Cybercrime Archives - Page 19 of 45 - Cyber Security Minute

Chinese Hackers Started Covering Tracks Days Before Public Exposure of Operations

Issued by: Security Week

Tracked as CVE-2021-22893, the vulnerability was made public in late April, after security researchers discovered that threat actors had already been exploiting it in attacks targeting organizations in the defense, financial, government, high tech, and transportation sectors in the U.S. and Europe. At the time, FireEye revealed that at least two Chinese threat actors believed…

Application Security

Facebook Adapts Defenses as Deception Campaigns Go Stealth

Issued by: Security Week

The number of coordinated inauthentic behavior (CIB) campaigns derailed at the leading social network ramped up each year since a Russia-linked operation to sway the outcome of the 2016 US presidential election put Facebook on the defensive. While those behind influence operations (IO) went unchecked on the playing field in 2016, Facebook has invested in…

Malware & Threats

Tulsa Cybersecurity Attack Similar to Pipeline Attack

Issued by: Security Week

“I can’t share anything other than we know who did it,” Mayor G.T. Bynum said, adding that the city did not pay the hackers. “They wanted to talk with us about what (a ransom) would be for them not to announce (the attack) and we never engaged them.” Bynum said Tulsa’s computer security system identified…

Malware & Threats

Microsoft Build Engine Abused for Fileless Malware Delivery

Issued by: Security Week

Described as the build platform for Microsoft and Visual Studio, MSBuild has a feature that allows developers to specify for code to be executed in memory, and adversaries have abused this in a new campaign for the fileless delivery of their malicious payloads. The attacks, which were ongoing last week, likely started in April. As…

Vulnerabilities

Alaska Courts Restore Email, Lack Answers on Cyber Attack

Issued by: Security Week

The court system, in a statement, said it doesn’t know who was behind the attack, why the court system was targeted or how long it will be before services are fully back online. It says it does not believe personal or confidential data was taken from the courts’ computer systems and says no credit card…

Mobile Security

XcodeGhost Malware Discovered in 2015 Impacted 128 Million iOS Users

Issued by: Security Week

The information was uncovered in emails provided recently as part of the antitrust trial between Epic Games and Apple. The game maker filed a lawsuit against the tech giant last year in a California court over its App Store practices, specifically related to Apple removing Epic’s hit game, Fortnite, from the App Store for allegedly…

Malware & Threats

FluBot Android Malware Expected to Start Targeting U.S.

Issued by: Security Week

Initially observed in Spain, FluBot has since expanded operations to reach Germany, Hungary, Italy, Poland, and the UK as well, with tens of thousands of malicious SMS messages that leverage FedEx, DHL, and Correos lures being sent hourly. The malware is believed to have made over 7,000 victims in the UK alone, where the campaign…

Malware & Threats

Dark Hash Collisions: New Service Confidentially Finds Leaked Passwords

Issued by: Security Week

Businesses need to keep their user accounts safe. But there are billions of username and password pairs available to hackers on the dark web. User tendency to reuse passwords on multiple accounts means that hackers may already have your users’ credentials, stolen from a breached third party. The result is the credential stuffing attack. Credential…

Network Security

Outages Blamed on Malware Still Plaguing Budget Airlines

Issued by: Security Week

The company, Radixx, said it noticed “unusual activity” around its reservations program on Tuesday. It did not describe the malware or say how it got into the program. A spokeswoman for Radixx’s parent, Southlake, Texas-based Sabre Corp., said Friday that the company was beginning to restore service to airline customers. Kristin Hays said the company…