Blog item

At least one group of hackers has learned a new trick you need to be aware of.  Security researchers at Kapersky Lab have discovered a malicious campaign-in-progress that is using event logs to store malware. That is a technique that has not been seen or documented until now. This new methodology is designed for maximum stealth, allowing the threat actor to plant fileless malware in the target device's file system. The dropper used in this case makes a copy of the legitimate [...]

Read more

Share Hackers around the world are increasingly targeting verified Twitter accounts with emails designed to pilfer your Twitter login credentials. Verified Twitter accounts differ from standard Twitter accounts in that they sport a large blue check mark next to the user's name, which indicates that the person who owns the account is someone of considerable influence on the platform. To be considered for verified status, you must formally apply for verification, which involves [...]

Read more

Share The MalwareHunterTeam recently discovered a new ransomware operation that is particularly nasty.  Called Onyx, outwardly, the operation does what most ransomware campaigns do.  It gets inside a corporate network, exfiltrates the data that it wants, then seems to encrypt the rest, and then threatens to release the files to the broader public unless their demands for payment are met. An additional fee is demanded to unlock the encrypted files, but there's a catch in this[...]

Read more

Share Security researchers employed by Microsoft have recently spotted a variant of the Sysrv botnet.  They have dubbed the new variant Sysrv-K. This new variant works in two ways.  First, it exploits a flaw in the Spring Cloud Gateway that allows remote code execution (tracked as CVE-2022-22947). Second, the botnet scans the web for WordPress plugins with older, unpatched vulnerabilities. Of significance, this variant of the botnet can take control of web servers, which [...]

Read more

Share Google SMTP relay service is wildly popular and used every day by legions of users.  Unfortunately, hackers around the world are aware of this and increasingly they've begun abusing the SMTP relay service. The basic idea is as follows. Some clever hackers have figured out that they can bypass email security products and deliver malicious emails to their intended targets if they take advantage of certain weaknesses in Google's SMTP relay service. Researchers at the [...]

Read more

Share Google has been making some fantastic changes to bolster user security in recent weeks. That includes changes to their Google Play Store that will require developers to disclose exactly what data they plan to track and collect when users install the apps they create. In a related vein, the tech giant has also recently added some powerful new security features to Google Docs, Sheets, and Slides that now display warning banners any time users attempt to open a suspicious file on [...]

Read more

Share Ask just about any IT security professional and they will tell you that weak user passwords are one of the biggest problems and most persistent threats to corporate networks. Despite years of training, re-training, and near-constant reminders to strengthen passwords, users keep making the same mistakes. They'll re-use the same password across multiple properties. They may use an incredibly weak and easy to guess password that makes it easy for hackers to break in using simple[...]

Read more

Share Some interesting and disturbing changes are afoot in the hacking world.  It appears that the TrickBot gang is now working for the Conti Syndicate. TrickBot is a well-known group of botnet developers responsible for the creation of the BazarLoader. BazarLoader has been used by Conti in the past as their delivery system of choice when it comes to delivering ransomware as part of one of their sophisticated phishing campaigns. Now though, the Conti Syndicate has a new tool at [...]

Read more

A handy new Google Assistant is coming soon to a device near you.  The new feature is designed to automate the frustrating and often time-consuming task of changing your passwords after a breach. This information is according to a tweet from Max Weinbach and a separate report from a group called the Android Police. Google has already implemented a powerful tool to detect when users are making use of passwords that have been compromised in a breach.  This new feature will [...]

Read more

Share Netflix has been talking about cracking down on password sharing for years.  So far, it's been just talk. Recently, the company suffered its first decrease in subscribers in recent memory. They lost more than 200,000 in the first quarter of 2022. That is a fact which sent their stock price reeling. According to the company's estimates, some 100 million households are currently sharing their passwords. It's a safe bet that now the company is serious about it, so you can [...]

Read more