No-Joke Borat RAT Propagates Ransomware, DDoS | Threatpost
Attackers are using a newly released remote access trojan (RAT) to spread ransomware and distributed denial of service (DDoS) — in addition to the traditional RAT function [...]
Trends
Automaker Cybersecurity Lagging Behind Tech Adoption, Experts Warn | Threatpost
A pair of recent vulnerabilities found in the automaker ecosystem might not seem like a real danger taken separately. But experts warn a lack of attention on cybersecurity [...]
QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug | Threatpost
Customers of Taiwan-based QNAP Systems are in a bit of limbo, waiting until the company releases a patch for an OpenSSL bug that the company has warned affects most of its [...]
A Blockchain Primer and Bored Ape Headscratcher – Podcast | Threatpost
Why in the world would a collection of nonfungible token (NFT) gorilla avatars called the Bored Ape Yacht Club (BAYC), run by 30-somethings using aliases like “Emperor [...]
RCE Bug in Spring Cloud Could Be the Next Log4Shell, Researchers Warn | Threatpost
NOTE: While the researchers at Sysdig refer to this Spring Cloud bug as “Spring4Shell,” it should be noted that there is some confusion as to what to call it, with [...]
MSHTML Flaw Exploited to Attack Russian Dissidents | Threatpost
A spearphishing campaign targeting Russian citizens and government entities that are not aligned with the actions of the Russian government is the latest in numerous threats [...]
Lapsus$ ‘Back from Vacation’ | Threatpost
The Lapsus$ data extortionists are back from a week-long “vacation,” they announced on Telegram, posting ~70GB worth of data purportedly stolen from software development [...]
Exchange Servers Speared in IcedID Phishing Campaign | Threatpost
The ever-evolving banking trojan IcedID is back again with a phishing campaign that uses previously compromised Microsoft Exchange servers to send emails that appear to come [...]
Log4JShell Used to Swarm VMware Servers with Miners, Backdoors | Threatpost
What researchers are calling a “horde” of miner bots and backdoors are using the Log4Shell bug to take over vulnerable VMware Horizon servers, with threat actors still [...]
Okta Says It Goofed in Handling the Lapsus$ Attack | Threatpost
On Friday, Okta – the authentication firm-cum-Lapsus$-victim – admitted that it “made a mistake” in handling the recently revealed Lapsus$ attack. The mistake: [...]
Copyright © 2022 | Cybersigna, respective media and syndication partners