InfoSec Articles (02/13/24 – 02/27/24)

[ad_1]

Welcome to our biweekly cybersecurity roundup. In these weblog posts, we function curated articles and insights from consultants, offering you with invaluable info on the most recent cybersecurity threats, applied sciences, and finest practices to maintain your self and your group protected. Whether or not you’re a cybersecurity skilled or a involved particular person, our biweekly weblog put up is designed to maintain you knowledgeable and empowered.

For extra articles, take a look at our #onpatrol4malware weblog.

LockBit ransomware returns, restores servers after police disruption

Supply: BLEEPING COMPUTER

On Saturday, LockBit introduced it was resuming the ransomware enterprise and launched injury management communication admitting that “private negligence and irresponsibility” led to regulation enforcement disrupting its exercise in Operation Cronos. Learn extra.

A Cyber Assault Hit The Royal Canadian Mounted Police

Supply: Safety Affairs

The Canadian authorities declared that two of its contractors, Brookfield International Relocation Providers (BGRS) and SIRVA Worldwide Relocation & Transferring Providers, have been hacked, ensuing within the publicity of delicate info belonging to an undisclosed variety of authorities staff. Learn extra.

Russian hackers shift to cloud assaults, US and allies warn

Supply: BLEEPING COMPUTER

APT29’s preliminary cloud breach vectors additionally embody the usage of stolen entry tokens that allow them to hijack accounts with out utilizing credentials, compromised residential routers to proxy their malicious exercise, MFA fatigue to bypass multi-factor authentication (MFA), and registering their very own gadgets as new gadgets on the victims’ cloud tenants. Learn extra.

Attackers exploiting ConnectWise ScreenConnect flaws, fixes accessible for all customers (CVE-2024-1709, CVE-2024-1708)

Supply: HELP NET SECURITY

ConnectWise shared the existence of the 2 flaws on Monday (February 19), when it stated that they’ve been reported by means of their vulnerability disclosure channel through the ConnectWise Belief Middle, and urged clients which might be self-hosted or on-premise to replace their servers to model 23.9.8 as quickly as attainable. Learn extra.

Feds take away Ubiquiti router botnet utilized by Russian intelligence

Supply: SC Media

The botnet was constructed by cybercriminals exterior the GRU who initially put in Moobot malware on Ubiquiti Edge OS routers that could possibly be compromised as a result of they used publicly recognized default administrator passwords. Learn extra.

Earth Preta Marketing campaign Makes use of DOPLUGS to Goal Asia

Supply: TREND MICRO

On this weblog entry, we deal with the Earth Preta marketing campaign, offering an evaluation of the DOPLUGS malware variant that the group used, together with backdoor command habits, integration with the KillSomeOne module, and its evolution. Learn extra.

Migo – a Redis Miner with Novel System Weakening Strategies

Supply: CADO

The malware, named Migo by the builders, goals to compromise Redis servers for the aim of mining cryptocurrency on the underlying Linux host. Learn extra.

Astaroth, Mekotio & Ousaban abusing Google Cloud Run in LATAM-focused malware campaigns

Supply: CISCO TALOS

We have now noticed proof that the distribution campaigns for these malware households are associated, with Astaroth and Mekotio being distributed below the identical Google Cloud Venture and Google Cloud storage bucket. Ousaban can be being dropped as a part of the Astaroth an infection course of. Learn extra.

How BRICS Acquired “Rug Pulled” – Crypto Counterfeiting Is On The Rise

Supply: Resecurity

A notable instance of this misleading follow is the emergence of a counterfeit token named ‘BRICS’ not too long ago detected by Resecurity, which exploited the deal with the funding curiosity and potential enlargement of the BRICS intergovernmental group, comprising nations like Brazil, Russia, India, China, South Africa, Egypt, Ethiopia, Iran, and the United Arab Emirates. Learn extra.

Meta Warns of 8 Spyware and adware Companies Focusing on iOS, Android, and Home windows Units

Supply: The Hacker Information

These companies, per Meta, additionally engaged in scraping, social engineering, and phishing exercise that focused a variety of platforms equivalent to Fb, Instagram, X (previously Twitter), YouTube, Skype, GitHub, Reddit, Google, LinkedIn, Quora, Tumblr, VK, Flickr, TikTok, SnapChat, Gettr, Viber, Twitch, and Telegram. Learn extra.

The put up InfoSec Articles (02/13/24 – 02/27/24) appeared first on Malware Patrol.

[ad_2]

Lascia un commento

Il tuo indirizzo email non sarà pubblicato. I campi obbligatori sono contrassegnati *

Consuleria is a leading provider of digital forensic investigations, cybersecurity, and data protection services. Our team of experts has the skills and experience to conduct investigations on both a national and international scale, including support for homeland security efforts.

Consuleria is committed to providing the highest level of security for its clients. We offer a comprehensive range of services, including security assessment and penetration testing, all of which are conducted in accordance with the highest industry standards.

 

Useful Links

Contact Us

Legal Headquarter:
Via Papa Giovanni XXIII Albenga (Sv) – ITALY
Phone: +39 393 33 58 136
Email (general): info [at] consuleria [dot] com
Email (legal): legal.office[at] consuleria [dot] com
Email (administration): amministrazione [at] consuleria [dot] com

2023 © All Rights Reserved. Privacy Policy   – P.Iva IT01871640098