FBI and CISA Warn of State Hackers Exploiting Critical Zoho Bug

in #malware3 years ago

New Malware Uses Windows Subsystem for Linux for Stealthy Attacks

Security researchers have discovered malicious Linux binaries created for the Windows Subsystem for Linux (WSL), indicating that hackers are trying out new methods to compromise Windows machines.


Source: https://QUE.com

The finding underlines that threat actors are exploring new methods of attack and are focusing their attention on WSL to evade detection.

continue reading: https://www.bleepingcomputer.com/news/security/new-malware-uses-windows-subsystem-for-linux-for-stealthy-attacks/

FBI and CISA Warn of State Hackers Exploiting Critical Zoho Bug
The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) today warned that state-backed advanced persistent threat (APT) groups are actively exploiting a critical flaw in a Zoho single sign-on and password management solution since early August 2021.

Zoho’s customer list includes “three out of five Fortune 500 companies,” including Apple, Intel, Nike, PayPal, HBO, and many more.

continue reading: https://www.bleepingcomputer.com/news/security/fbi-and-cisa-warn-of-state-hackers-exploiting-critical-zoho-bug/

How to Fix Printers Asking for Admins Creds after PrintNightmare Patch
Some printers will request administrator credentials every time users try to print in Windows Point and Print environments due to a known issue caused by KB5005033 or later security updates addressing the PrintNightmare vulnerability.

This happens because, after installing these PrintNightmare patches, only administrators are allowed to install or update drivers via Point and Print.

continue reading: https://www.bleepingcomputer.com/news/microsoft/how-to-fix-printers-asking-for-admins-creds-after-printnightmare-patch/

Microsoft Asks Azure Linux Admins to Manually Patch OMIGOD Bugs
Microsoft has issued additional guidance on securing Azure Linux machines impacted by recently addressed critical OMIGOD vulnerabilities.

The four security flaws (allowing remote code execution and privilege escalation) were found in the Open Management Infrastructure (OMI) software agent silently installed on more than half of Azure instances.

continue reading: https://www.bleepingcomputer.com/news/microsoft/microsoft-asks-azure-linux-admins-to-manually-patch-omigod-bugs/

Open Source Cyberattacks Increasing by 650%, Popular Projects More Vulnerable
Sonatype released a report that revealed continued strong growth in open source supply and demand dynamics. Further, with regard to open source security risks, the report reveals a 650% year over year increase in supply chain attacks aimed at upstream public repositories, and a fascinating dichotomy pertaining to the level of known vulnerabilities present in popular and non-popular project versions.

Based on survey responses collected from 702 software engineering professionals, the research observes a fundamental disconnect between people’s subjective beliefs about software chain management practices, and objective results as measured across 100,000 applications.

continue reading: https://www.helpnetsecurity.com/2021/09/17/open-source-cyberattacks/

Cyberattacks Against the Aviation Industry Linked to Nigerian Threat Actor
Researchers have unmasked a lengthy campaign against the aviation sector, beginning with the analysis of a Trojan by Microsoft.

The ransomware threat is growing: What needs to happen to stop attacks getting worse? (ZDNet YouTube)

On May 11, Microsoft Security Intelligence published a Twitter thread outlining a campaign targeting the “aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT.”

continue reading: https://www.zdnet.com/article/cyberattacks-against-the-aviation-industry-that-flew-under-the-radar-linked-to-nigerian-threat-actor/

Romance Scammers Make $133m in First Half of 2021
Over $133m has already been lost this year to romance scams, with victims increasingly urged to invest in fraudulent cryptocurrency opportunities, according to the FBI.

A new Public Service Announcement was published yesterday revealing that the FBI Internet Crime Complaint Center (IC3) received over 1,800 complaints from January 1 to June 31 this year, resulting in soaring losses for victims.

Victims are typically approached on dating and social media sites, where the scammer establishes a relationship with them designed to build confidence. In time, the scammer will share information on a new cryptocurrency investment or trading opportunity, which is claimed to generate significant profits, according to the FBI.

continue reading: https://www.infosecurity-magazine.com/news/romance-scammers-make-133m-in/

How Attackers Invest in Cloud-Focused Cybercrime
Attackers appear to be in lockstep with enterprise organizations in the march to the cloud — but with an entirely different set of objectives, research shows.

For most organizations, the cloud is about improved flexibility, scalability, and cost-effectiveness. For cybercriminals, it’s an environment abundant with poorly secured enterprise data, applications, and other online assets.

continue reading: https://www.darkreading.com/cloud/How-attackers-invest-in-cloud-focused-cybercrime

Read more Cyber Security News at https://que.com/tag/cybersecurity/

Thank you for reading and stay safe.
@yehey [ Witness ]


Posted via Onlinebuzz.com