Credit to Author: BrianKrebs| Date: Fri, 21 Jan 2022 17:11:36 +0000
Up for the “Most Meta Cybercrime Offering” award this year is Accountz Club, a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling stolen payment cards and identities, spamming tools, email and phone bombing services, and those selling authentication cookies for a slew of popular websites.
Read more
Credit to Author: BrianKrebs| Date: Wed, 19 Jan 2022 17:15:06 +0000
If you created an online account to manage your tax records with the U.S. Internal Revenue Service (IRS), those login credentials will cease to work later this year. The agency says that by the summer of 2022, the only way to log in to irs.gov will be through ID.me, an online identity verification service that requires applicants to submit copies of bills and identity documents, as well as a live video feed of their faces via a mobile device.
Read more
Credit to Author: Chris McCormack| Date: Wed, 02 Feb 2022 16:08:08 +0000
This latest v19 build adds a number of great new enhancements, including Xstream FastPath Acceleration of IPsec VPN traffic.
Read more
Credit to Author: Chester Wisniewski| Date: Wed, 02 Feb 2022 09:34:16 +0000
Following an article on January 24, 2022 of Log4Shell scanning and attack detections since the bug was reported, Sophos addresses reader questions about who’s behind it all
Read more
Credit to Author: BrianKrebs| Date: Fri, 14 Jan 2022 22:41:34 +0000
The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine.
Read more
Credit to Author: Gabor Szappanos| Date: Tue, 01 Feb 2022 13:00:30 +0000
Inserting custom file handling rules for a randomly-created file extension and a .LNK in Windows’ startup folder, malware installer created a stealthy persistence mechanism for backdoor.
Read more
Credit to Author: BrianKrebs| Date: Wed, 12 Jan 2022 05:17:31 +0000
In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman known as an initial access broker. This post examines some of the clues left behind by Wazawaka, the handle chosen by a major access broker in the Russian-speaking cybercrime scene.
Read more
Credit to Author: BrianKrebs| Date: Tue, 11 Jan 2022 22:18:55 +0000
Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another.
Read more
Credit to Author: stephenlawton| Date: Mon, 31 Jan 2022 17:16:43 +0000
Zero Trust Network Access boosts remote access security while reducing the network attack surface
Read more
Credit to Author: BrianKrebs| Date: Sat, 08 Jan 2022 18:05:14 +0000
Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. But Norton 360 isn’t alone in this dubious endeavor: Avira antivirus — which has built a base of 500 million users worldwide largely by making the product free — was recently bought by the same company that owns Norton 360 and is introducing its customers to a service called Avira Crypto.
Read more