Cybersecurity Starts in the Boardroom
This post was originally made on 9 June 2022 Update 15 June 2022 Microsoft has included updates in it’s Patch Tuesday bundle to address this issue: Microsoft Patch Tuesday – Follina zero-day fixed – Smart Thinking Solutions Get the updates done as soon as possible. Let’s hope this is really …
The Emotet botnet started off as banking trojan then evolved into a spamming and malware delivery system, has now moved onto exfiltrating credit card data: Emotet malware gang shifts to stealing credit cards • The Register If you have your credit card details stored in your Google Chrome browser, the …
Continue reading “Emotet are back – now stealing credit card data”
The discovery of Linux backdoor malware is unusual as it uses stealth techniques that have not been seen before. This malware is extremely hard to detect as it does a very efficient job of cleaning the infected systems of any traces of it’s operations. Once infected the malware gives high …
Continue reading “Stealth Linux malware – using new methods of evasion”
Here is another excellent breakdown, with screen shots, of phishing emails exploiting the Microsoft Word/Follina/ms-msdt flaw. Being aware of the types of phishing emails the threat actors use is part of the defence in depth you need to have great cyber security. TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) …
Continue reading “Active exploit for Follina – the still unpatched flaw in Microsoft Word”
Researchers at HP Wolf Security have started to see phishing spam email campaigns deploying a previously unknown malware family SVCReady. The HP security blog has a very good description of the malware and how it works – a bit techie – but towards the end it shows some images of …
