Ukraine government and pro-Ukrainian sites hit by DDoS attacks

Credit to Author: Malwarebytes Labs| Date: Fri, 29 Apr 2022 08:01:46 +0000

We can’t tell which party made the first move, but both the pro-Ukraine and Russian sides have been exchanging DDoS attacks.

The post Ukraine government and pro-Ukrainian sites hit by DDoS attacks appeared first on Malwarebytes Labs.

Read more

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Credit to Author: BrianKrebs| Date: Wed, 27 Apr 2022 14:27:35 +0000

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide.

Read more

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

Credit to Author: BrianKrebs| Date: Thu, 17 Mar 2022 22:33:21 +0000

Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.

Read more

North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign

Credit to Author: Threat Intelligence Team| Date: Thu, 27 Jan 2022 16:20:16 +0000

How one of North Korea’s most sophisticated APTs tries to avoid detection by using legitiate tools during its attacks.

Categories: Threat Intelligence

Tags:

(Read more…)

The post North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign appeared first on Malwarebytes Labs.

Read more

GitHub launches Security Lab to boost open source security

Credit to Author: John E Dunn| Date: Mon, 18 Nov 2019 11:24:32 +0000

The idea is simple – create a global platform for reporting and fixing vulnerabilities in open source projects before they do damage.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/pPayEpWTksQ” height=”1″ width=”1″ alt=””/>

Read more

Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin

Credit to Author: BrianKrebs| Date: Mon, 11 Nov 2019 17:33:27 +0000

Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was inadvertent, and that many of the credentials were already expired.

Read more

A week in security (October 7 – 13)

Credit to Author: Malwarebytes Labs| Date: Mon, 14 Oct 2019 15:30:38 +0000

A look at the cybersecurity news from October 7 – 13, including updates on war shipping, managed service providers, and stalkerware.

Categories:

Tags:

(Read more…)

The post A week in security (October 7 – 13) appeared first on Malwarebytes Labs.

Read more