11 Nov Hackers undetected on Queensland water supplier server for 9 monthsHackers stayed hidden for nine months on a server holding customer information for a Queensland water supplier, illustrating the need of better cyberdefenses for critical infrastructure. […]
11 Nov Magniber ransomware gang now exploits Internet Explorer flaws in attacksThe Magniber ransomware gang is now using two Internet Explorer vulnerabilities and malicious advertisements to infect users and encrypt their devices. […]
11 Nov Russian ‘King of Fraud’ sentenced to 10 years for Methbot botnetThe U.S. Department of Justice (DOJ) sentenced a Russian man for operating a large-scale digital advertising fraud scheme called ‘Methbot’ (‘3ve’) that stole at least $7 million from American companies. […]
11 Nov New bill sets ransomware attack response rules for US financial orgsNew legislation introduced this week by US lawmakers aims to set ransomware attack response “rules of road” for US financial institutions. […]
11 Nov Microsoft: New security updates trigger Windows Server auth issuesMicrosoft says users might experience authentication issues on Domain Controllers (DC) running Windows Server. after installing security updates released during the November Patch Tuesday. […]
10 Nov Lazarus hackers target researchers with trojanized IDA ProA North Korean state-sponsored hacking group known as Lazarus is again trying to hack security researchers, this time with a trojanized pirated version of the popular IDA Pro reverse engineering application. […]
10 Nov Ironic twist: WP Reset PRO bug lets hackers wipe WordPress sitesA high severity security flaw in the WP Reset PRO WordPress plugin can let authenticated attackers wipe vulnerable websites, as revealed by Patchstack security researchers. […]
10 Nov TrickBot teams up with Shatak phishers for Conti ransomware attacksA threat actor tracked as Shatak (TA551) recently partnered with the ITG23 gang (aka TrickBot and Wizard Spider) to deploy Conti ransomware on targeted systems. […]
10 Nov Microsoft patches Excel zero-day used in attacks, asks Mac users to waitDuring this month’s Patch Tuesday, Microsoft has patched an Excel zero-day vulnerability exploited in the wild by threat actors. […]
10 Nov PhoneSpy: Android spyware campaign targeting South Korean usersAn ongoing spyware campaign dubbed ‘PhoneSpy’ targets South Korean users via a range of lifestyle apps that nest in the device and silently exfiltrate data. […]