Ryuk Ransomware Attack Sprung by Frugal Student
The student opted for “free” software packed with a keylogger that grabbed credentials later used by “Totoro” to get into a biomolecular institute.
[...]
Web Security
Articles targeted at Web App Security, hacks, guides, how to’s and the latest vulnerabilities.
Anti-Spam WordPress Plugin Could Expose Website User Data
‘Spam protection, AntiSpam, FireWall by CleanTalk’ is installed on more than 100,000 sites — and could offer up sensitive info to attackers that
[...]
Raft of Exim Security Holes Allow Linux Mail Server Takeovers
Remote code execution, privilege escalation to root and lateral movement through a victim’s environment are all on offer for the unpatched or unaware.
[...]
Feds Shut Down Fake COVID-19 Vaccine Phishing Website
‘Freevaccinecovax.org’ claimed to be that of a biotech company but instead was stealing info from visitors to use for nefarious purposes.
Source:
[...]
Pulse Secure VPNs Get a Fix for Critical Zero-Day Bugs
The security flaw tracked as CVE-2021-22893 is being used by at least two APTs likely linked to China, to attack U.S. defense targets
[...]
Sneakers, Gaming, Nvidia Cards: Retailers Can Stop Shopping Bots
Jason Kent, hacker in residence at Cequence Security, says most retailers are applying 1970s solutions to the modern (and out-of-control) shopping-bot problem, and
[...]
Bait Boost: Phishers Delivering Increasingly Convincing Lures
An intense hunt for corporate account credentials will continue into next quarter, researchers predict.
Source: Threat Post – Web Security – Bait
[...]
Deepfake Attacks Are About to Surge, Experts Warn
New deepfake products and services are cropping up across the Dark Web.
Source: Threat Post – Web Security – Deepfake Attacks Are
[...]
Experian API Leaks Most Americans’ Credit Scores
Researchers fear wider exposure, amidst a tepid response from Experian.
Source: Threat Post – Web Security – Experian API Leaks Most Americans’
[...]
Multi-Gov Task Force Plans to Take Down the Ransomware Economy
A coalition of 60 global entities (including the DoJ) has proposed a sweeping plan to hunt down and disrupt ransomware gangs by going
[...]