News

Hackers have been using fake error logs to store ASCII characters disguised as hexadecimal values that decode to a malicious payload designed to prepare the ground for script-based attacks. The trick is part of a longer chain with intermediary PowerShell commands that ultimately delivers a script for reconnaissance purposes. MSP threat detection provider Huntress Labs discovered an attack scenario where a threat actor with persistence on a target machine tried to run an unusual trick to carry...

Hackers hijacked an Oxford email server to deliver malicious emails as part of a phishing campaign designed to harvest Microsoft Office 365 credentials from European, Asian, and Middle Eastern targets. The attackers also made use of domain hosted on an Adobe server and used by Samsung during 2018’s Cyber Monday event. By leveraging the reputable brands of Oxford University, Adobe, and Samsung within the same campaign, the threat actors' attacks had everything needed to bypass...

Australia is currently the target of a "sophisticated" cyber attack - and an unnamed foreign government is behind it. Scott Morrison, the country's prime minister, says the attacks have targeted all levels of the government - as well as political organisations, essential service providers and operators of other critical infrastructure. "We know it is a sophisticated state-based cyber actor because of the scale and nature of the targeting," he said at a news conference. Mr...

Spreading via poisoned Google search results, this new version of Mac’s No. 1 threat comes with added stealth. A fresh variant of the Shlayer Mac OSX malware with advanced stealth capabilities has been spotted in the wild, actively using poisoned Google search results in order to find its victims. According to researchers at Intego, the malware, like many malware samples before it, is purporting to be an Adobe Flash Player installer. However, it has its...

Microsoft report offers insight on how threat actors exploited COVID-19 across the globe. A report from the Microsoft Threat Protection Intelligence Team found that Covid-19-themed cyberattacks peaked in early March and are now trending significantly down. The report also noted that those attacks have been a drop in the bucket compared to overall threats observed over the last four months. The report, which examined how cyberattacks exploited the crisis, found that attackers used local lures and preyed on people’s...

Cisco today released security updates to address two high severity vulnerabilities found in the Cisco Webex Meetings Desktop App for Windows and macOS that could allow unprivileged attackers to run programs and code on vulnerable machines. Cisco Webex Meetings is an online meeting and video conferencing software that makes it easy to schedule and join meetings. The platform also provides presentation, screen sharing, and recording capabilities. The two vulnerabilities are tracked as CVE-2020-3263 and CVE-2020-3342, and they affect Cisco Webex Meetings Desktop...

A cyber espionage operation used fake job offers, sent via LinkedIn messages, to target employees at aerospace and military companies in Europe and the Middle East late last year, researchers from ESET have reported. The highly targeted campaign — dubbed Operation In(ter)ception (an allusion to one malware sample’s file name) — took place from September to December 2019, according to a company blog post and corresponding white paper by ESET researchers Dominik Breitenbacher and Kaspars Osis. Its primarily purpose was data gathering and...

The beautiful game is back on the pitch in the U.K. — and cyberattackers will be looking to take advantage of fans streaming the games. England’s Premier League is returning this week, with millions of soccer fans around the world looking to stream matches using their online video accounts, often to support their team or stay on top of their fantasy league points. Unfortunately, the U.K.’s National Cyber Security Centre (NCSC) is warning on phishing,...

In a series of data breach notifications, IT services giant Cognizant has stated that unencrypted data was most likely accessed and stolen during an April Maze Ransomware attack. Cognizant is one of the largest IT managed services company in the world with close to 300,000 employees and over $15 billion in revenue. As a managed service provider (MSP), Cognizant remotely manages many of its clients to fix issues, install patches, and monitor their security. On April...

  According to the latest figures, more than one in four or some 8.9 million workers have now been furloughed in the UK. It means, among other things, that a staggering amount of email inboxes are going unchecked - becoming a source of anxiety for employees and even gathering potential threats daily. In fact, a study conducted by Censuswide on behalf of KnowBe4 examined the attitudes of the British furloughed workforce regarding anxiety or stress,...