malware Archives - Page 22 of 57 - Cyber Security Minute

Files on QNAP NAS Devices Encrypted in Qlocker Ransomware Attacks

Issued by: Security Week

The Taiwanese company, which makes both NAS and professional network video recorder (NVR) solutions, has long been urging users to improve the security of their devices. With QNAP NAS devices being targeted by ransomware families known as Qlocker and eCh0raix, the company is now advising users to download and install the latest Malware Remover version…

Vulnerabilities

FBI Agents Secretly Deleted Web Shells From Hacked Microsoft Exchange Servers

Issued by: Security Week

After a wave of major in-the-wild zero-day attacks against Exchange Server installations that occurred globally in January, savvy organizations scrambled to lock down vulnerable Microsoft email servers and remove web shells that were installed by attackers. In early attacks observed by Microsoft, attackers were able to exploit a series of vulnerabilities to access on-premises Exchange…

Malware & Threats

Collaboration Platforms Increasingly Abused for Malware Distribution, Data Exfiltration

Issued by: Security Week

With the COVID-19 pandemic forcing many organizations to switch to telework, interactive communication platforms such as Discord and Slack saw increased adoption and adversaries didn’t wait long to start abusing these tools. According to Cisco’s Talos researchers, the past year has shown a significant increase in the abuse of such platforms as part of malicious…

Malware & Threats

Cring Ransomware Targets Industrial Organizations

Issued by: Security Week

At the beginning of 2021, the threat actors behind the Cring ransomware were observed launching numerous attacks on European industrial enterprises, forcing at least one organization to shut down a production site. The initial vector of attack was later identified as CVE-2018-13379, a vulnerability in the FortiOS SSL VPN web portal that could allow unauthenticated…

Network Security

All Eyes on PCAP: The Gold Standard of Traffic Analysis

Issued by: Security Week

PCAP, or full packet data capture for analysis, does what it says – it captures the entirety of every packet that comprises the network traffic (both metadata and content). If something happens on the network, PCAP knows about it. Whether it is malware moving data around, or staff arranging a private party, it can be…

Malware & Threats

APT Group Using Voice Changing Software in Spear-Phishing Campaign

Issued by: Security Week

The Molerats hacking group, also tagged as Gaza Hackers Team, Gaza Cybergang, DustySky, Extreme Jackal, and Moonlight, has been active since at least 2012, mainly targeting entities in the Middle East, but also launching attacks against targets in Europe and the United States. Cado Security says that APT-C-23, believed to be part of Molerats, typically…

Vulnerabilities

VMware Patches Critical Flaw in Carbon Black Cloud Workload

Issued by: Security Week

Tracked as CVE-2021-21982 and featuring a CVSS score of 9.1, the recently addressed vulnerability resides in the administrative interface for the appliance and exists because attackers could bypass authentication through manipulation of a URL on the interface. “A malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance…

Vulnerabilities

‘Hades’ Ransomware Hits Big Firms, but Operators Slow to Respond to Victims

Issued by: Security Week

Initially observed in December 2020, the self-named Hades ransomware (a different malware family from the Hades Locker ransomware that emerged in 2016) employs a double-extortion tactic, exfiltrating victim data and threatening to leak it publicly unless the ransom is paid. The adversary appears mainly focused on enterprises, with some of the victims being multi-national organizations…

Application Security

Apple Patches Under-Attack iOS Zero-Day

Issued by: Security Week

The new iOS 14.4.2 was released on Friday with yet another band-aid for Apple’s flagship iOS platform and the company said it was “aware of reports that an exploit for this issue exists in the wild.” As is customary, the company did not provide any additional details on the in-the-wild attacks. A brief advisory describes…

Malware & Threats

Purple Fox Malware Squirms Like a Worm on Windows

Issued by: Security Week

The malware campaign, dubbed Purple Fox, has been active since at least 2018 and the discovery of the new worm-like infection vector is yet another sign that consumer-grade malware continues to reap profits for cybercriminals. According to Guardicore researcher Amit Serper, the Purple Fox operators primarily used exploit kits and phishing emails to build botnets…