A new strain of malware/ransomware has been discovered by the MalwareHunterTeam – who have Tweeted out details and images. The ransomware is being called RedAlert, or N13V, and target Windows and Linux VMWare ESXi servers. New RedAlert Ransomware targets Windows, Linux VMware ESXi servers (bleepingcomputer.com) Double extortion Similar to other …
Actively exploited zero-day flaw in Google Chrome now patched – is yours? Could you check?
Make sure your Google Chrome patching is up to date. Google has just released a patch to fix a flaw in Chrome that was being actively exploited by threat actors. The attack is directed at the WebRTC system – which is a component used in web based comms, so avoid …
Ransomware decryptors released after the ransomware malware closes down
Well this is really unbelievable! The threat actors behind the AstraLocker ransomware have decided to switch to another cyber-crime, but in the process of closing the servers down, the developers behind the malware have submitted the AstraLocker decryptors to the VirusTotal malware analysis website. AstraLocker ransomware shuts down and releases …
Continue reading “Ransomware decryptors released after the ransomware malware closes down”
The Follina threat has not gone away just because Microsoft has issued a patch – Octagon has the solution
The threat actors are still attempting to exploit the Follina flaw in Microsoft Word – looking for those of you out there who have not bothered to run the updates: XFiles info-stealing malware adds support for Follina delivery (bleepingcomputer.com) Have you checked all the machines in your organisation have run …
Optional Windows 10 update
Microsoft has issued a Windows 10 update to fix some bugs and add some printing features. Windows 10 KB5014666 update brings new printing features, bug fixes (bleepingcomputer.com)
Microsoft 365 timeouts to mitigate data leaks
Microsoft 365 administrators can now set a site wide timeout for users. This can be a benefit to mitigate data leakage from unmanaged machines left logged in. Microsoft 365 now prevents data leaks with new session timeouts (bleepingcomputer.com)
Credential stealer
The Raccoon Stealer malware is back with an updated version, with added functionality and capabilities. This malware is offered as malware-as-a-service (mimicking a legitimate business model), enabling less well equipped threat actors to implement sophisticated cyber security attacks. Expect the use of this malware to increase as threat actors, looking for …
