News

FBI: BlackCat ransomware scratched 60-plus orgs

The Register - Mon, 25/04/2022 - 07:42
Plus: Cisco Umbrella flaw patched, lid blown off TeamTNT, and ICS security folks join JCDC party

In brief  The BlackCat ransomware gang, said to be the first-known ransomware group to successfully break into networks with Rust-written malware, has attacked at least 60 organizations globally as of March, according to the FBI.…

Categories: News

Now Mandiant says 2021 was a record year for exploited zero-day security bugs

The Register - Sat, 23/04/2022 - 09:44
Now that's a race condition

The number of zero-day vulnerabilities exploited in the wild reached an all-time high last year, according to Mandiant.…

Categories: News

US DOJ probes Google's $5.4b Mandiant acquisition

The Register - Fri, 22/04/2022 - 21:52
Seems it's not a social network or an instant chat app used by tens of millions, so scrutiny it is, then

Federal regulators are taking a closer look at Google's planned $5.4 billion acquisition of Mandiant, a deal designed to boost the web giant's public cloud's cybersecurity capabilities.…

Categories: News

Hive ransomware affiliate zeros in on Exchange servers

The Register - Fri, 22/04/2022 - 17:00
Threat actor exploited known vulnerabilities in the Microsoft software to compromise multiple systems

An affiliate of the aggressive Hive ransomware group is exploiting known vulnerabilities in Microsoft Exchange servers to encrypt and exfiltrate data and threaten to publicly disclose the information if the ransom isn't paid.…

Categories: News

REvil resurrected? Ransomware crew appears to be back. Keyword: Appears

The Register - Fri, 22/04/2022 - 07:24
Months after arrests, gang – or someone mimicking them – now active

The notorious REvil ransomware gang appears to have returned from the bowels of the dark web, three months after the arrest of 14 of its suspected members, with its old website forwarding to a new operation that lists both previous and fresh victims.…

Categories: News

YouTube terminates account for Hong Kong's presumed next head of government

The Register - Thu, 21/04/2022 - 14:31
Google cites US sanctions while Beijing and John Lee Ka-chiu are miffed

YouTube has blocked the campaign account of Hong Kong's only candidate for the Special Administrative Region's (SAR) head of government, John Lee Ka-chiu, citing US sanctions.…

Categories: News

Emotet reestablishes itself at the top of the malware world

The Register - Thu, 21/04/2022 - 11:02
Botnet infrastructure shut down last year, now central to a fast-spreading email scam, researchers say

More than a year after essentially being shut down, the notorious Emotet malware operation is showing a strong resurgence.…

Categories: News

Five Eyes nations fear wave of Russian attacks against critical infrastructure

The Register - Thu, 21/04/2022 - 03:02
If this is surprising to operators, we are doomed

The Five Eyes nations' cybersecurity agencies this week urged critical infrastructure to be ready for attacks by crews backed by or sympathetic to the Kremlin amid strong Western opposition to Russia's invasion of Ukraine.…

Categories: News

AWS's Log4j patches blew holes in its own security

The Register - Wed, 20/04/2022 - 22:51
Remote code exec is so 2014. Have this container escape and privilege escalation, instead

Amazon Web Services has updated its Log4j security patches after it was discovered the original fixes made customer deployments vulnerable to container escape and privilege escalation.…

Categories: News

Oracle already wins 'crypto bug of the year' with Java digital signature bypass

The Register - Wed, 20/04/2022 - 21:11
Whole new meaning for zero consequences

Java versions 15 to 18 contain a flaw in its ECDSA signature validation that makes it trivial for miscreants to digitally sign files and other data as if they were legit organizations.…

Categories: News

Russian-linked Shuckworm crew ramps up Ukraine attacks

The Register - Wed, 20/04/2022 - 17:04
Cyber-espionage gang using multiple variants of its custom backdoor to ensure persistence, Symantec warns

A Russian-linked threat group that has almost exclusively targeted Ukraine since it first appeared on the scene in 2014 is deploying multiple variants of its malware payload on systems within the country.…

Categories: News

Criminals adopting new methods to bypass improved defenses, says Zscaler

The Register - Wed, 20/04/2022 - 13:15
PhaaS, SMiShing, and remote work drive increase in phishing attacks

The number of phishing attacks worldwide jumped 29 percent last year as threat actors countered stronger enterprise defenses with newer methods, according to researchers with Zscaler's ThreatLabz research team.…

Categories: News

US warns North Korean Lazarus gang rises against cryptocurrency outfits

The Register - Wed, 20/04/2022 - 11:14
Malware-laced recruitment emails are more Kim job ill than Kim Jong-un

The North Korean-based criminal group Lazarus is expanding its attacks into the blockchain and crypto space, three agencies of the US government have warned.…

Categories: News

Google tracked record 58 exploited-in-the-wild zero-day security holes in 2021

The Register - Wed, 20/04/2022 - 10:27
Friends are always tellin' me, you're a user ... Just be good to free()

Google's bug hunters say they spotted 58 zero-day vulnerabilities being exploited in the wild last year, which is the most-ever recorded since its Project Zero team started analyzing these in mid-2014.…

Categories: News

Kaspersky cracks Yanluowang ransomware, offers free decryptor

The Register - Tue, 19/04/2022 - 20:59
Step one, get some scrambled files back. Steps two through 37...

Kaspersky has found a vulnerability in the Yanluowang ransomware encryption algorithm and, as a result, released a free decryptor tool to help victims of this software nasty recover their files.…

Categories: News

ESET uncovers vulnerabilities in Lenovo laptops

The Register - Tue, 19/04/2022 - 16:00
Firmware updates incoming in response to UEFI threats

Got a Lenovo laptop? You might need to do a swift bit of patching judging by the latest set of vulnerabilities uncovered by security researchers at ESET.…

Categories: News

Funky Pigeon pauses all orders after 'security incident'

The Register - Tue, 19/04/2022 - 13:45
Parent WH Smith says no customer payment data exposed, according to current investigations

British retailer WH Smith has confirmed that Funky Pigeon, its online greetings card and gift subsidiary, has halted all further orders after a "security incident."…

Categories: News

UK Prime Minister, Catalan groups 'targeted by NSO Pegasus spyware'

The Register - Mon, 18/04/2022 - 21:17
UAE reportedly using 'legal' malware on erstwhile allies

Citizen Lab has reported finding suspected surveillance software on devices associated with both the UK Prime Minister's Office and what was formerly called the British Foreign and Commonwealth Office.…

Categories: News

Microsoft ups bug bounties 30% for cloud lines, pays more for 'scenario-based' exploits

The Register - Mon, 18/04/2022 - 19:12
Plus: HP fixes critical Teradici flaws, Karakurt may be a Conti side hustle, and info-stealing malware set free

In Brief  Microsoft will pay more — up to $26,000 more — for "high-impact" bugs in its Office 365 products via its bug bounty program.…

Categories: News

Feds offer $5m reward for info on North Korean cyber crooks

The Register - Sat, 16/04/2022 - 00:24
Meanwhile: Caltech grad earns five years in prison for heping Kim's coders

The US government offered a reward up to $5 million for information that helps disrupt North Korea's cryptocurrency theft, cyber-espionage, and other illicit state-backed activities.…

Categories: News

Pages

Subscribe to Sec Tec Limited aggregator - News