Lisa Vaas – Page 24 – WindowsTechs.com

Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers

Posted on July 16, 2021 by Lisa Vaas

HelloKitty joins the growing list of ransomware bigwigs going after the juicy target of VMware ESXi, where one hit gets scads of VMs. Continue reading Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers→

Fake Zoom App Dropped by New APT ‘LuminousMoth’

Posted on July 15, 2021 by Lisa Vaas

First comes spear-phishing, next download of malicious DLLs that spread to removable USBs, dropping Cobalt Strike Beacon, and then, sometimes, a fake Zoom app. Continue reading Fake Zoom App Dropped by New APT ‘LuminousMoth’→

Linux-Focused Cryptojacking Gang Tracked to Romania

Posted on July 14, 2021 by Lisa Vaas

The gang is using a new brute-forcer – “Diicot brute” – to crack passwords on Linux-based machines with weak passwords. Continue reading Linux-Focused Cryptojacking Gang Tracked to Romania→

Ransomware Giant REvil’s Sites Disappear

Posted on July 13, 2021 by Lisa Vaas

Just days after President Biden demanded that Russian President Putin shut down ransomware groups, the servers of one of the biggest groups mysteriously went dark. Continue reading Ransomware Giant REvil’s Sites Disappear→

‘Charming Kitten’ APT Siphons Intel From Mid-East Scholars

Posted on July 13, 2021 by Lisa Vaas

Professors, journalists and think-tank personnel, beware strangers bearing webinars: It’s the focus of a particularly sophisticated, and chatty, phishing campaign. Continue reading ‘Charming Kitten’ APT Siphons Intel From Mid-East Scholars→

Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack

Posted on July 12, 2021 by Lisa Vaas

The attacks are enabled by an unpatched security vulnerability in ForgeRock’s Access Management, a popular platform that front-ends web apps and remote-access setups. Continue reading Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack→

Kaseya Patches Zero-Days Used in REvil Attacks

Posted on July 12, 2021 by Lisa Vaas

The security update addresses three VSA vulnerabilities used by the ransomware gang to launch a worldwide supply-chain attack on MSPs and their customers.

Continue reading Kaseya Patches Zero-Days Used in REvil Attacks→

Coursera Flunks API Security Test in Researchers’ Exam

Posted on July 8, 2021 by Lisa Vaas

The problem APIs included numero uno on the OWASP API Security Top 10: a Broken Object Level Authorization (BOLA) issue that could have exposed personal data. Continue reading Coursera Flunks API Security Test in Researchers’ Exam→

Suspected ‘Dr HeX’ Hacker Busted for 9 Years of Phishing

Posted on July 7, 2021 by Lisa Vaas

The unnamed suspect allegedly helped to develop carding and phishing kits with the aim of stealing customers’ bank-card data. Continue reading Suspected ‘Dr HeX’ Hacker Busted for 9 Years of Phishing→

Fake Kaseya VSA Security Update Drops Cobalt Strike

Posted on July 7, 2021 by Lisa Vaas

Threat actors are planting Cobalt Strike backdoors by malspamming a bogus Microsoft update along with a SecurityUpdates.exe. Continue reading Fake Kaseya VSA Security Update Drops Cobalt Strike→