The CrowdStrike Incident Response Tracker is a convenient spreadsheet that includes sections to document indicators of compromise, affected accounts, compromised systems and a timeline of significant events CrowdStrike incident response teams have leveraged this type of tracker in thousands of investigations Download the CrowdStrike Incident Response Tracker Template During a … [Read more...] about CrowdStrike Services Releases Free Incident Response Tracker
Services
Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware
Threat actors are actively incorporating public cloud services from Amazon and Microsoft into their malicious campaigns to deliver commodity remote access trojans (RATs) such as Nanocore, Netwire, and AsyncRAT to siphon sensitive information from compromised systems. The spear-phishing attacks, which commenced in October 2021, have primarily targeted entities located in the … [Read more...] about Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware
CrowdStrike Services Launches Log4j Quick Reference Guide (QRG)
The Log4j vulnerability burst onto the scene just a few weeks ago, but to many defenders it already feels like a lifetime. It has rapidly become one of the top concerns for security teams in 2021, and seems set to remain so for the foreseeable future. The critical details of this threat evolve almost daily, making it a formidable challenge for defenders to keep tabs on the … [Read more...] about CrowdStrike Services Launches Log4j Quick Reference Guide (QRG)
Phishing attacks on users of streaming services
Movies and TV shows have been a huge source of comfort for many in these COVID times, and the number of new shows on Netflix, Amazon Prime, and the like has skyrocketed. But when searching for the latest megahit, don’t neglect basic security measures or you might find that someone else is enjoying it at your expense — or worse, that the money in your bank account has … [Read more...] about Phishing attacks on users of streaming services
Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services
Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine. Tracked as CVE-2021-41556, the issue occurs when a game library referred to as … [Read more...] about Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services
Poorly Configured Apache Airflow Instances Leak Credentials for Popular Services
Cybersecurity researchers on Monday discovered misconfigurations across older versions of Apache Airflow instances belonging to a number of high-profile companies across various sectors, resulting in the exposure of sensitive credentials for popular platforms and services such as Amazon Web Services (AWS), Binance, Google Cloud Platform (GCP), PayPal, Slack, and Stripe. "These … [Read more...] about Poorly Configured Apache Airflow Instances Leak Credentials for Popular Services
Cybercriminals Abusing Internet-Sharing Services to Monetize Malware Campaigns
Threat actors are capitalizing on the growing popularity of proxyware platforms like Honeygain and Nanowire to monetize their own malware campaigns, once again illustrating how attackers are quick to repurpose and weaponize legitimate platforms to their advantage. "Malware is currently leveraging these platforms to monetize the internet bandwidth of victims, similar to how … [Read more...] about Cybercriminals Abusing Internet-Sharing Services to Monetize Malware Campaigns
Russia bans VyprVPN, Opera VPN services for not complying with blacklist request
Russia's telecommunications and media regulator Roskomnadzor (RKN) on Thursday introduced restrictions on the operation of VyprVPN and Opera VPN services in the country. "In accordance with the regulation on responding to threats to circumvent restrictions on access to child pornography, suicidal, pro-narcotic and other prohibited content, restrictions on the use of VPN … [Read more...] about Russia bans VyprVPN, Opera VPN services for not complying with blacklist request
55 New Security Flaws Reported in Apple Software and Services
A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws — including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacker to "fully compromise both customer and employee applications, launch a worm … [Read more...] about 55 New Security Flaws Reported in Apple Software and Services
Smartwatch Maker Garmin Shuts Down Services After Ransomware Attack
Garmin, the maker of fitness trackers, smartwatches and GPS-based wearable devices, is currently dealing with a massive worldwide service interruption after getting hit by a targeted ransomware attack, an employee of the company told The Hacker News on condition of anonymity.The company's website and the Twitter account say, "We are currently experiencing an outage that affects … [Read more...] about Smartwatch Maker Garmin Shuts Down Services After Ransomware Attack