Cyber security week in review: July 15, 2022
The cyber security world in brief: 10,000 organizations fell victims of a large-scale phishing campaign, hackers impersonate cybersecurity companies to distribute malware, and more.
Cybersecurity News - Page 246
10,000 organizations targeted in a large-scale AiTM phishing campaign
According to Microsoft, the attackers have been hijacking Office 365's authentication process.
Retbleed: New Spectre variant that affects AMD and Intel chips
Malware already presented on a compromised machine can exploit Retbleed to obtain sensitive data from the kernel memory.
Microsoft fixed zero-day vulnerability in Windows
Redmond fixed 84 vulnerabilities as part of July Patch Tuesday.
New HavanaCrypt ransomware poses as Google Software Update
HavanaCrypt doesn’t drop a ransom note on a target system, suggesting that the tool is still under development.
Cryptocurrency miners abusing GitHub Actions and Azure virtual machines
Researchers identified at least 1,000 repositories and over 550 code samples that abuse GHAs for cryptocurrency mining.
Ransomware gangs are making it easier for buyers to search for stolen files on data leak websites
At least two ransomware operations and one extortion group have adopted a new strategy to force victims to pay for not leaking the stolen files.
Hackers impersonate cybersecurity companies to trick victims into installing malware
The threat actors will likely use ransomware to monetize their operation.
Data on over 1 billion Chinese was leaked due to unprotected Kibana instance
By June 26, at least four different groups accessed the cluster.
Hacker stole personal info of 23 million Mangatoon users
The database was downloaded from Mangatoon’s Elasticsearch server that was protected with a weak password.
Showing elements 2451 - 2460