Russian "hacktivists" are causing trouble far beyond Ukraine
The attacks against Lithuania started on June 20. For the next 10 days, websites belonging to the government and businesses were bombarded by DDoS attacks, overloading them with traffic and forcing them offline. "Usually the DDoS attacks are concentrated on one or two targets and generate huge traffic," says Jonas Sakrdinskas, acting director of Lithuania's national cybersecurity center. But this was different. READ MORE...
'Luna Moth' Group Ransoms Data Without the Ransomware
A little social engineering and commercially available remote administration tools (RATs) and other software are all the new Luna Moth ransom group has needed to infiltrate victims' systems and extort payments. The threat group is essentially pulling off ransom attacks without the ransomware, according to researchers at Sygnia, who today published their findings on Luna Moth. READ MORE...
Microsoft rollback on macro blocking in Office sows confusion
Microsoft is rolling back the February decision to block internet macros by default in Office so it can make the changes more user friendly, the company said in an update to an earlier blog post. Microsoft cited user feedback for the roll back. The change is temporary and Microsoft is "fully committed" to making the default change for all users, Kellie Eickmeyer, principal product manager at Microsoft, said in the blog. READ MORE...
Free Decryptors Released for AstraLocker Ransomware
Cybersecurity firm Emsisoft has released free decryptor tools for AstraLocker, a "smash-and-grab" ransomware family that was recently retired. Initially spotted in 2021, AstraLocker is a fork of Babuk ransomware, which had its source code leaked online in September 2021. A second major version of AstraLocker made an appearance in March 2022. READ MORE...
'Callback' Phishing Campaign Impersonates Security Firms
A new callback phishing campaign is impersonating prominent security companies to try to trick potential victims into making a phone call that will instruct them to download malware. Researchers at CrowdStrike Intelligence discovered the campaign because CrowdStrike is actually one of the companies, among other security firms, being impersonated, they said in a recent blog post. READ MORE...
Hackers can unlock Honda cars remotely in Rolling-PWN attacks
A team of security researchers found that several modern Honda car models have a vulnerable rolling code mechanism that allows unlocking the cars or even starting the engine remotely. Called Rolling-PWN, the weakness enables replay attacks where a threat actor intercepts the codes from the keyfob to the car and uses them to unlock or start the vehicle. The researchers claim to have tested the attack on Honda models between 2021 and 2022. READ MORE...
Researchers defeat facial recognition systems with universal face mask
Can attackers create a face mask that would defeat modern facial recognition (FR) systems? A group of researchers from from Ben-Gurion University of the Negev and Tel Aviv University have proven that it can be done. "We validated our adversarial mask's effectiveness in real-world experiments (CCTV use case) by printing the adversarial pattern on a fabric face mask. In these experiments, the FR system was only able to identify 3.34% of the participants wearing the mask." they noted. READ MORE...
- ...in 1862, the Medal of Honor is established by President Lincoln.
- ...in 1895, architect and engineer Buckminster Fuller, best-known for popularizing the geodesic dome, is born in Milton, MA.
- ...in 1962, the Rolling Stones make their first public appearance with a gig at London's Marquee Club.
- ...in 1967, President Eisenhower becomes the first U.S. President to travel by helicopter.
