Apr 08, 2023Ravie LakshmananMalware / Cyber Attack Taiwanese PC company MSI (short for Micro-Star International) officially confirmed it was the victim of a cyber attack on its systems. The company said it "promptly" initiated incident response and recovery measures after detecting "network anomalies." It also said it alerted law enforcement agencies of the matter. That said, … [Read more...] about Taiwanese PC Company MSI Falls Victim to Ransomware Attack
information security
Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
Apr 08, 2023Ravie LakshmananCyber War / Cyber Threat The Iranian nation-state group known as MuddyWater has been observed carrying out destructive attacks on hybrid environments under the guise of a ransomware operation. That's according to new findings from the Microsoft Threat Intelligence team, which discovered the threat actor targeting both on-premises and cloud … [Read more...] about Iran-Based Hackers Caught Carrying Out Destructive Attacks Under Ransomware Guise
Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool
Apr 07, 2023Ravie Lakshmanan Microsoft said it teamed up with Fortra and Health Information Sharing and Analysis Center (Health-ISAC) to tackle the abuse of Cobalt Strike by cybercriminals to distribute malware, including ransomware. To that end, the tech giant's Digital Crimes Unit (DCU) revealed that it secured a court order in the U.S. to "remove illegal, legacy copies of … [Read more...] about Microsoft Takes Legal Action to Disrupt Cybercriminals’ Illegal Use of Cobalt Strike Tool
119 Arrested in Cybercrime Crackdown
A coordinated international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of stolen credentials associated with email, bank accounts, and social media platforms. Coinciding with the infrastructure seizure, the major crackdown, which involved authorities from 17 countries, culminated in 119 arrests and 208 … [Read more...] about 119 Arrested in Cybercrime Crackdown
Typhon Reborn Stealer Malware Resurfaces with Advanced Evasion Techniques
Apr 05, 2023Ravie LakshmananCyber Threat / Dark Web The threat actor behind the information-stealing malware known as Typhon Reborn has resurfaced with an updated version (V2) that packs in improved capabilities to evade detection and resist analysis. The new version is offered for sale on the criminal underground for $59 per month, $360 per year, or alternatively, for $540 … [Read more...] about Typhon Reborn Stealer Malware Resurfaces with Advanced Evasion Techniques
Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions
Microsoft has announced plans to automatically block embedded files with "dangerous extensions" in OneNote following reports that the note-taking service is being increasingly abused for malware delivery. Up until now, users were shown a dialog warning them that opening such attachments could harm their computer and data, but it was possible to dismiss the prompt and open the … [Read more...] about Microsoft Tightens OneNote Security by Auto-Blocking 120 Risky File Extensions
Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service
Apr 03, 2023Ravie LakshmananUnited States A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker's main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and replacing cryptocurrency addresses in … [Read more...] about Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service
Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps
Apr 01, 2023Ravie LakshmananAzure / Active Directory Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that exposed several "high-impact" applications to unauthorized access. "One of these apps is a content management system (CMS) that powers Bing.com and allowed us to not only modify search … [Read more...] about Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps
Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation
Apr 01, 2023Ravie LakshmananCyber Attack / Vulnerability Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 (CVSS score: 9.8) and CVE-2021-35394 (CVSS score: 9.8) to deliver MooBot and ShellBot (aka PerlBot), Fortinet FortiGuard Labs said … [Read more...] about Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation
Researchers Detail Severe “Super FabriXss” Vulnerability in Microsoft Azure SFX
Mar 30, 2023Ravie LakshmananCloud Security / Vulnerability Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution. Tracked as CVE-2023-23383 (CVSS score: 8.2), the issue has been dubbed "Super FabriXss" by Orca Security, a nod to the FabriXss flaw (CVE-2022-35829, CVSS score: 6.2) … [Read more...] about Researchers Detail Severe “Super FabriXss” Vulnerability in Microsoft Azure SFX