Cranefly Hackers Use Stealthy Techniques to Deliver and Control Malware
These attackers reportedly spent at least 18 months on victim networks
Cyber News, Cyber Threat Trends
- October 28, 2022
Cloud Security Made Simple in New Guidebook For Lean Teams
Cloud computing was the lifeline that kept many companies running during the pandemic. But it was a classic case of medicine that comes with serious side effects. Having anywhere, anytime access to data and apps gives companies tremendous flexibility in a fast-changing world, plus the means to scale and customize IT at will. The cloud is an […]
Cyber News, Cyber Threat Trends
- October 28, 2022
High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices
Multiple high-severity security flaws have been disclosed as affecting Juniper Networks devices, some of which could be exploited to achieve code execution. Chief among them is a remote pre-authenticated PHP archive file deserialization vulnerability (CVE-2022-22241, CVSS score: 8.1) in the J-Web component of Junos OS, according to Octagon Networks researcher Paulos Yibelo. “This vulnerability
Cyber News, Cyber Threat TrendsRaspberry Robin Worm Actors Linked to Clop, LockBit Ransomware Groups
Microsoft said the worm had alternate infection methods beyond its original USB drive spread
Cyber News, Cyber Threat TrendsCritical Vulnerability in Open SSL
There are no details yet, but it’s really important that you patch Open SSL 3.x when the new version comes out on Tuesday. How bad is “Critical”? According to OpenSSL, an issue of critical severity affects common configurations and is also likely exploitable. It’s likely to be abused to disclose server memory contents, and potentially […]
Cyber News, Cyber Threat Trends
- October 28, 2022
AWS Changing ARNs in Trust Policies — Big Problems
AWS Changing ARNs in Trust Policies — Big Problems ACM.94 Trying to restore things after a user gets deleted leaves you in a malformed state for which there is no simple recovery This is a continuation of my series on Automating Cybersecurity Metrics. While updating my code in prior posts, the KMSAdmin user got inadvertently deleted so I couldn’t […]
Cyber News, Cyber Threat Trends
- October 28, 2022
These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets
Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device fraud. “These droppers continue the unstopping evolution of malicious apps sneaking to the official store,” Dutch mobile security firm ThreatFabric
Cyber News, Cyber Threat Trends
- October 28, 2022
Updates to Apple’s zero-day update story – iPhone and iPad users read this!
Turns out that Tuesday’s zero-day for iOS 16 is Friday’s zero-day for iOS 15…
Cyber News, Cyber Threat Trends
- October 28, 2022
Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints
The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot (aka Silence), and Clop ransomware. It is “part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread,” the Microsoft Security Threat Intelligence Center (MSTIC
Cyber News, Cyber Threat Trends