TRICKBOT DELIVERY METHOD GETS A NEW UPGRADE FOCUSING ON WINDOWS 10
Meet the white-hat group fighting Emotet, the world’s most dangerous malware
www.zdnet.com/article/meet-the-white-hat-group-fighting-emotet-the-worlds-most-dangerous-malware/#ftag=RSSbaffb68 A private group of 20+ security researchers and system administrators have been waging a silent war against Emotet, today’s most dangerous malware operation.
TA505 hacking crew spent much of 2019 trying to breach South Korea’s financial sector
www.cyberscoop.com/ta505-south-korea-bank-phishing/ A gang of hackers with a long history of financially motivated attacks increased its targeting of businesses in South Korea last year, using a combination of malicious attachments and ransomware to haunt victims, according to new findings.
US Railroad Contractor Reports Data Breach After Ransomware Attack
www.bleepingcomputer.com/news/security/us-railroad-contractor-reports-data-breach-after-ransomware-attack/ RailWorks Corporation, one of North Americas leading railroad track and transit system providers, disclosed a ransomware attack that led to the exposure of personally identifiable information of current and former employees, their beneficiaries and dependents, as well as that of independent contractors.
The Long Path out of the Vulnerability Disclosure Dark Ages
www.wired.com/story/vulnerability-disclosure-bug-bounties/ Letting a company know about flaws in their products has gotten easier since 2003but not by much.
Domen toolkit gets back to work with new malvertising campaign
NVIDIA Fixes High Severity Flaw in Windows GPU Display Driver
www.bleepingcomputer.com/news/security/nvidia-fixes-high-severity-flaw-in-windows-gpu-display-driver/ NVIDIA has released a GPU display driver security update today, February 28, 2020, that fixes high and medium severity vulnerabilities that might lead to code execution, local escalation of privileges, information disclosure, and denial of service on unpatched Windows computers.
Käytätkö Windows-konettasi järjestelmänvalvojana? Näin luot itsellesi turvallisemman tilin
www.tivi.fi/uutiset/kaytatko-windows-konettasi-jarjestelmanvalvojana-nain-luot-itsellesi-turvallisemman-tilin/de2ebb88-5fba-4a42-b724-93215b9ab1b9 Tietokoneen käyttö on myös turvallisempaa, kun oma käyttäjä ei ole järjestelmänvalvoja. Uuden tietokoneen käyttöönoton yhteydessä kannattaa järjestelmänvalvojan lisäksi tehdä itselle peruskäyttäjätili, jolla ei ole järjestelmänvalvojan oikeuksia. Tällöin mahdolliset haittaohjelmat eivät voi itsestään rellestää tietokoneella, vaan laajoja oikeuksia vaativissa . Kommentti: Tilaajille
Hazelcast IMDG Discover Scan
isc.sans.edu/forums/diary/Hazelcast+IMDG+Discover+Scan/25850/ Today my honeypot has been capturing scans for the Hazelcast REST API. I checked my logs for the past 2 years and these only started today. The last vulnerability published for Hazelcast was CVE-2018-10654 and related to “There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.”