Compromised Website Images Camouflage ObliqueRAT Malware
.
The ObliqueRAT malware is now cloaking its payloads as seemingly-innocent image files that are hidden on compromised websites.
Agency Warns Attackers Could Use IT Exploits to Pivot to OT Systems Akshaya Asokan (asokan_akshaya) • May 1, 2021 The U.S. National Security Agency is offering operational technology security guidance for the Defense Department as well as third-party military contractors and firms in the wake of the attack that targeted SolarWinds in 2020….
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service Disruption of Meat Processing Giant JBS Exposes Sector’s Security Shortcomings Scott Ferguson (Ferguson_Writes) • June 4, 2021 Photo: US Department of Agriculture via Flickr/CC The ransomware attack that disrupted operations at meat processing giant JBS for nearly a week has exposed numerous cybersecurity shortcomings within…
Personal information of 20 million BigBasket users is now available online for anyone to download and use BigBasket is one of most popular grocery delivery companies in India HIGHLIGHTS : BigBasket’s alleged database included personal details of affected users The database has been leaked by a hacker known as ShinyHunters BigBasket has not yet confirmed…
Account Takeover Fraud , Cybercrime , Cybercrime as-a-service Threatfabric Says Vultur uses Screen Recording to Target Victims Akshaya Asokan (asokan_akshaya) • July 31, 2021 Vultur is spread disguised as a legitimate app in Google Play Store. (Source: Google Play) A newly uncovered banking Trojan dubbed “Vultur” is targeting Android users through screen recording…
3rd Party Risk Management , Breach Notification , Critical Infrastructure Security REvil Malware Suspected of Infecting Scores of IT Management Companies, Clients Akshaya Asokan (asokan_akshaya) • July 3, 2021 UPDATED July 3, 11:30 a.m. EDT See Also: Rapid Digitization and Risk: A Roundtable Preview IT management software vendor Kaseya sustained a suspected…
Access Management , DevSecOps , Identity & Access Management Critics Say Travis CI’s Security Bulletin is Insufficient Jeremy Kirk (jeremy_kirk) • September 15, 2021 Travis CI, a Berlin-based continuous integration vendor, has patched a serious flaw that exposed signing keys, API keys and access credentials, putting thousands of organizations potentially at risk. See…