Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Proofpoint: New Code Makes ‘RustyBuer’ Version Harder to Detect Doug Olenick (DougOlenick) • May 3, 2021 A malicious attachment containing RustyBuer malware (Source: Proofpoint) Attackers are using a freshly updated variant of the Buer first-stage malware loader rewritten in the…
Iranian state-sponsored attackers have been linked to a variety of cyberespionage activities aimed at organizations all over the world. Flashpoint security experts recently discovered another ransomware strain from Iran, that has been operating since July 2020. According to Flashpoint, Iran’s Islamic Revolutionary Guard Corps (IRGC) was running a ransomware campaign through Emen Net Pasargard, an Iranian…
The health care system says it has suspended access to patient portals and other applications related to operations at Scripps facilities. Scripps Health is in the aftermath of a cyberattack that has disrupted patient portals and forced employees to use offline chart systems. Some patients’ appointments have been rescheduled. The health care system confirmed on…
Security researchers document 21 major security vulnerabilities in Exim and warn that users are exposed to remote code execution flaws Security researchers at Qualys have discovered multiple gaping security holes in Exim, a widely deployed mail server that has been targeted in the past by advanced nation state-based threat actors. An advisory from Qualys documents…
All defenses against Spectre side-channel attacks can now be considered broken, leaving billions of computers and other devices just as vulnerable today as they were when the hardware flaw was three years ago. A paper published on Friday by a team of computer scientists from the University of….
Most mobile app users tend to blindly trust that the apps they download from app stores are safe and secure. But that isn’t always the case. To demonstrate the pitfalls and identify vulnerabilities on a large scale, cybersecurity and machine intelligence company CloudSEK recently provided a platform called BeVigil where individuals can search and check…
Security Researcher Released PoC Exploit for High-severity Vulnerability in Microsoft Exchange | IT Security News 4. May 2021 Last week, security specialist Nguyen Jang has released technical information and proof-of-concept exploit (PoC) code for the severe flaw CVE-2021-28482 in Microsoft Exchange Server that could be used by hackers to perform code on vulnerable systems. The…
The Bill and Melinda Gates Foundation is likely to continue as now despite the couple announcing their divorce after 27 years of marriage, Dr Beth Breeze, director of the Centre for Philanthropy, at Kent University, said. “They have got a 21-year history in their foundation of giving sums larger than anyone has given historically, working…
New Pingback Malware Using ICMP Tunneling to Evade C&C Detection | IT Security News 4. May 2021 Researchers on Tuesday disclosed a novel malware that uses a variety of tricks to stay under the radar and evade detection, while stealthily capable of executing arbitrary commands on infected systems.Called ‘Pingback,’ the Windows malware leverages Internet Control…
The Alaska Court System (ACS) was forced to temporarily disconnect its online servers this week due to a cyberattack that installed malware on their systems, disrupting virtual court hearings. According to a statement put out by the ACS on Saturday, the court’s website had been taken offline and the ability to search court cases had…
