AWS EC2 North Virginia outage makes the net blippy
www.zdnet.com/article/aws-ec2-north-virginia-outage-makes-the-net-blippy/ Signal falls over while Xero and Nest got a bit iffy when the main AWS EC2 region had degraded performance.
FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor
www.microsoft.com/security/blog/2021/09/27/foggyweb-targeted-nobelium-malware-leads-to-persistent-backdoor/ NOBELIUM uses FoggyWeb to remotely exfiltrate the configuration database of compromised AD FS servers, decrypted token-signing certificate, and token-decryption certificate, as well as to download and execute additional components. Use of FoggyWeb has been observed in the wild as early as April 2021.
QNAP fixes critical bugs in QVR video surveillance solution
www.bleepingcomputer.com/news/security/qnap-fixes-critical-bugs-in-qvr-video-surveillance-solution/ Network-attached storage (NAS) maker QNAP has patched its QVR video management system against two critical-severity issues that could be exploited to run arbitrary commands.
Härski huijaus suomalaislehtien nimissä ilmoitukset täyttivät puhelimen
www.iltalehti.fi/tietoturva/a/75b9d9fb-2c56-4cf1-aace-81c916b3ee8d Uutissivustoja matkivat huijaussivustot yrittävät saada uhrin sijoitusansaan. Sivustolle voidaan ohjata esimerkiksi mainosten kautta.
Australians are losing over AU$6.6 million each month to cryptoscams
www.zdnet.com/article/australians-are-losing-over-au6-6-million-each-month-to-cryptoscams/ Losses related to cryptocurrency investment scams made up over a quarter of the total scams reported to the Australian Competition and Consumer Commission (ACCC) from the start of the year to the end of August.
A New Jupyter Malware Version is Being Distributed via MSI Installers
thehackernews.com/2021/09/a-new-jupyter-malware-version-is-being.html Cybersecurity researchers have charted the evolution of Jupyter, a .NET infostealer known for singling out healthcare and education sectors, which make it exceptional at defeating most endpoint security scanning solutions.
New Android Malware Steals Financial Data from 378 Banking and Wallet Apps
thehackernews.com/2021/09/new-android-malware-steals-financial.html The operators behind the BlackRock mobile malware have surfaced back with a new Android banking trojan called ERMAC that targets Poland and has its roots in the infamous Cerberus malware, according to the latest research.
Microsoft will disable Basic Auth in Exchange Online in October 2022
www.bleepingcomputer.com/news/microsoft/microsoft-will-disable-basic-auth-in-exchange-online-in-october-2022/ Microsoft announced that Basic Authentication will be turned off for all protocols in all tenants starting October 1st, 2022, to protect millions of Exchange Online users.
BloodyStealer and gaming assets for sale
securelist.com/bloodystealer-and-gaming-assets-for-sale/104319/ In this report, we take a closer look at threats linked to loss of accounts with popular video game digital distribution services, such as Steam and Origin. We also explore the kind of game-related data that ends up on the black market and the prices.