Microsoft and threat intelligence company RiskIQ reported finding links between the exploitation of a recently patched Windows zero-day vulnerability and known ransomware operators.
Source: Read More (SecurityWeek RSS Feed)
You might be interested in …
[SANS ISC] Why is my Honeypot a Russian Certificate Authority?, (Mon, May 16th)
Last night, I noticed a lot of requests to one of our honeypots for “/ocsp.srf” and “/itcom2020/ocsp.srf”. The requests all looked very similar: GET /itcom2020/ocsp.srf HTTP/1.1 User-Agent: fasthttp Host: service.itk23.ru GET /ocsp/ocsp.srf HTTP/1.1 User-Agent: fasthttp Host: uc.ktkt.ru The same source IP also attempted CONNECT requests to these hostnames, indicating that they may be looking for […]
[SecurityWeek] U.S. Government Issues Warning Over Commercial Surveillance Tools
The U.S. State Department and the National Counterintelligence and Security Center (NCSC) on Friday issued a warning over the use of commercial surveillance tools. read more Source: Read More (SecurityWeek RSS Feed)
[HackerNews] LAPSUS$ Claims to Have Breached IT Firm Globant; Leaks 70GB of Data
The LAPSUS$ data extortion gang announced their return on Telegram after a week-long “vacation,” leaking what they claim is data from software services company Globant. “We are officially back from a vacation,” the group wrote on their Telegram channel – which has nearly around 54,000 members as of writing – posting images of extracted data […]