The attacks against Lithuania started on June 20. For the next 10 days, websites belonging to the government and businesses were bombarded by DDoS attacks, overloading them with traffic and forcing them offline. "Usually the DDoS attacks are concentrated on one or two targets and generate huge traffic," says Jonas Sakrdinskas, acting director of Lithuania's national cybersecurity center. But this was different. READ MORE...
A little social engineering and commercially available remote administration tools (RATs) and other software are all the new Luna Moth ransom group has needed to infiltrate victims' systems and extort payments. The threat group is essentially pulling off ransom attacks without the ransomware, according to researchers at Sygnia, who today published their findings on Luna Moth. READ MORE...
Microsoft is rolling back the February decision to block internet macros by default in Office so it can make the changes more user friendly, the company said in an update to an earlier blog post. Microsoft cited user feedback for the roll back. The change is temporary and Microsoft is "fully committed" to making the default change for all users, Kellie Eickmeyer, principal product manager at Microsoft, said in the blog. READ MORE...
Cybersecurity firm Emsisoft has released free decryptor tools for AstraLocker, a "smash-and-grab" ransomware family that was recently retired. Initially spotted in 2021, AstraLocker is a fork of Babuk ransomware, which had its source code leaked online in September 2021. A second major version of AstraLocker made an appearance in March 2022. READ MORE...
A new callback phishing campaign is impersonating prominent security companies to try to trick potential victims into making a phone call that will instruct them to download malware. Researchers at CrowdStrike Intelligence discovered the campaign because CrowdStrike is actually one of the companies, among other security firms, being impersonated, they said in a recent blog post. READ MORE...
A team of security researchers found that several modern Honda car models have a vulnerable rolling code mechanism that allows unlocking the cars or even starting the engine remotely. Called Rolling-PWN, the weakness enables replay attacks where a threat actor intercepts the codes from the keyfob to the car and uses them to unlock or start the vehicle. The researchers claim to have tested the attack on Honda models between 2021 and 2022. READ MORE...
Can attackers create a face mask that would defeat modern facial recognition (FR) systems? A group of researchers from from Ben-Gurion University of the Negev and Tel Aviv University have proven that it can be done. "We validated our adversarial mask's effectiveness in real-world experiments (CCTV use case) by printing the adversarial pattern on a fabric face mask. In these experiments, the FR system was only able to identify 3.34% of the participants wearing the mask." they noted. READ MORE...