Cybersecurity Starts in the Boardroom
BYOD – bring your own device – probably every organisation has non-company devices handling sensitive information. Threat actors have created a trojanised version of a legitimate game installer that they are promoting through side channels to attract users (victims) to install it. The Super Mario game is installed and works …
Continue reading “BYOD advice – Find malware where you least expect it”
Linus servers are everywhere on the Internet, providing the infrastructure and hosting the Web sites and services we all use. So stealth malware that steals the performance of Linux machines is an issue for admins everywhere. Even though this attack appears to be tailored to specific targets, if you are …
Microsoft is reporting on a new variant of the Sysrv botnet malware – Sysrv-K, that infects both Windows and Linux servers. This malware can compromise a wide range of vulnerabilities including WordPress plug-ins and Spring Cloud. Once in the malware installs and operates the Monero cryptocurrency miner. Monero-mining botnet targets …
Continue reading “Windows and Linux server both targets for crypto-mining malware”
This story was first published on 31 March 2022 and Updated on 5 April 2022 Update 26 April 2022 There has been a steady increase in the number of active attacks against this and related vulnerabilities: Hackers hammer SpringShell vulnerability in attempt to install cryptominers | Ars Technica This is …
Continue reading “Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022”
The cyber criminal group Keksec is using Enemybot to attack routers and IoT devices, exploiting a remote code execution (RCE) vulnerability CVE-2022-27226. Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene | ZDNet New Enemybot botnet blends Linux backdoor bot Gafgyt, Mirai • The Register This botnet is part …
Continue reading “New botnet in the wild targeting routers and IoT devices”
Hacker spent nearly five months inside a US regional government network, downloading files, using software and deleting logs, before deploying Lockbit ransomware. Sophos recreated the attack from what was left of the logs and believe the attackers got in through a public facing remote desktop protocol (RDP) port – something …
Continue reading “Sophos report even government agencies can miss hackers in their network”
The Lapsus$ cyber crime gang has revealed online, what Samsung has acknowledged to be nearly 200GB of Samsung internal files. Lapsus$ gang dump Samsung data online • The Register Lapsus$ has also stolen internal files from Nvidia in a separate extortion bid. More bad news for Nvidia – and advice …
