Collaborate Disseminate
The Russian cybersecurity firm discovered sophisticated malware that combined cryptocurrency mining and espionage capabilities.
The post Kaspersky reveals ‘elegant’ malware resembling NSA code appeared first on CyberScoop.
Continue reading Kaspersky reveals ‘elegant’ malware resembling NSA code
Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. The amount of effort that went into creating the framework is truly remarkable, and its disclosure was quite astonishing. Continue reading StripedFly: Perennially flying under the radar
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency will host a call with critical infrastructure stakeholders Monday afternoon about a critical vulnerability affecting products with the Log4j software library, according to a statement. CISA sent out an alert Friday that the agency had added the flaw to its list of exploited vulnerabilities, and urged federal and civilian organizations to patch and take steps to mitigate harm immediately. Log4j is a widely-used open-source logging tool popular in numerous cloud and enterprise apps including Minecraft, Apple Cloud, Cloudflare and Twitter, making the extent of the zero-day’s potential damage likely wide-reaching. “CISA is working closely with our public and private sector partners to proactively address a critical vulnerability affecting products containing the log4j software library,” CISA director Jen Easterly said in a statement. “This vulnerability, which is being widely exploited by a growing set of threat actors, presents an urgent challenge to network defenders given its broad use.” Cybersecurity researchers noted over the weekend that […]
The post CISA to brief critical infrastructure companies about urgent new Log4j vulnerability appeared first on CyberScoop.
By Waqas
Unpatched MS Exchange Servers are being hunted by Prometei botnet to expand its army of Monero cryptocurrency mining bots.
This is a post from HackRead.com Read the original post: Prometei botnet uses NSA exploit, hits unpatched MS exchange se… Continue reading Prometei botnet uses NSA exploit, hits unpatched MS exchange servers
The malicious software known as TrickBot has morphed again, this time with a module that probes booting process firmware for vulnerabilities, possibly setting the stage for attacks that could ultimately destroy devices, researchers say. Two cybersecurity companies, Eclypsium and Advanced Intelligence (Advintel), dubbed the TrickBot add-on module “TrickBoot,” since it targets the UEFI/BIOS firmware. Firmware is permanent code programmed into a hardware device, while UEFI and BIOS are two kinds of specifications that manage a device’s start-up. TrickBoot, then, is s a “significant step in the evolution of TrickBot,” the researchers say, that could make TrickBot especially pesty. “Since firmware is stored on the motherboard as opposed to the system drives, these threats can provide attackers with ongoing persistence even if a system is re-imaged or a hard drive is replaced,” they wrote.”Equally impactful, if firmware is used to brick a device, the recovery scenarios are markedly different (and more difficult) than recovery […]
The post TrickBot adds firmware tool that researchers say could lead to ‘bricking’ devices appeared first on CyberScoop.
Continue reading TrickBot adds firmware tool that researchers say could lead to ‘bricking’ devices
Malware campaign targets global manufacturers that are still dependent on Windows 7 subsystems to run fleets of IoT endpoints. Continue reading New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers
The cybercrime group that brought us Satan, DBGer and Lucky ransomware and perhaps Iron ransomware, has now come up with a new version or rebranding named “5ss5c”.
In a previous blog post, Satan ransomware adds EternalBlue exploit, I described ho… Continue reading Satan ransomware rebrands as 5ss5c ransomware
Every few years, Microsoft causes some panic across industry sectors by announcing the end-of-life of one of its older Windows operating systems. In this case, Windows 7 is going “end of life” on Jan. 14, meaning Microsoft will no longer be regularly updating the system with fixes when a security vulnerability is found. The company is urging users – both consumer and enterprise – to update their systems to the latest operating system: Windows 10. As the weeks tick down until the deadline, the question becomes: how big of a security threat is this? We’ve seen the real-world attacks that can come from unpatched vulnerabilities in an out-of-date operating system. There are also valid reasons an organization could choose to hedge its bets and not upgrade. Ultimately, it is a conversation about risk, and more specifically, how much risk is an organization willing to assume in the face of a […]
The post Windows 7 end-of-life is coming. How much should you worry? appeared first on CyberScoop.
Continue reading Windows 7 end-of-life is coming. How much should you worry?
WannaCry never went away – it just became less obvious. Continue reading WannaCry – the worm that just won’t die
The adversaries have retooled with EternalBlue and credential theft to add a new “access mining” revenue stream. Continue reading Smominru Cryptominer Scrapes Credentials for Half-Million Machines