Do Not Exchange! It has a Shell Inside
www.deepinstinct.com/blog/do-not-exchange-it-has-a-shell-inside Threat Researchers recently discovered several new Microsoft Exchange vulnerabilities in ProxyShell that allow attackers to gain remote-code execution capabilities. While these vulnerabilities were disclosed to Microsoft and mostly patched prior to the technical details of the vulnerabilities becoming public, many Exchange servers were left unpatched and have since been compromised.
Windows 10, iOS 15, Ubuntu, Chrome fall at China’s Tianfu hacking contest
therecord.media/windows-10-ios-15-ubuntu-chrome-fall-at-chinas-tianfu-hacking-contest/ Chinese security researchers took home $1.88 million after hacking some of the world’s most popular software at the Tianfu Cup, the country’s largest and most prestigious hacking competition. The contest, which took place over the weekend of October 16 and 17 in the city of Chengdu, was won by researchers from Chinese security firm Kunlun Lab, who took home $654, 500, a third of the total purse.
Welcome to Britain, the bank scam capital of the world
www.reuters.com/world/uk/welcome-britain-bank-scam-capital-world-2021-10-14/ A British record of 754 million pounds ($1 billion)was stolen in the first six months of this year, up 30% from the same period in 2020, according to data from banking industry body UK Finance, and up more than 60% from 2017, when it began compiling the figures.
Brazilian insurance giant Porto Seguro hit by cyberattack
www.zdnet.com/article/brazilian-insurance-giant-porto-seguro-hit-by-cyberattack/#ftag=RSSbaffb68 One of Brazil’s largest insurance groups, Porto Seguro has reported it suffered a cyberattack that resulted in instability to its service channels and some of its systems.
Attackers Are Taking Advantage of the Open-Source Service Interactsh for Malicious Purposes
unit42.paloaltonetworks.com/exploits-interactsh/ Recently, Unit 42 has observed active exploits related to an open-source service called Interactsh. This tool can generate specific domain names to help its users test whether an exploit is successful. It can be used by researchers but also by attackers to validate vulnerabilities via real-time monitoring on the trace path for the domain.
Defining Cobalt Strike Components So You Can BEA-CONfident in Your Analysis
www.mandiant.com/resources/defining-cobalt-strike-components Cobalt Strike is a commercial adversary simulation software that is marketed to red teams but is also stolen and actively used by a wide range of threat actors from ransomware operators to espionage-focused Advanced Persistent Threats (APTs).
Virus Bulletin: Old malware never dies it just gets more targeted
www.welivesecurity.com/2021/10/15/virus-bulletin-old-malware-never-dies-gets-more-targeted/ Virus Bulletin this year brought a fresh batch of amped-up, refreshed malware with lots more horsepower and devilish amounts of custom-tailored targeting. From singled-out political activist individual targets to regionalized targets, malware’s aim is getting better
Twitter suspends two accounts used by DPRK hackers to catfish security researchers
therecord.media/twitter-suspends-two-accounts-used-by-dprk-hackers-to-catfish-security-researchers/ Twitter has suspended today two accounts operated by North Korean government hackers and used as part of a clever plot to attract security researchers to malicious sites and infect their systems with malware.
Talvirenkaista oli tulla iso lasku: Tori.fi:n myyjiä huijataan uudella tavalla
www.is.fi/digitoday/tietoturva/art-2000008332890.html Suomalaisten paljon käyttämä verkon kauppapaikka Tori.fi on myös rikollisten suosiossa. Vanhastaan tunnettu vitsaus ostajien petkuttamisesta on saanut rinnalleen huijauksia, joissa kohteena ovat nimenomaan myyjät.