News

 A threat actor is promoting a new criminal carding marketplace by releasing one million credit cards stolen between 2018 and 2019 on hacking forums. Carding is the trafficking and use of stolen credit cards. These credit cards are stolen through point-of-sale malware, magecart attacks on websites, and information stealing trojans. These stolen credit cards are then sold on…

Today’s VERT Alert addresses Microsoft’s August 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-959 on Wednesday, August 11th. In-The-Wild & Disclosed CVEs CVE-2021-36948 This privilege escalation vulnerability that affects the Windows Update Medic Service (WaasMedic) has been actively exploited. Medic Service is a feature of modern…

Application Security , Cybercrime , Fraud Management & Cybercrime Intel, Adobe Roll Out Security Fixes Doug Olenick (DougOlenick) • August 11, 2021     Microsoft’s Patch Tuesday rollout addressed two additional security issues within Windows Print Spooler, including one zero day, . See Also: Automating Security Operations Microsoft’s August security update covers 44 vulnerabilities,…

Poly Network, a decentralized finance (DeFi) platform, has revealed that this week it fell victim to a massive cryptocurrency hack that led to the organization losing allegedly over $611 million. The attack on Poly Network, a protocol allowing users to swap cryptocurrency (including bitcoin) across different blockchains, is believed to be one of the largest…

Endpoint Security , Fraud Management & Cybercrime , Ransomware But the Key Appears to Only Unlock Files Encrypted in the Kaseya Attack Jeremy Kirk (jeremy_kirk) • August 11, 2021     Someone posted a link to this image that contains a decryption key for files encrypted in the Kaseya attack. There’s yet another twist in…

Application Security , Cybercrime , Fraud Management & Cybercrime Intel, Adobe Roll Out Security Fixes Doug Olenick (DougOlenick) • August 11, 2021     Microsoft’s Patch Tuesday rollout addressed two additional security issues within Windows Print Spooler, including one zero day, the company reported. See Also: Live Panel | How Organizations Should Think About Zero…

Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks | IT Security News 9. August 2021 This article has been indexed from Security Affairs The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber Security Centre (ACSC) warns of an escalation in…

Description: Microsoft has released security updates addressing multiple vulnerabilities which affect several Microsoft products or components. The list of security updates can be found at: https://msrc.microsoft.com/update-guide/en-us/releaseNote/2021-Aug Reports indicated that an elevation of privilege vulnerability in Microsoft Windows 10 and some versions of Windows Server (CVE-2021-36948) is being actively exploited and multiple vulnerabilities in Microsoft Windows…

eCh0raix Ransomware Variant Targets QNAP, Synology NAS Devices