Compromised Website Images Camouflage ObliqueRAT Malware
.
The ObliqueRAT malware is now cloaking its payloads as seemingly-innocent image files that are hidden on compromised websites.
Governance & Risk Management , Incident & Breach Response , Legislation & Litigation Class Actions Filed Against Each Company After Hacking Incidents Marianne Kolbasuk McGee (HealthInfoSec) , Doug Olenick (DougOlenick) • July 6, 2021 U.S.-based pharmacy and supermarket chain Kroger and U.K.-based British Airways have each agreed to settle class action lawsuits filed…
Justice Department Tracked the Payment to an FBI-Controlled Bitcoin Wallet Doug Olenick (DougOlenick) • June 7, 2021 The U.S. Justice Department on Monday reported it recouped $2.3 million of the $4.4 million ransom Colonial Pipeline Co. paid following a May 7 DarkSide ransomware attack. The DOJ’s Ransomware and Digital Extortion Task Force…
It seems that law enforcement agencies have seized the servers and customer logs for DoubleVPN, a double-encryption service commonly used by threat actors to evade detection while performing malicious activities. DoubleVPN is a Russian-based VPN service specialized in the double-encryption of the data sent through their service. DoubleVPN works by encrypting the requests when using…
Microsoft researchers on Thursday disclosed two dozen vulnerabilities affecting a wide range of Internet of Things (IoT) and Operational Technology (OT) devices used in industrial, medical, and enterprise networks that could be abused by adversaries to execute arbitrary code and even cause critical systems to crash.“These remote code execution (RCE) vulnerabilities cover more than 25…
Fraud Management & Cybercrime , Next-Generation Technologies & Secure Development , Ransomware Sophos: Methods Include ‘Intermittent Encryption’ Rashmi Ramesh • September 2, 2021 Visual comparison of the same text document encrypted by DarkSide and LockFile (Source: Sophos) The operators of LockFile ransomware have adopted new techniques, including “intermittent encryption,” to help evade detection,…
Endpoint Security , Governance & Risk Management , Internet of Things Security Researcher: If Exploited, an Attacker at Close Range Could Inject Malicious Code Prajeet Nair (@prajeetspeaks) • May 14, 2021 A Belgian security researcher says he uncovered vulnerabilities that affect all modern Wi-Fi security protocols and most wirelessly connected devices, including smartphones,…