Cybersecurity Starts in the Boardroom
This post was first published on 9 May 2022 Here is yet another example of malware and it’s delivery system from SANS TA578 using thread-hijacked emails to push ISO files for Bumblebee malware – SANS Internet Storm Centre The rise of Bumblebee malware was first reported earlier this month: More …
Here is SANS’ excellent round-up of Microsoft’s Patch Tuesday: Microsoft May 2022 Patch Tuesday – SANS Internet Storm Centre There are the usual array of issues that Microsoft is fixing be they become an issue – one of the Windows patches fixes Windows LSA, this impacts the authentication of accounts …
This is the classic way a hacker gets their payload into your business – send you a spreadsheet that needs your immediate attention. Include the password in the email, this makes it more likely for you to open the file – make it look official and your cyber security threat …
Continue reading “Anatomy of a RAT attack using a password protected Excel attachment”
SANS Internet Storm Centre has a couple of blog posts looking at the mechanics of a Word document and a PDF both of which are malicious payloads in a phishing email. This is what you are up against! Analyzing a Phishing Word Document – SANS Internet Storm Centre Simple PDF …
This story was first published on 31 March 2022 and Updated on 5 April 2022 Update 26 April 2022 There has been a steady increase in the number of active attacks against this and related vulnerabilities: Hackers hammer SpringShell vulnerability in attempt to install cryptominers | Ars Technica This is …
Continue reading “Java vulnerabilities to look out for – Spring4Shell – UPDATE 23 April 2022”
