A cyberattack struck major German oil storage company Oiltanking GmbH Group on Sunday, the company confirmed to CyberScoop. The attack shut down the oil tank company’s IT systems.
The number of COVID-19 test-related phishing scams increased by 521% between October 2021 and January 2022, according to a report published by security firm Barracuda Networks.
The TrickBot gang has advanced its techniques to slip past security controls by adding multiple layers of defense. This enables it to launch Man-in-the-Browser attacks against banking users to steal their credentials and browser cookies. It is critical for organizations and researchers to continuously update their strategy and put in regular efforts to withstand such threats.
The new version uses a combination of AES and ECC algorithms for encryption. It includes commands for encrypting VM images on ESXi servers. However, the ransom note is similar to the ones associated with LockBit.
GitHub has promised to stop sending out security advisories about a vulnerability reported in Loguru, a popular Python logging package, which later turned out to be invalid.
A new malware dubbed DazzleSpy surfaced during the investigation of a watering hole attack targeting Windows and Android users. ESET researchers found that the attack also targeted macOS users and visitors of a pro-democracy radio station website in Hong Kong. To stay protected, deploy the right anti-malware solutions while ensuring a proper patch management program.
BlackBerry researchers have discovered the relationship between the Prometheus Traffic Direction System and a leaked Cobalt Strike SSL key pair, as well as with various malware families. In the last two years, multiple threat actors and ransomware groups such as FIN7, FickerStealer, Qakbot, DarkCrystal RAT, IceID, BlackMatter, Ryuk, Cerber, and REvil have used it.
A malicious campaign known as ‘Eternal Silence’ is abusing UPnP to turn your router into a proxy server used to launch malicious attacks while hiding the location of the threat actors.
These vulnerabilities could be triggered if an attacker tricks a user into opening a specially crafted, malicious PDF file, or open the file in a browser that has a PDF reader plugin installed.
The server contained 3TB ata dating back to 2018, including airport employee records. While the team was not able to examine every record in the database, four airports were named in exposed files: