021 The Grief ransomware operation’s dedicated data leak site (victims’ names redacted) The ransomware landscape constantly changes, which can make it…
TA456 was discovered as the perpetrator of a social engineering and targeted malware campaign on behalf of the Iranian government after spending years impersonating an aerobics instructor on Facebook, according to Proofpoint. The Iranian state-sponsored cybercrime gang developed a contact with an employee working at a subsidiary of an aerospace defense contractor using the social…
DDoS extortion attacks have skyrocketed over the past year and are expected to trend upwards in the future too. DDoS attacks aren’t new threats. However, cybercriminals are leveraging these attacks to extort money from organizations by causing downtimes and preventing legitimate users from accessing the web application. With the global pandemic forcing organizations to adopt…
The Australian Cyber Security Centre (ACSC), Cybersecurity and Infrastructure Security Agency (CISA), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) have released a joint cybersecurity advisory, highlighting the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by cyber actors in 2020 and those vulnerabilities being widely exploited thus far in 2021. Cyber actors…
Australia’s top cyber spy says China’s actions in the hack of Microsoft Exchange email server software were akin to propping open the doors of thousands of homes and leaving them ajar for criminals to get inside. Rachel Noble, the director general of the Australian Signals Directorate (ASD), drew the analogy as she said the Chinese…
