Mozilla Fixes Critical Bug in Cross-platform Cryptography Library Mozilla has addressed a critical memory corruption vulnerability affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. NSS can be used to develop security-enabled client and server apps with support for SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, Read more…
Microsoft Exchange Servers Hacked to Deploy BlackByte Ransomware The BlackByte ransomware gang is now breaching corporate networks by exploiting Microsoft Exchange servers using the ProxyShell vulnerabilities. ProxyShell is the name for a set of three Microsoft Exchange vulnerabilities that allow unauthenticated, remote code execution on the server when chained together. Read more…
Europol: 18k Money Mules Caught Laundering Money from Online Fraud Europol has announced the arrest of 1,803 money mules out of 18,351 identified following an international money-laundering crackdown operation codenamed “EMMA 7.” As its name suggests, this was the seventh EMMA (European Money Mule Action) operation, with the first taking place Read more…
VirusTotal Collections Feature Helps Keep Neat IoC Lists Scanning service VirusTotal announced today a new feature called Collections that lets researchers create and share reports with indicators of compromise observed in security incidents. Indicators of compromise (IoCs) are pieces of data (files, digital addresses) uncovered when investigating cyberattacks, which can Read more…
State-backed Hackers Increasingly Use RTF Injection for Phishing Three APT hacking groups from India, Russia, and China, were observed using a novel RTF (rich text format) template injection technique in their recent phishing campaigns. This technique is a simple yet effective method to retrieve malicious content from a remote URL, Read more…
Microsoft Defender Scares Admins with Emotet False Positives Microsoft Defender for Endpoint is currently blocking Office documents from being opened and some executables from launching due to a false positive tagging the files as potentially bundling an Emotet malware payload. Windows system admins are reporting [1, 2, 3, 4, 5] that this is happening Read more…
FBI Seized $2.3M from Affiliate of REvil, Gandcrab Ransomware Gangs The FBI seized $2.3 million in August from a well-known REvil and GandCrab ransomware affiliate, according to court documents seen by BleepingComputer. In a complaint unsealed today, the FBI seized 39.89138522 bitcoins worth approximately $2.3 million at current prices ($1.5 Read more…
Finland Warns of Flubot Malware Heavily Targeting Android Users Finland’s National Cyber Security Centre (NCSC-FI) has issued a “severe alert” to warn of a massive campaign targeting the country’s Android users with Flubot banking malware pushed via text messages sent from compromised devices. This is the second large-scale Flubot campaign that hit Read more…
Smartwatches for Children are a Privacy and Security Nightmare Researchers analyzed the security of four popular smartwatches for children and found pre-installed downloaders, weak passwords, and unencrypted data transmissions. The analysis demonstrates that most of these devices arbitrarily collect and periodically transmit sensitive data to remote servers without the user Read more…
EwDoor Botnet Targets AT&T Network Edge Devices at US Firms A recently discovered botnet is attacking unpatched AT&T enterprise network edge devices using exploits for a four-year-old critical severity Blind Command Injection security flaw. The botnet, dubbed EwDoor by researchers at Qihoo 360’s Network Security Research Lab (360 Netlab), targets AT&T customers Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
