Application Security , Cybercrime , Cybercrime as-a-service Strikes Increase After ProxyLogon Proof-of-Concept Attack Code Released Akshaya Asokan (asokan_akshaya) • March 20, 2021 There has been a spike in web shells being detected, as ransomware gangs and other attackers increasingly target vulnerable Microsoft Exchange Servers following publication of proof-of-concept attack code for ProxyLogon, which…
Kitboga is the alias of a Twitch and YouTube streamer who focuses on scam baiting – wasting the time of con artists who are trying to steal money from people. He and a few others have now turned to using artificial intelligence bots to deal with some of the scammers. The system recognises what the…
Application Security , Cybercrime , Device Identification Swiss Citizen Allegedly Leaked Victims’ Stolen Data, Including Source Code Jeremy Kirk (jeremy_kirk) , Mathew J. Schwartz (euroinfosec) • March 19, 2021 A Swiss national who recently highlighted flaws in internet-connected Verkada surveillance cameras has been charged with hacking. See Also: Top 50 Security Threats …
March 19, 2021 by Joseph Fitsanakis FINLAND’S INTELLIGENCE AGENCY HAS identified a hacker group with ties to the Chinese state as the culprit of an attack of “exceptional” magnitude and intensity that targeted the Finnish Parliament last year. The attack was reported in December 2020, but had been going on for several weeks prior to…
A malicious Xcode project known as XcodeSpy is targeting iOS devs in a supply-chain attack to install a macOS backdoor on the developer’s computer. Xcode is a free application development environment created by Apple that allows developers to create applications that run on macOS, iOS, tvOS, and watchOS. Like other development environments, it is common…
The malware can grab login credentials for more than 450 apps and bypass SMS-based two-factor authentication Cybercriminals are attempting to take advantage of the popularity of Clubhouse to deliver malware that aims to steal users’ login information for a variety of online services, ESET malware researcher Lukas Stefanko has found. Disguised as the (as yet…
Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. Acer is a Taiwanese electronics and computer maker well-known for laptops, desktops, and monitors. Acer employs approximately 7,000 employees and earned $7.8 billion in 2019. Yesterday, the ransomware gang announced on their…
PC and Device Maker Appears to Have Been Targeted by REvil Scott Ferguson (Ferguson_Writes) • March 21, 2021 (Source: Sergi via Flickr) Acer, one of the world’s largest PC and device makers, has reportedly been targeted by the ransomware gang REvil, aka Sobinokibi, according to multiple published reports. See Also: Live Webinar |…
Attackers are exploiting a recently-patched, critical vulnerability in F5 devices that have not yet been updated. The unauthenticated remote command execution flaw (CVE-2021-22986) exists in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure, and could allow attackers to take full control over a vulnerable system.
The ill-tempered talks in Anchorage involved Secretary of State Antony Blinken and national security adviser Jake Sullivan on the US side, facing off with China’s most senior foreign policy official, Yang Jiechi, and foreign minister Wang Yi. In a blunt opening statement, Mr Blinken said the US….
