The Hacker News Google on Monday announced that it will pay security researchers to find exploits using vulnerabilities, previously remediated or otherwise, over the next three...
Day: November 3, 2021
nakedsecurity – Microsoft documents “SHROOTLESS” hack patched in latest Apple updates
naked security by SOPHOS When we wrote about Apple’s latest security patches earlier this week, we noted that: There are 37 listed fixes covering everything from AppKit to...
thehackernews – Alert! Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild
The Hacker News A now-patched critical remote code execution (RCE) vulnerability in GitLab’s web interface has been detected as actively exploited in the wild, cybersecurity researchers...
nakedsecurity – REvil ransomware gang allegedly forced offline by law enforcement counterattacks
naked security by SOPHOS According to Reuters, the REvil ransomware operation was “hacked and forced offline this week by a multi-country operation”. Reuters writes that one of...
nakedsecurity – Europol announces “targeting” of 12 suspects in ransomware attacks
naked security by SOPHOS In an intriguingly worded news statement issued today, Europol has announced police action in both Switzerland and Ukraine against 12 cybercrime suspects. The document...
cisomag – Hackers Use SEO Poisoning to Spread Ransomware
Menlo Labs identified two ransomware campaigns distributing REvil and SolarMarker backdoors on the targeted networks using SEO poisoning. CISOMAG Cybersecurity experts from Menlo Labs identified two...
cisomag – Russia-linked Conti Ransomware Gang Pillages Jewelry Brand Graff
Russia-based Conti gang has targeted a U.K.-based jewelry firm, Graff, in a ransomware attack. The hackers claim to have leaked 69,000 documents with critical information on...
threatpost – Ransomware Gangs Target Corporate Financial Activities
THREATPOST The FBI is warning about a fresh extortion tactic: threatening to tank share prices for publicly held companies. Ransomware gangs are zeroing in on publicly...
nakedsecurity – S3 Ep56: Cryptotrading rodent, ransomware hackback, and a Docusign phish
Naked Security [00’29”] Don’t miss our cybersecurity podcast minisodes![01’46”] Bliss is a hill in wine country.[03’37”] Lessons from a cryptotrading hamster.[08’46”] Ransomware gang hacked back.[20’27”] Docusign phishers go after 2FA...
helpnetsecurity – Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, allowing for...
malwarebytes – Lessons from a real-life ransomware attack
Malwarebytes Ransomware attacks, despite dramatically increasing in frequency this summer, remain opaque for many potential victims. It isn’t anyone’s fault, necessarily, since news articles about ransomware attacks often focus on the attack,...
Cring ransomware continues assault on industrial organizations with aging applications, VPNs
A Sophos report attributed a recent Cring attack to hackers in Belarus and Ukraine. ZDNet The Cring ransomware group continues to make a name for itself...