News
News (2818)
Thursday, 18 May 2023 13:16
Microsoft Stops Pushing Defender Update That Hid a Bug Due to Bugs
Written by Sean Kalinich
Over the last few months Windows 11 users have dealt with an annoying bug in Windows Defender. The bug was a continuous restart prompt to “enable” LSA protection. The problem is that LSA was enabled the whole time. The system…
Read 736 times
Published in
News
Thursday, 18 May 2023 09:53
Fake ChatGPT and Midjourney Sites used in Cyber-Attacks *** Updated ***
Written by Sean Kalinich
It was only a matter of time before something like this happened. As services like ChatGPT, Midjourney, Bard and other “AI” platform we viral, threat actors were bound to start trying to get in on the action. ChatGPT and Midjourney…
Read 192 times
Published in
News
Thursday, 18 May 2023 09:02
Inside a Ransomware as a Service Operation Shows How Simple and Profitable This can Be
Written by Sean Kalinich
As part of our ongoing (really never ending) series on modern ransomware, we are taking a look at a recent study of one Ransomware as a Service operation. In this case the look is at the Qilin scheme which was…
Read 561 times
Published in
News
Wednesday, 17 May 2023 15:18
Azure Serial Console being Abused for VM Takeover
Written by Sean Kalinich
Google owned Mandiant has released findings on a group known as Roasted 0ktapus, Scattered Spider and UNC3944 (sort of rolls off the tongue there). This group has been seen to abuse the Microsoft Azure Serial Console to push out their…
Read 326 times
Published in
News
Wednesday, 17 May 2023 14:30
Microsoft Visual Studio Marketplace Found to Have Malicious Extensions Targeting Developers
Written by Sean Kalinich
Attackers are always looking to get targets coming and going. As such you have a very rich ecosystem of attack types to cover as much ground as possible. A concerning one has always been direct supply chain attacks. These attacks…
Read 179 times
Published in
News
Tuesday, 16 May 2023 13:28
Money Message Ransomware Group Hits PharMerica and Steals 5.8 million Patient Records
Written by Sean Kalinich
The same Ransomware gang that hit MSI recently also appears to have hit Pharmacy services provider PharMerica and stole information on 5.8 million patents. The data that was exfiltrated as part of the attack includes social security numbers, full name…
Read 445 times
Published in
News
Tuesday, 16 May 2023 12:07
Ransomware Group RA Group Is Open for Business in the US and South Korea
Written by Sean Kalinich
There is a new player in the ransomware space. Dubber RA group this new organization appears to have had their grand opening last month (April 2023). RA Group published a data leak site on the dark web as part of…
Read 423 times
Published in
News
Tuesday, 16 May 2023 09:56
Attackers using Google’s Golang to Take a Bite Out of Apple
Written by Sean Kalinich
Two new variants of Cobalt Strike written in Ggoogle’s Golang have popped up on the wild internet. According to SentinelOne, this new flavor is set up to target macOS systems. They have also noted that this new beacon (called Geacon)…
Read 336 times
Published in
News
Monday, 15 May 2023 16:05
Cloud Management Systems for Three Industrial Cellular Providers Put OT Environments at Risk
Written by Sean Kalinich
Cybersecurity firm OTORIO has announced several new vulnerabilities in cloud management platforms at Black Hat Asia 2023. The Israeli company named three industrial cellular providers with a total of eleven vulnerabilities which could allow for complete compromise of operational technology…
Read 495 times
Published in
News
Monday, 15 May 2023 11:06
Discord Discloses Breach from 3rd Party Support Account
Written by Sean Kalinich
The popular socialization platform, Discord, is alerting users to a data breach that occurred due to the compromise of a support agent account. The breach appears to be limited in scope to the ticket queue that the third-party agent was…
Read 214 times
Published in
News
Thursday, 11 May 2023 17:37
Because Sharing is Caring Why Shouldn’t Leaked Ransomware Code Not Get Reused?
Written by Sean Kalinich
After a Leak of Babuk ransomware source code in late 2021 researchers have identified 9 separate new stains that are intended to target VMware ESXi. The new variants first started showing up in the 2cond half of 2022. As with…
Read 735 times
Published in
News
Thursday, 11 May 2023 09:19
When Patching is Not Enough: How Attackers are Looking at Patches to Find the Next Flaw
Written by Sean Kalinich
Microsoft’s Patch Tuesday for May included a patch that was a fix for a flaw that was created from another patch back in March 2023. The March patch was meant to fix vulnerability CVE-2023-23397 which was a known exploited critical…
Read 269 times
Published in
News
Wednesday, 10 May 2023 17:41
The Greatness Phishing as a Service Platform Intended to Make Targeting MS365 Easier
Written by Sean Kalinich
There is an old saying that says, when you can no longer do, you teach. This might be a relatively true axiom in the regular world, but in the world of cybercrime it is certainly not what you find happening.…
Read 774 times
Published in
News
Tuesday, 09 May 2023 12:39
Intel Investigating MSI Data Breach and Private Code Signing Key Theft
Written by Sean Kalinich
Yesterday we reported on a ransomware attack that impacted PC and component manufacturer MSI. When they, MSI, disclosed the attack they claimed there was no significant impact, but failed to consider that most, if not all, modern ransomware attacks also…
Read 914 times
Published in
News
Tuesday, 09 May 2023 11:37
More Threat Groups Pile onto PaperCut Vulnerability Including State-Sponsored Ones
Written by Sean Kalinich
In January of 2023 the Print Management Software company PaperCut was advised of two Remote Code Execution (RCE) bugs. These bugs were in their PaperCut MF and PaperCut NG software products. PaperCut worked with the group that identified the bugs,…
Read 201 times
Published in
News
Monday, 08 May 2023 14:34
PC Component Maker MSI has Private Code Signing Keys Leaked **Updated**
Written by Sean Kalinich
Updated May-08-2023 with statement from IntelBack in early April MSI, a popular PC and PC component maker, disclosed that it had a security incident. They stated that they quickly rolled out their Incident Response Team and enacted their recovery procedures…
Read 555 times
Published in
News
Page 3 of 177