New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials
A recent wave of social media phishing schemes doubles down on aggressive scare tactics with phony account-abuse accusations to coerce victims into handing over their login details. Last week alone, Malwarebytes Labs uncovered two phishing scams, targeting Twitter and Discord (a voice, video, and text chat app). The Twitter phishing scam sends users a direct message (DM) flagging their account for use of hate speech and requesting the user authenticate the account to avoid a suspension. READ MORE...
Pro-Russian cybercriminals briefly DDoS Congress[.]gov
A pro-Russian cybercrime group attacked the Congress[.]gov web domain Thursday, resulting in temporary down time that "briefly affected public access," the Library of Congress told CyberScoop Friday. KillNet - a pro-Russian group that has launched a series of distributed denial-of-service attacks on targets around the world perceived as hostile to the Russian government - posted a video that included a 503 error page alongside an image of President Joe Biden. READ MORE...
Microsoft Reverses Course on Blocking Office Macros by Default
Several security experts expressed disappointment this week at Microsoft's quiet reversal Wednesday of a decision it had announced in February to disable Office macros in files from the Internet. Likely in response, Microsoft on Friday clarified that the rollback is only temporary while the company makes some additional changes to enhance usability. READ MORE...
Cisco Patches Critical Vulnerability in Enterprise Communication Solutions
Cisco this week announced the availability of patches for a critical vulnerability in the Cisco Expressway series and TelePresence Video Communication Server (VCS) products that could allow an attacker to overwrite files on the underlying operating system with root privileges. According to Cisco, the vulnerability impacts Expressway Control (Expressway-C) and Expressway Edge (Expressway-E) devices, which are meant to enable remote collaboration for both mobile users and teleworkers. READ MORE...
New 0mega ransomware targets businesses in double-extortion attacks
A new ransomware operation named '0mega' targets organizations worldwide in double-extortion attacks and demands millions of dollars in ransoms. 0mega (spelled with a zero) is a new ransomware operation launched in May 2022 and has attacked numerous victims since then. A ransomware sample for the 0mega operation hasn't yet been found, therefore there's not much information on how files are encrypted. READ MORE...
'Raspberry Robin' Windows Worm Abuses QNAP Devices
A recently discovered Windows worm is abusing compromised QNAP network-attached storage (NAS) devices as stagers to spread to new systems, according to Cybereason. Dubbed Raspberry Robin, the malware was initially spotted in September 2021, spreading mainly via removable devices, such as USB drives. In a May 2022 report, Red Canary noted that the malware primarily relies on msiexec.exe - the legitimate executable program of the Windows Installer. READ MORE...
New 'HavanaCrypt' Ransomware Distributed as Fake Google Software Update
Security researchers at Trend Micro have identified a new ransomware family that is being delivered as a fake Google Software Update application. Dubbed HavanaCrypt, the ransomware performs multiple anti-virtualization checks and uses a Microsoft web hosting service IP address for its command and control (C&C) server, which allows it to evade detection. READ MORE...
DoJ Charges CEO for Dealing $1B in Fake Cisco Gear
The US Department of Justice has charged a Florida man for running a massive scheme that sold more than $1 billion in fraudulent Cisco networking equipment to unsuspecting customers. Onur Aksoy of Miami, Fla., is accused of personally collecting millions off the scam, the DOJ said in a statement. The accused operated a company called "Pro Network Entities" that sold refurbished, rehabbed, and modified Cisco gear imported from China and Hong Kong. READ MORE...
Krebs on Security: Experian, You Have Some Explaining to Do
Twice in the past month KrebsOnSecurity has heard from readers who had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn't theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Research suggests identity thieves were able to hijack the accounts simply by signing up for new accounts at Experian using the victim's personal information and a different email address. READ MORE...
Sneaky Orbit Malware Backdoors Linux Devices
A sneaky malware for Linux is backdooring devices to steal data and can affect all the processes running on a particular machine, researchers have found. The malware, dubbed Orbit, is unlike other Linux threats in that it steals information from different commands and utilities and then stores them in specific files on the machine, researchers from security automation firm Intezer discovered. READ MORE...
- ...in 1656, Ann Austin and Mary Fisher become the first Quakers to immigrate to the American colonies when the ship carrying them lands at Boston.
- ...in 1804, Treasury Secretary Alexander Hamilton is shot and killed in a duel by his long-time political adversary, Vice President Aaron Burr.
- ...in 1914, in his major league debut, George Herman "Babe" Ruth pitches seven strong innings to lead the Boston Red Sox over the Cleveland Indians, 4-3.
- ...in 1979, five years after its last manned mission, parts of the Skylab space station re-enter Earth's atmosphere, crash-landing in Australia and the Indian Ocean.
